31 Attacks Since Monday – Email Alone

Last century I was told I was the target of over 50 organizations globally and to be cautious.  I’m sure that number has vastly grown over time given the nature of the information I manage and my role in the world of cyber intelligence.  In the last two days I’ve received no less than 31 known qualified email based attacks.  This doesn’t include other types of vectors such as targeted social network and other attacks of interest of which there are several that require investigation.

I’m often asked as an expert in the world of malware what AV I use.  I often tell people none, because the threats that are thrown against me normally don’t get detected by AV.  In fact, criminals and espionage adversaries specifically test their code prior to distribution to ensure it won’t be detected.  AV is largely only effective against known threats, not the unknown.  However, AV does have it place in my defense in depth multi-layered approach.  While I use many different types of AV, in fact dozens for various types of research and response, it’s the human response that matters most in my world.  I can spot an attack within seconds that AV misses every time, due to my experience with the TTPs of adversaries who target and/or distribute codes opportunistically to my various monikers online.  I hope I’m able to avoid a compromise but also plan for the worst realizing I have a very sophisticated and determined set of adversaries globally.

This holiday season let’s remember what matters most to us, our family, friends, and respected colleagues.  Technology has it’s place in this information age but it will never replace the human factor.  Contrary to one presentation I listened too at a conference recently, where they claimed doctors could be replaced with computers that diagnose a medical condition, I’ll take the veteran doctor over a computer every day of the week.  That said, why don’t we focus more on what really works, which is likely a hybrid of both, driven by the intelligence of humans aiming to improve the lives of others.

Happy Thanksgiving and blessings to all!