Bay Area Security Firm That Revealed Target Breach Details Changing Tactics For Cybercriminals
Get Breaking News First
Trending Stories On CBS SF
Strange Bedfellows: Silicon Valley Techies ‘Like’ Conservative Senator Rand Paul
Peaches, Nectarines, Plums Recalled from Costco, Trader Joe’s After Listeria Bacteria Discovered
$50,000 Painting Discovered Tucked Away In Fremont Museum Attic, Confirmed On PBS’s Antiques Roadshow
SoCal Homeowners Spray-Painting Lawns Green To Avoid Water Fees During Drought
Daredevil Motorcyclist Arrested In April For Illegal Stunts Wrecks Corvette In Oakland; 1 Dead
MILPITAS (KPIX 5) — Crooks have already used the HeartBleed bug to break into a major corporation’s network system. While it’s unclear whether the bad guys stole anything, statistics show cybercrime is on the rise, the crooks are changing tactics, and the playing field has exploded.
For example, at a big company, the cyber spies stirred up trouble by hiding malicious code into a popular online menu for Chinese food.
The strategy: to lure unsuspecting workers to the menu and then entice them to “click” and start the attack.
“If they know you’re connecting to a Chinese menu, and if I can get you to visit that website, I can start an attack occurring on your computing device,” said Dave DeWalt, Chairman and CEO of FireEye, a cybersecurity firm located in Milpitas.
The same kind of sneak attack unfolded at Target.
Culprits stole credentials from an air conditioning company with an online tie to the retailer.
“We’re only one click away from any website in the world,” said DeWalt.
Bloomberg BusinessWeek reported how FireEye spotted the security breach and alerted Target weeks before the hackers transmitted stolen data.
FireEye wouldn’t talk about Target to KPIX 5, but as the reported story in Bloomberg shows, its advanced technology can spot attacks before they happen.
The technology, called MVX, is a virtual machine that tests every application, every download, or every website click before it enters your system. The idea: to see if it’s good or not. Any abnormal behavior triggers an alert. That alert then allows a client or company to block that website or application before any damage is done.
“Now a lot of those threats have moved from email to something hiding on a website,” DeWalt told KPIX 5.
Who are the attackers and what do they want? They vary from nation-state culprits who are going after intellectual property, to criminal groups who want to steal your financial assets.
“We see roughly 100,000 attacks per day,” explained Zheng Bu, Vice President of Security Research at FireEye.
Bu stood in front of FireEye’s Global Strike Heat Map, which shows in real time how sophisticated cyber-attacks unfold.
They are called zero-day attacks: these are attacks that no one has seen before.
In most cases, once attackers get into your system, they can spend a long time scooping up the goods.
“From the time a large company gets breached to the time they even know they are breached, takes almost a year,” said DeWalt.
And while the threat is global, security experts believe the Bay Area is a special target.
“We’ve been seeing for quite a few years the attackers have gone after the high-tech world,” said DeWalt.
What’s a consumer to do? The experts at FireEye said to get smarter about the technology; monitor your finances more often and carefully, don’t blindly follow links or open up attachments, change your passwords on a regular basis. And don’t think you won’t be a target: anytime you click on to the internet, you’re vulnerable to attack.