Attack of the Cyber Vampires–phishing at the White House
OK — my apologies up front for the headline but the analogy is too apt not to use. In Bram Stoker’s 1897 book Dracula, there’s a famous scene where Dracula is outside a castle window looking into the character Mina’s bedroom. He uses his powers to wake her from an erotic dream and still in a trance she walks to the window. Dracula is pretty happy because the only way a vampire can enter the castle is by being invited and Mina’s the best looking woman in Transylvania at the moment. Of course we all know that beguiled by Dracula, she opens the window and that’s his invitation to enter. We all know what happens next; lots of blood, torches and pitchforks, etc. etc.
It’s hard to imagine some form of social engineering in 1897. The way the vampire phishes for his victim’s blood isn’t far from the way the cyber criminals phish victims for data. Every organization (commercial or civilian) has a Mina that can be phished and tempted to open the window. No amout of cyber vampire awareness training would have made a difference. There are too many cyber vampires everywhere that aim to suck data from the organization. Lately, for the government the cyber vampires seem to be from Russia.
The CNN article on-line, How the U.S. Thinks Russians Hacked the Whitehouse is a case study in how cyber vampires get permission for victims to enter the network using credentials and steal valuable data (the life blood of the organization). According to the article, “…investigators believe the White House intrusion began with a phishing email that was launched using a State Department email account that the hackers had taken over, according to the U.S. officials.” The phish was the Russians asking Mina to open the window to gain access to the data.
The right “Mina” in this case is the one that had access to, “…real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies…” Of course there was another Mina at the State Department who likely assisted the cyber Dracula, and was turned into an unwitting ally to help him suck data out of the White House. As was stated in the CNN article, “Russian hackers behind the damaging cyber intrusion of the State Department in recent months used that perch to penetrate sensitive parts of the White House computer system.”
Your cyber defenses can’t stop Mina from opening that window and letting Dracula in, but once inside, user behavior intelligence becomes that next layer of defense that can detect a compromised Mina’s movements and expose her (and ultimately his to the sunlight. Please see my blog for information on the State Department Breach and how user behavior intelligence detects cyber vampires and their proxy vampires.
The New CISO Podcast: Management Tools
Exabeam News Wrap-up – Week of June 13, 2022
Exabeam in Action: Stopping Lapsus$ in Their Tracks
Ransomware: Bigger, Better, and Still Going Strong
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!