« Recharging Android Tablets | Main | Consumer VR is virtually useless »

Aug 06, 2016

The Cyberthreat to CAD

Clicking that link

 

A reader writes:

One of my biggest challenges now is to accurately characterize the emerging threats of cybercrime and cyber espionage. Nobody wants to hear the bad news and the additional costs, but it’s only going to get worse. The trick for everyone is to determine the right level of response.

I'd argue that the best approach for the cyber criminal is social engineering: getting the unwary to click. OTOH, I see a greater awareness of "don't click if you don't know." Elderly relatives I assist with computers are now paranoid about clicking on anything!

I suppose the issue for the reader might be dealing with protecting the IP [intellectual property] surrounding drawing files? What about stealing license numbers from authorized users: is this an issue?

He responds:

According to an FBI briefing that I attended,  77.3% of malware installs require someone to open an email attachment or click an email link. On the average:

  • 23% of recipients open phishing emails
  • 11% click on attachments

More than 85% of the attacks were targeting secret information. Most companies are astonished to find out they’ve been hacked by foreign intelligence services (FIS) when they are contacted by the FBI. In 2013, the FBI notified 3,000 US companies that they’d been hacked.

The FBI did their own security tests on US government security simply by leaving USB devices and CDs around. If I remember correctly, the CDs crudely marked with a Sharpie [felt pen] that read something like “August Reorg” were opened over 80% of the time!

Drawing IP is indeed important and can be monetized in many ways. For example, let’s say someone got your patent drawings and then quickly submitted a bunch of similar patents in that same area.

Much bigger in my opinion than license stealing is the use of cracked software. Obviously CAD vendors lose some revenue from this practice, but what most people don’t realize is that anyone who cracks CAD software can also easily insert additional code to quietly harvest sensitive information from the user’s company on an on-going basis.

 

Posted at 01:15 AM in Computer-aided Design: NEWS |

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)

Advertisements

Recent Comments

Search This Blog


  •  

Translate

Subscribe to this blog's feed

Categories

Thank you for visiting!

About