2018

now browsing by tag

 
 

#cyberfraud | #cybercriminals | Wyomingites lose $4.5 million as cyber crime nearly doubles in 2018

Source: National Cyber Security – Produced By Gregory Evans

(Pixabay)

CASPER, Wyo. — Wyomingites lost $4,517,128 in various cyber crimes in 2018.

That is according to Federal Bureau of Investigation data shared by the Wyoming Department of Education on Monday, Oct. 21.

“Losses due to security breaches and scams for Wyoming’s
citizens, businesses, and organizations nearly doubled between 2017
and 2018, according to the FBI’s Internet Crimes Complaint Database
reports,” WDE Chief of Operations Trent Carroll said in a memo.

Article continues below…

Carroll adds that there are 172 unfilled cybersecurity job positions across the state.

“Cybertrained technology professionals are needed to help in every business, hospital, school, nonprofit, and municipality in the state,” he adds. “Education of our students for these high-paying jobs, and teaching them to be safe in an increasingly connected world, is more important than ever.”

The United States Department of Education will award a “Presidential Cybersecurity Education Award” in spring 2020 to highlight the need for such education.

“Two educators, one elementary and one secondary, will be awarded in the spring of 2020,” Carroll adds. “The award criteria includes instilling their students with the skills, knowledge and passion for cybersecurity and related topics and subjects.”

Educators can be nominated for the award until Jan. 31, 2020.

“Anyone may nominate an educator and self-nominations are also permitted,” says Carroll.

More information about the award is available here. Nominations can be sent to CyberAwards@ed.gov.

Source link

The post #cyberfraud | #cybercriminals | Wyomingites lose $4.5 million as cyber crime nearly doubles in 2018 appeared first on National Cyber Security.

View full post on National Cyber Security

Where Will The #Cybersecurity #Battle Lines Be #Drawn In #2018?

Source: National Cyber Security – Produced By Gregory Evans

Beneath everyday web traffic, there’s a fierce battle raging for the security of the Internet. On one side are the villains; cyber criminals ranging from thrill-seeking amateurs to nation states. On the other side are the cybersecurity professionals, including researchers and analysts, all of whom seek to protect data.

The odds of either side scoring a decisive blow and ending the long-running battle for security is quite low. As with all battles, both sides are racing to develop new technologies that will give them the upper hand. While much of the conflict takes place in unseen digital arenas, organizations and individuals are realizing that their data sits in the line of fire. Recent years have seen the threat become all the more potent in the aftermath of successful attacks on businesses that were previously seen as unassailable.

One thing that is clear is that the battle lines will continue to shift. New tactics will arise and shape the future of the conflict. Here is a preview of what to expect on the frontlines in 2018 and beyond.

Advance: Phishing Targets Cloud

While phishing is a somewhat dated security concern, it’s still highly effective if delivered via the right vector. Over the years, internet users have become much wiser to traditional phishing (typos, unknown senders, mysterious attachments, etc.), so cybercriminals have looked for new avenues. The rise of cloud apps has opened up attack vectors that didn’t previously exist. The 2017 Google Docs attack is a prime example, with legitimate Google sign-in screens used to trick users into granting permissions to a malicious third-party application. The app then harvested information from victims’ contacts and emails. Criminals are increasingly spoofing trusted applications in order to deceive unsuspecting victims into granting permissions or handing over credentials.

Countermove: MFA And Behaviors

There are various ways to protect against phishing techniques. Switching from username and passwords to Multi-Factor Authentication (MFA) is one of the swiftest and most effective methods. MFA’s layered security prevents criminals from accessing user accounts even if they manage to acquire the login. MFA is already in use on many websites, with companies such as Facebook, Apple and Dropbox introducing or enhancing MFA in the last year.

Another way to counter advanced phishing attacks is through smart detection technology, which my company leverages, that can monitor user behavior across multiple cloud apps and detect strange activity, signaling a person is not who they claim to be. If a hacker programmatically accesses or downloads large volumes of data from a cloud app, a smart detection system could automatically flag this as suspicious, or block the transaction outright. Making detection “smart” is a step up from simply looking for a phishing email to understanding and detecting attacks as they unfold. For example, using machine learning to gain a deeper understanding of typical user behavior, and then looking for deviations from that norm can help to detect even the most subtle usage of stolen credentials. Companies have started to apply smart detection for internal threats in quite a few areas. In the User Behavior Analytics space, Exabeam, Securonix and Splunk have all begun using smart detection. In the Data Loss Prevention space, Amazon Web Services is employing smart detection, and companies like Cylance, Carbon Black and CrowdStrike all use it for external threat detection.

Advance: Attacks On SaaS

Many of the biggest players in the Software as a Service (SaaS) market are now taking cybersecurity very seriously. For example, Forbes reported in 2015 that Microsoft’s annual cybersecurity spend is now in excess of $1 billion. The vast majority of cybercriminals out there look for the path of least resistance, meaning they will increasingly turn their attention away from security-conscious organizations like Microsoft and target smaller, fast-growing SaaS app vendors and startups. With smaller budgets and fewer resources, these companies are less able to make the massive investments in security that larger cloud apps can make. As a result, it’s only a matter of time before we see one or more of these companies suffering a significant breach.

Countermove: Security Parity

One of the biggest issues is the fact that SaaS apps don’t all offer the same security controls for corporate data. While some offer security capabilities natively (such as access controls, malware/threat detection and identity management), the capabilities are not consistent, even across popular apps. As a result, security personnel have a very difficult time ensuring data moving between various cloud apps remains secure and compliant. In addition, many newer/smaller cloud apps have no security capabilities at all. The most efficient counter-move is to shift from attempting to secure each and every cloud application to securing all cloud data, because applications are largely out of a user’s control. Giving security parity to data means a more consistent level of protection.

Advance: Intelligent Malware

The Necurs botnet is one example of a sophisticated weapon in the cyber arsenal. What marks Necurs out from other tools is its ability to constantly change to stay one step ahead of experts. In 2017, Necurs was linked to spam distribution, spreading Trojans, DDoS attacks and even pump-and-dump stock scams. Perhaps most disturbingly, Necurs-controlled malware has started to gather victim’s data, which is then transmitted back to adversaries. By gathering intelligence, the botnet has “learned” and there will be new, more sophisticated attacks in the future. In 2018, we’ll see a big increase in machine learning-driven “smart” malware.

Countermove: Machine Learning

In order to counter smart malware, protection must also learn and adapt. Creating solutions capable of this has been a big challenge for the industry. Fortunately, advances in the field of machine learning are providing answers by giving computers the ability to learn without being specifically programmed. This means they are able to adapt in response to a situation. This means new smart detection solutions can actively learn and understand the behaviors of malware, not simply identify a malware signature or file type that has been associated with malware in the past.

The cybersecurity battle will inevitably continue to rage long into the future. For security professionals, the key lies in the ability to quickly identify and adapt to new threats, nullifying their potency as fast as possible. The three offensive moves above are just the tip of the iceberg, but countermoves can be put in place to mitigate the threat posed, both now and in the future.

The post Where Will The #Cybersecurity #Battle Lines Be #Drawn In #2018? appeared first on National Cyber Security .

View full post on National Cyber Security

PyCon AU 2018

General Cybersecurity Conference

 August 24 – 26, 2018 | Sydney, Australia

Cybersecurity Conference Description

PyCon Australia (“PyCon AU”) is the national conference for the Python Programming Community, bringing together professional, student and enthusiast developers with a love for developing with Python.

PyCon Australia informs the country’s Python developers with presentations, tutorials and panel sessions by experts and core developers of Python, as well as the libraries and frameworks that they rely on.

advertisement:

The post PyCon AU 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybercon Asia 2018

General Cybersecurity Conference

 August 25 – 26, 2018 | Cebu, Philippines

Cybersecurity Conference Description

Poor cyber security has affected all levels of society, may it be in the national, local, or personal level. In the digital world, nation states, terrorist groups, tasteless organizations and rouge individuals can launch cyber-attacks from anywhere, anytime, disrupting and damaging our democracy and way of life.

To confront this problem, awareness must be raised. At “Cybercon Asia”, our mission is to produce a multi-stakeholder consortium that brings together various industries. Including, but not limited to the government, the academe, and the corporate sphere all with the objective to raise interest and awareness about the state of cyber security on both domestic and international level.

advertisement:

The post Cybercon Asia 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SANS San Francisco Summer 2018

General Cybersecurity Conference

 August 26 – 31, 2018 | San Francisco, California, United States

Cybersecurity Conference Description

At SANS San Francisco Summer 2018 (August 26-31), strengthen your cyber security skillset with cutting-edge training taught by SANS unrivaled faculty. All SANS instructors are active security practitioners and expert teachers. Their passion for the topics they teach shines through, making the SANS classroom dynamic and effective. Each instructor brings a wealth of real-world experience to every classroom. Don’t miss this opportunity to learn from the best cyber security instructors in the industry! Choose from 10 innovative cyber security courses.

advertisement:

The post SANS San Francisco Summer 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SANS San Antonio 2018

General Cybersecurity Conference

 August 6 – 11, 2018 | San Antonio, Texas, United States

Cybersecurity Conference Description

As a professional on the front lines of cyber security, it is essential to constantly update your arsenal and stay ahead of the cyber adversaries who seek to harm your organization’s assets. At SANS San Antonio 2018 (Aug. 6-11), learn from industry leaders teaching crucial techniques in cyber defense, pen testing, forensics and ICS security. Register for training from the industry’s top cyber security practitioners, and learn to more effectively combat the growing wave of data breaches and cyber-attacks. Choose from seven top-notch cyber security courses.

advertisement:

The post SANS San Antonio 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SANS Charlotte 2018

General Cybersecurity Conference

 July 9 – 14, 2018 | Charlotte, North Carolina, United States

Cybersecurity Conference Description

Get relevant, practical cyber security training at SANS Charlotte 2018 (July 9-14). This event features the information needed to build crucial skills in protecting your organization from the latest cyber-attacks. Now is the time to enhance your skills and further your career. Don’t miss this opportunity to learn from the best instructors in the industry, and gain knowledge you can put to work immediately. Choose from five top-notch information security courses.

advertisement:

The post SANS Charlotte 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Africa Cyber Defense Summit 2018

General Cybersecurity Conference

 July 9 – 10, 2018 | Nairobi, Kenya

Cybersecurity Conference Description 

The World Economic Outlook 2017 has recognized that Africa currently hosts some of the fastest growing economies in the world and that the entire continent is set for a huge economic transformation. Information and communication technology and cyberspace are key enablers of African national visions including Kenya’s Vision 2030 which aims to use science, technology and innovation to transform Kenya into an industrialized and secure middle-income country.

Given the role of ICTs in Africa’s rapid economic growth, cybersecurity breaches and attacks have the potential to slow down development. It is urgent and important to drive vigorous African cybersecurity dialogue and action to enable the continent to secure our critical infrastructure and protect our sensitive data.

It is with this in mind that the Ministry of ICT, Kenya, the International Telecommunications Union and the African Union have partnered with Naseba and the Africa Cyberspace Network to hold the Africa Cyber Defence Summit scheduled for 09-10 July, 2018 at KICC, Nairobi, where over 300 delegates from across Africa and partners from across the globe will sit together address cybersecurity issues, enhance our continental cybersecurity strategies and promote cybersecurity-oriented businesses.

advertisement:

The post Africa Cyber Defense Summit 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

SANS Minneapolis 2018

General Cybersecurity Conference

 June 25 – 30, 2018 | Minneapolis, Minnesota, United States

Cybersecurity Conference Description 

SANS is the most trusted source for cyber security training in the world. Find out why at SANS Minneapolis 2018 (June 25-30). All SANS instructors are real-world practitioners, and their experience adds unparalleled value to your training. SANS training will prepare you to meet today’s threats and tomorrow’s challenges. Choose from eight cutting-edge information security courses.

advertisement:

The post SANS Minneapolis 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

ToorCamp 2018

General Cybersecurity Conference

 June 20 – 24, 2018 | San Juan, Washington, United States

Cybersecurity Conference Description

ToorCamp, the American hacker camp, first “launched” at the Titan-1 Missile Silo in Washington State in 2009. The second and third ToorCamp happened in 2012 and 2014 on the beautiful Washington Coast. Show off your crazy projects you’ve been working on, bring some ideas you want to hack on with the other technology experts that will be showing up, organize a campsite with all of your friends and show how awesome your group is, or just see what all the other groups are up to. It’s up to you!

advertisement:

The post ToorCamp 2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures