Encore: Using global events as lures for malicious activity.

CyberWire Daily

N2K Networks, Inc.

News, Technology, Daily News, Tech News

4.8 • 1.1K Ratings

🗓️ 28 November 2020

⏱️ 18 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

The goal of malicious activity is to compromise the system to install some unauthorized software. Increasingly that goal is tied to one thing: the user. Over the past several years, we as an industry improved exploit mitigation and the value of working exploits has increased accordingly. Together, these changes have had an impact on the threat landscape. We still see large amounts of active exploitation, but enterprises are getting better at defending against them. This has left adversaries with a couple of options, develop or buy a working exploit that will defeat today's protections, which can be costly, or pivot to enticing a user to help you. In today's threat landscape, adversaries are always trying to develop and implement the most effective lures to try and draw users into their infection path. They've tried a multitude of different tactics in this space, but one always stands out — current events. Joining us on this week's Research Saturday from Craig Williams from Cisco's Talos Outreach team to walk us through how current events are used as lures. The research and blog post can be found here: Adversarial use of current events as lures Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	Hello everyone and welcome to the CyberWire's research Saturday.
0:09.0	I'm Dave Bitner and this is our weekly conversation with researchers and analysts tracking down threats and vulnerabilities,
0:15.6	solving some of the hard problems of protecting ourselves in a rapidly evolving cyberspace.
0:20.9	Thanks for joining us.
0:34.6	Well, I think what really prompted us to take this on is the fact that we see certain patterns repeated in this business over and over again. That's Craig Williams, he's the head of Tallows outreach at Cisco.
0:38.5	The research we're discussing today is titled Adversarial Use of current events as lures. You know, I mean at this point, I think I can even say it rounds up to have been doing this 20 years.
1:00.0	And we see different and new malware campaigns every week, right?
1:05.0	There's always someone doing something new, tweaking something, finding a new way to do it.
1:09.0	But in doing so, there are certain patterns that are always habitually followed.
1:15.0	And really, when you look at it, probably the most effective one is bad guys trying to find a way to use current events as lures.
1:23.7	You know, and I know that sounds really open-ended and people think, well, how could that possibly help me?
1:30.3	And that's kind of the reason we wrote this blog was to not only highlight what we're seeing,
1:35.0	but to help people understand what could be used in the future.
1:39.0	Right?
1:40.0	So, you know, if we sit back right now and take a high level look over the next six months, you know, we see a lot of social issues of play.
1:48.0	We see an election coming up.
1:49.9	We see the typical holiday shopping season, and then after that we start seeing
1:55.1	tax season in the US right I would expect malware campaigns to target each and
2:01.6	every one of those in order and you know potentially a couple of
2:05.1	them overlapping. Right. Yeah it's interesting to me that one of the things you
2:11.9	highlight here is that there are the ones that sort of run on the calendar, you know, the tried and true every holiday season we're going to have stuff, every tax season we're going to have stuff.
2:23.0	But then in addition to that, you know, we've got things like COVID-19.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.