Cyber Defense eMagazine July 2020 Edition
Cyber Defense eMagazine July Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine July Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
200-300 million for Q3 2017.17 More specifically, navigation systems such as the Electronic Chart<br />
Display (ECDIS) are very vulnerable and have also been hit with different attacks being reported in Asia.<br />
According to the maritime technical lead at cyber security firm NCC Group, "Ecdis systems pretty much<br />
never have anti-virus".18<br />
Pyongyang Hackers are Smart<br />
Both of the military vessels involved in collisions, the USS Fitzgerald and the USS John S. McCain, are<br />
guided missile destroyers equipped with the Aegis Ballistic Missile <strong>Defense</strong> System (BMDS), which is a<br />
system allowing the interception of an ICBM (Intercontinental Ballistic Missile), the ones that are currently<br />
being tested by North Korea and usually equipped with one or multiple nuclear warheads. An ICBM has<br />
four phases: boost, post-boost/ascent, midcourse and terminal (reentry in the atmosphere). The Aegis<br />
BMDS aims at destroying an ICBM during the post-boost/ascent phase (before the missile leaves earth’s<br />
atmosphere).<br />
The Lazarus hacking group, famous for the Sony breach in 2014 and allegedly linked to North Korea,<br />
targets individuals associated with U.S. defense contractors with the same tools and tactics of the Sony<br />
breach. This time, the phishing emails display fake job listings and companies’ internal policies.19 Some<br />
jobs listed were for the US (Terminal High Altitude Area <strong>Defense</strong>) THAAD system, which is a BMDS and<br />
intercept an ICBM in its terminal phase (after the missile re-enters in the atmosphere).<br />
Therefore, if the four U.S. Navy collisions in Asian waters are due to a cyberattack, the explanation could<br />
be that the North Korean government is attempting to infiltrate the U.S. military system to be able to<br />
collect information on the full spectrum of BMDS and, at best, disrupt the defense systems against its<br />
ICBM. On the diplomatic side, it could be a strong message sent to the US and its Asian allies assuring<br />
them that Pyongyang has serious capabilities and that it would be better to negotiate with it than escalate<br />
tensions.<br />
This strategy is part of a general trend in APT (Advanced Persistent Threats), long-term targeted specific<br />
cyberattacks mixing a combination of social engineering, cyberweapons, and vectors to get inside<br />
networks, instead of hacking directly the big fish such as the Department of <strong>Defense</strong> or a big player in<br />
weapons (Aegis, Boeing, Lockheed Martin, etc.), hackers will target a third party working for these targets.<br />
Indeed, their cybersecurity posture will be lower than a critical administration or company with<br />
technologies and processes in places regarding cyberdefense, and with aware employees towards<br />
phishing campaigns.<br />
17<br />
MIMOSO Michael. “MAERSK Shipping Reports $300M Loss Stemming from NotPetya Attack”, Threatpost, Aug 16, 2017<br />
https://threatpost.com/maersk-shipping-reports-300m-loss-stemming-from-notpetya-attack/127477/<br />
18<br />
BARANIUK Chris. “How hackers are targeting the shipping industry”, BBC, Aug 18, 2017<br />
http://www.bbc.com/news/technology-40685821<br />
19<br />
BARTH Bradley. “Lazarus Group tied to new phishing campaign targeting defense industry workers”, SC Media, Aug 14, 2017<br />
https://www.scmagazine.com/lazarus-group-tied-to-new-phishing-campaign-targeting-defense-industry-workers/article/681701/<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> –<strong>July</strong> <strong>2020</strong> <strong>Edition</strong> 89<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.