CyberheistNews Vol 6 #27 Intel Thinks "Antivirus Is S#!+" And Dumps Useless McAfee

CyberHeist News CyberheistNews Vol 6 #27
Intel Thinks "Antivirus Is S#!+" And Dumps
Useless McAfee
Stu Sjouwerman

Remember that in a gray past, Intel had an antivirus product called Intel LanDesk Virus Protect? Well, that product got acquired by Symantec in 1998, and Intel must have thought "good riddance".

Apparently Intel's institutional knowledge got lost or was disregarded. Another CEO took the reigns 12 years later and in 2010 surprised everyone by acquiring Symantec's arch-rival McAfee for over 7.6 billion dollars, seemingly expecting a lift from the hot security market.

Well, that only happens when you buy the right product. The plan was to embed cybersecurity functionality on Intel chips but that was never completed. After rebranding McAfee to Intel Security (we all know why!) and six years of disappointing results, the Silicon Valley Business Journal reports that Intel's CEO Brian Krzanich thinks antivirus is S#!+ after all and is planning to sell of that unit.

They quoted the Financial Times saying Intel has been talking to bankers about the future of its cyber security unit in a deal that would be one of the largest in the sector, according to people close to the discussions.

Intel's Krzanich announced plans in April to slash 12,000 jobs as he pushes to refocus the business he took charge of last year. He is concentrating on chips for data centers (cloud) and the Internet of Things and moving away from the long-declining personal computer business.

Graham Cluley commented: "Leave it another 12 years, and who knows if Intel will be tempted to buy into the computer security business again? I guess if they do they'll be hoping it's a case of third time lucky."

Antivirus is getting increasingly useless these days. Ransomware attacks in many cases sail right through all the filters because they rely on social engineering the end-user and contain no malware in either the body or the attachment. The bad guys can easily find the email addresses of your users, called your "phishing attack surface".

Want to see how big your phishing attack surface is? How many of your email addresses can be found by the bad guys on the Internet, and used for a ransomware attack? Get a one-time complimentary Email Exposure Check (EEC) here:

Wow, The Bad Guys Are Moving Fast With
CEO Fraud!

Here is an excellent short example, with the "lesson learned" at the end.

KnowBe4 is expanding rapidly, we now have 120 employees and late May we hired a new controller to help out our very busy CFO. Part of the KnowBe4 onboarding is getting through our internal training line-up and then updating your LinkedIn profile, so that happened in the last few weeks.

So guess what, our new controller Camille walks up to me and asks: "Did you need me for anything? Did you send me an email?" I'm looking at her somewhat puzzled and say: "No?" She answers: "In that case I just got spoofed."

My obvious first reaction was that our CISO was sending her a phishing security test, as she is a high-risk employee in Accounting. But rather being safe than sorry, I got interested, walked up to her desk and had a look at the two emails she just received, one at 12:23 pm and the second one at 1:30 pm.

I had a look at the headers. Lo and behold, this was a real CEO Fraud attempt, just a few weeks after she had updated her LinkedIn account. There would have been no other online way to get that information so fast.

The bad guys apparently have this somewhat automated, and get alerts when a new target starts working at a company they are interested in. However, they did not do enough of their homework, apparently they did not bother to find out that KnowBe4's business is training employees to make smarter security decisions.

Obviously we step employees through our own security awareness training, our new Controller did not reply and spotted the CEO Fraud attack right away.

Lesson learned

Make sure that you step high-risk employees in Accounting, HR, C-level execs and anyone that handles confidential information through their awareness training as an *early* part of their onboarding procedure!

Here is the blog post with screen shots. Want to get these posts in your inbox the moment they get published? Subscribe to the KnowBe4 Blog:

IT Pros: Half Of Our CEOs Fall Victim To Phishing Scams

Executive boards need better cyber security training, given half of C-level execs fall victim to phishing attacks, according to research conducted by security firm AlienVault. Their research found that 82% of IT security professionals worry that their high-ranking executives are still vulnerable to phishing scams.

Despite such concerns only 45% provide cyber security training to all their employees including the executive board, while 20% do not conduct any training and instead tackle the fallout of such cyber attacks when they occur, and rely just on their existing filters to protect employees.

Javvad Malik, security advocate at AlienVault, stated: "The challenge that lies here is two-fold:

• Firstly, most phishing scams that target execs are well-crafted and researched. Similar-looking domains are registered and execs are carefully researched.

• Secondly, many execs have personal assistants who manage their day-to-day operations and who are often more susceptible to social engineering techniques."

AlienVault’s research also found that 45 per cent of IT professionals thought it was likely their organization would pay the ransom demands if their network was infected by ransomware, often caused by a successful phishing attack.

This is practically the same result as a recent KnowBe4 study which showed when confronted with a scenario where backups have failed and weeks of work might be lost, 42% would begin with paying the 500 dollar ransom and hope for the best.

Links, more data, and a very relevant Dilbert cartoon here. :-)

Don’t Miss The July Live Demo: New-School Security Awareness Training

Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. Old-school security awareness training doesn’t hack it anymore. More than ever, your users are the weak link in your network security.

Join us on Wednesday, July 13, 2016, at 2:00 p.m. (EDT) for a 30-minute live product demonstration of the innovative Kevin Mitnick Security Awareness Training Platform to see the latest features and how easy it is to train and phish your users:

    • Send Phishing Security Tests to your users and get your Phish-prone percentage.
    • Roll out Training Campaigns for all users (or groups) with automated follow-up emails to “nudge” incomplete users, as well as point-of-failure training auto-enrollment.
    • Advanced Reporting to watch your Phish-prone percentage drop, with great ROI.
    • NEW EZXploit™ functionality that allows an internal, fully automated "human pentest”.

    • NEW USB Drive Test™ allows you to test your user’s reactions to unknown USBs found.

Find out how thousands of organizations have mobilized their end-users as their first line of defense:
Register Now:

Warm Regards,
Stu Sjouwerman

Quotes Of The Week

"The ultimate value of life depends upon awareness and the power of contemplation rather than upon mere survival."- Aristotle

"The key to growth is the introduction of higher dimensions of consciousness into our awareness."- Lao Tzu

Thanks for reading CyberheistNews

Security News
How Cyber Attackers Fool Your Employees – And How To Stop Them

Protecting your enterprise data is often referred to as a technology issue, but most cyber attacks begin by fooling a user into doing something, such as unknowingly downloading malware or giving up security credentials. This “social engineering” is the most common way that an online attacker will gain access to your business – and the hardest to defend against, because it exploits everyday human weaknesses, rather than technical vulnerabilities.

How do attackers fool your employees via email, Web, phone, and onsite? What are some of the latest methods they use to trick users and employees into breaking security policy? And most importantly, what can your organization do to keep its employees from being taken in?

In this informative Dark Reading webcast, top experts on social engineering will answer these questions and many more. You’ll learn about current social engineering methods and the “human” threats posed by online and physical attackers. You’ll also get insight on how your organization can train and test its users and employees to recognize and turn away these social engineering exploits – before they compromise your business.

KnowBe4 has a channel on BrightTALK and the most recent DarkReading webinar is now available here:

[SLIDESHOW] 14 Ways A Cyberattack Hits Your Bottom Line: Total Cost Of A Hack

What is the true cost of a data breach? After analyzing a health plan breach, research firm Deloitte says the toll of a cyberheist is significantly underestimated. The firm in a report cites 14 factors that could have a significant impact on your organization and affect its financial stability.

This is excellent ammo to get more InfoSec budget. It that breaks out above the surface and below the surface costs. This is the link to the slideshow:

27% Of 3Rd Party Apps Are Risky

Tampa's ABC ActionNews James Tully gave me a call and asked if I wanted to be interviewed regarding the security implications of 3rd party apps on smartphones. I was interested and said yes. They sent me a study by CloudLock that goes into great detail what apps are asking for excessive access to confidential data. Here is a 2-minute TV segment with the interview.

If you have policy allowing BYOD, you should read the report:

MSP Security Portfolios: How To Offer Security Awareness Training

Expand your MSP security portfolio by offering security awareness training, an important layer to clients' overall security initiatives.

As Ryan Giles sees it, security should be a core aspect of all businesses. Whereas at one time it was enough to install antivirus programs and firewalls, he believes with thousands of new viruses coming out every day, security must be a layered approach

"One layer has to be end-user training, which I would argue is the most important layer. And you also have to have a solid desktop solution and, third, a network-level solution at the gateway," said Giles, CEO of AGJ Systems & Networks. So about three years ago, he and his partners decided to beef up the security offerings in their managed services provider (MSP) practice to help educate clients on keeping up with the latest threats. More:

Mobile Ransomware Attacks Increased Fourfold In Last Year

Kaspersky Lab has revealed that mobile ransomware attacks increased fourfold in 2015-2016 compared to the previous 12 months, with only four malware groups responsible for the majority of attacks.

The research firm explained the Small, Fusob, Pletor and Svpeng families carried out more than 90 per cent of malware-based attacks on Android smartphones.

Ransomware has become the fastest growing form of Android-based attack, increasing to 4.63 per cent of the total number of threats in the last 12 months, whereas in 2014-2015, it accounted for just 2.4 per cent. Although the number of computers targeted in crypto-ransomware attacks - where files on the infected machine are encrypted by the malware - has increased substantially, screen blocker-based threats have reduced.

Android, however, seems to be attracting more criminals using the screen blocker technique because Android-based devices cannot resist such hacks using external hardware in the way that PCs can. More at ItProUK:

Cyberheist 'FAVE' LINKS:
This Week's Links We Like, Tips, Hints And Fun Stuff
    • Insecure WebCams -- all over the world! This illustrates the need of changing the default password on literally ANY IoT device. See if there are any in your home town!:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews