RUAG Breach – A lesson in cyber espionage tradecraft tools & techniques

Following a successful data breach of Swiss defense contractor RUAG – specialising in aerospace technology – the Swiss Governmental Computer Emergency Response Team (GovCERT) took the unusual step of publishing a comprehensive data breach report. The reasons given for publishing the report: …to give organizations the chance to check their networks for similar infections, and to show the modus operandi of the attacker group. You can download the summary technical report here (PDF) – 2 pages And the full espionage report here (PDF) – 34 Pages If the full report is a little TL;DR for your time or taste – or even Read More

It’s time to patch our human firewall

In light of a recent article on IT Governance blog entitled “What exactly is Social Engineering?”, I’d like to take a step back and explore what precedes a successful social engineering attack. I recently asked an expert in social engineering, deception and negotiation the following question: Would you say that underpinning social engineering would be a process of reconnaissance, perhaps using social media? She responded: Almost always these days, Stu! Many articles focus on the attack methods that ultimately give rise to a breach but neglect to mention the single most important aspect of these successful breaches: reconnaissance. The importance of Read More