Threat Report

CTC’s February 2019 Threat Report

Sometimes, cybersecurity issues hit VERY close to home. Consider the Apple FaceTime bug that allowed users to see and hear people before they answered the call. Or the Fortnite vulnerability that allowed hackers to eavesdrop on players.

Such issues can instill within users a sense of vulnerability. They bring cybersecurity issues into homes across the country and even around the world.

Despite significant hacks making headlines before, they seem to be growing. Witness just a few recent events.

Exposed Passports

Have you ever imagined yourself as a James Bond-like secret agent? Maybe after a late night viewing of “The Spy Who Loved Me”? That might be closer to reality than you think.  

“Big data is the new wave for counterintelligence,” cybersecurity expert James A. Lewis said recently. The New York Times quoted him for an article on the Marriott hack that made headlines in recent months.

That story returned to the spotlight recently after leaders at the hotel chain acknowledged that they encrypted none of the stolen passport data. And that’s where the counterintelligence angle comes in.

From the Times’ piece:

“[T]he attack appeared to be part of a broader effort by China’s Ministry of State Security to compile a huge database of Americans and others with sensitive government or industry positions.”

It’s a stunning turn in a time when strong endpoint capabilities from reliable vendors are readily available. And you don’t even need to be on Her Majesty’s secret service to use them.

The Massive “Collection #1”

Big data breaches aren’t just a Marriott problem, of course. Nor is the issue limited to Marriott customers.

A massive batch of hacked email and passwords named “Collection #1″ — considered the largest public data breach by volume — is now floating around the internet for any bad actors to access.

Collection #1 contains 772,904,991 unique emails and 21,222,975 unique passwords. The file is described as “an amalgamation of over 2,000 databases.”

(If you want to learn if you’re using a compromised email address, visit

Russians and Deterrence

An article in The Daily Beast outlines continuing Russian efforts to hack American institutions. From the piece:

“Russia’s military intelligence directorate, the GRU, has been caught in a new round of computer intrusion attempts, this time aimed at the Center for Strategic and International Studies, a prominent Washington, D.C. think tank heavy with ex-government officials.”

The Daily Beast quotes one security expert lamenting this state of affairs given continuing attempts to discourage Russia via sanctions and other means. But also mentioned is the fact that these hacking attempts still rely “heavily” on standard techniques such as spear phishing.

There’s encouraging news in that latter piece of information. We know about spear phishing and similar techniques, as well as ways to defeat them. Plus, the AI-powered capabilities of a number of security solutions is likely to mute their effectiveness.

AI, CTC, and You

Solutions available to protect vital data only works if companies implement them. It seems obvious, but we recognize that budgetary concerns and other issues sometimes present roadblocks to effective security measures. That doesn’t have to be the case.

Regardless of the size of your business, it’s IT staff, and budget, working with CTC Technologies means working to find a solution that fits your needs. Because while we all want to be part of something bigger, a list of hacked emails and passwords isn’t what any of us has in mind.

Contact us today to schedule an appointment.