Posts in Threat Analysis
Supply Chain: Compromise of Third-Parties Poses Increasing Risk

The NJCCIC assesses with high confidence that capable threat actors—both politically-motivated state actors and their proxies, as well as profit-driven criminals—will increasingly leverage supply chain compromises to conduct network intrusions and attacks. These incidents could result in the exfiltration, manipulation, or destruction of data and disruption to daily operations and business continuity.

Read More
Fileless: Evasive Intrusion Tactics Pose Challenge for Network Defense

The NJCCIC assesses with high confidence that fileless and “non-malware” intrusion tactics pose high risk to organizations, both public and private, and will be increasingly employed by capable threat actors intent on stealing data or establishing persistence on networks to support ongoing espionage objectives or to enable future acts of sabotage.

Read More
Healthcare: Cyber Risk Continues to Climb, Industry Slow to Act

The NJCCIC assesses with high confidence the cyber threat and overall risk to the healthcare industry is high and increasing. In contrast to the large insurance breaches of 2015, assessed to be the work of Chinese threat actors conducting industrial espionage to support their largely state-run healthcare industry, profit-motivated hackers pose the greatest threat to the majority of healthcare organizations today.

Read More
Dark Web: Illicit Activity Thriving on the Underground Internet

The NJCCIC assesses with high confidence that a broad range of criminals, malicious hackers, and violent extremists will increasingly utilize the dark web—the underground Internet only accessible via special software that maintains the anonymity of users—to facilitate illicit activity, which will present threats to public safety as threat actors can securely communicate, conspire, and acquire materials or know-how.

Read More
Cross-Site Scripting: Many Websites Remain Vulnerable to Common Web Exploit

The NJCCIC assesses with moderate confidence that many websites remain at high risk of cross-site scripting (XSS), one of the most commonly exploited web application security vulnerabilities. XSS is a code injection tactic–similar to SQL injection–in which a hacker inputs malicious code into a legitimate web application or website that is then executed in a user’s web browser, often to compromise user credentials or take control of the user’s session.

Read More