now browsing by tag
#comptia | #ransomware | Spike in Texas cyberattacks against municipalities has City of SA in constant defense mode
SAN ANTONIO – Six months ago, cybercriminals attacked local government agencies in 23 Texas cities. The statewide attack brought the Lone Star State to the front and center of the discussion about cybercrime.
“Municipalities are always a target because we have very complex systems, broad responsibilities. Here in San Antonio, we have more than 40 departments and city services, almost 13,000 employees,” said City of San Antonio IT Director and Chief Information Officer Craig Hopkins.
Ransomware attacks in 23 Texas cities have officials taking preventive measures
Hopkins said he consistently prioritizes cybersecurity for those reasons and instead of training employees once a year, he sends out information once a month.
“Up to 95% of the incidents we have are usually driven by human error,” he said.
Hopkins teaches city employees about the main types of cyberattacks. He said “phishing” is the most common.
“Phishing basically says, ‘I want you to click on a link, and I want you to give up some information that you may not normally give. I can take over one account, and then I can impersonate you inside of your organization and move horizontally,’” Hopkins said.
He then explained a concept called “whaling.”
“Think of that as a big fish. People of a certain title, city manager, the chief financial officer — targeting them because if you can impersonate them, you can create influence over other people, so financial scams tend to come out,” Hopkins said.
Hopkins also warned about physical security, which can include people looking over your shoulder at confidential information, people calling your phone pretending to be someone else or people piggybacking into facilities where employees use an access card.
He said he could not go into specific technicalities of the city’s protective system, but he said all businesses should be taking preventive measures, especially agencies or companies with outdated systems.
Copyright 2020 by KSAT – All rights reserved.
View full post on National Cyber Security
UAE residents have been warned to be on their guard following a recent spike in cyber scams and the resurgence of a virus designed to steal victims’ private financial information.
The country’s Telecommunications Regulatory Authority said it had seen a new outbreak of the ‘Emotet’ virus, which if downloaded can allow personal details to be stolen remotely, worldwide. It also warned against fraud carried out through Snapchat links.
Meanwhile, another scam involving messages sent by WhatsApp or text message, in which criminals pose as bank representatives and claim a user’s ATM card had been blocked, has become increasingly “widespread” recently, authorities said.
Malicious cyberattacks were increasing with the perpetrators’ motives ranging from stealing money and property to “destroying large organisations and creating chaos in many countries of the world,” according to Hamad Obaid Al Mansouri, the TRA Director General.
“The UAE prioritised the happiness of its nation as a main objective of its future plans and visions, and this happiness can only be achieved by safeguarding the peoples’ property and preserving security,” he said. “We must make every effort to protect our good nation from shady intruders.”
Mr Al Mansouri vowed that the National Computer Emergency Response Team (aeCERT), set up in 2008, would continue to fight cybercrime on residents’ behalf.
The body, which is part of the TRA, “works around the clock to spread awareness among different groups of society on how to deal with viruses and hacking attempts,” he said.
It also makes recommendations around updating legislation and spread expertise in cyber security among businesses.
Authorities said people should be particularly vigilant around clicking on links designed to appear harmless but which could lead to malware being installed on computers. ‘Filters’ sent through Snapchat could also include viruses, the TRA said.
People have also been urged to ensure they have the latest software and security patches installed on their mobile phones by ensuring iOS and Android operating systems are up to date.
The Emotet virus, which the TRA is particularly concerned about, first emerged in 2014. Later versions of the malware was able to access contacts on an infected computer and send itself to them by hijacking email accounts. It can be missed by some antivirus software.
Emails containing the virus may try to persuade users to click the malicious files by disguising correspondence as coming from a reputable company and using language about “your invoice,” “payment details,” or possibly an upcoming shipment from well-known parcel companies.
Updated: December 26, 2019 04:55 PM
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans Trustwave researchers outline free card skimmer detection techniques Online shoppers and merchants can detect whether websites are infected by Magecart with easy to use techniques provided from researchers at Trustwave. In a blog post published yesterday (December 19), security researcher Michael Yuen outlined how to determine […] View full post on AmIHackerProof.com
#cybersecurity | #hackerspace | Protection against Magecart with new Instart Web Skimming Protection for Salesforce Commerce Cloud
Source: National Cyber Security – Produced By Gregory Evans Salesforce Commerce Cloud, also known as Demandware, is used by some of the worlds largest brands for marketing, customer interaction, and to process online shopping transactions. Given the importance of the platform, and the sensitivity of the data it handles, it is a popular target for […] View full post on AmIHackerProof.com
#cyberfraud | #cybercriminals | Cottage Grove Sentinel | Building a Digital Defense Against Medicare Scams
More and more companies are offering services to test your DNA, allowing you to explore your genetic heritage. Eastern European? Chilean? Something super exotic that you never even considered as part of your ancestry? These tests can be spendy, though, so when someone offers you a special deal to do the testing for free, it sounds like a good deal. Scammers know this and have concocted a new scheme to steal your personal information.
Our friends at the Federal Trade Commission (FTC) are receiving reports that callers, claiming to be from Medicare, are asking for personal information, such as Social Security or Medicare numbers, in exchange for a “free” DNA testing kit. The fraudster may make a convincing argument by claiming that the test is a “free way” to get an early diagnosis for diseases like cancer. However, the truth of the matter is that Medicare does not market DNA testing kits to the general public.
Here are some tips on what you can do to avoid being a victim:
If an alleged “government agency” demands personal information or payment, you can be sure it is a scam.
Don’t rely on caller ID. Scammers can make it appear as if they were calling from a government-affiliated number.
Never give anyone who randomly calls you information such as your bank account, credit card, Medicare or Social Security number. Scammers can use this information to either steal your identity and your money.
You can report Medicare imposters at 1-800-MEDICARE and ftc.gov/complaint.
As always, if you have been the victim of this online scam or any other cyber fraud, can also report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your local FBI office.
View full post on National Cyber Security
#nationalcybersecuritymonth | Do You Know How To Protect Yourself Against Phishing Emails? – University Times
Source: National Cyber Security – Produced By Gregory Evans Close Illustration by Lauren Dahncke Illustration by Lauren Dahncke Illustration by Lauren Dahncke National Cybersecurity Awareness month recently came to an end, but phishing emails never seem to. According to Cal State LA’s Information Technology Security, phishing emails are sent to the recipient with the purpose […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Article by Wontok product head Bruce Carney Never a day goes by without headlines of yet another cyber-attack, data breach or identity theft – even boardrooms have finally become familiar with terms like “ransomware” – an alien concept in the past that belonged to the “geeks […] View full post on AmIHackerProof.com
#cyberfraud | #cybercriminals | Cybersecurity: Hostile nations responsible for ‘significant’ number of attacks against UK organisations
The National Cyber Security Centre (NCSC) has helped UK organisations fight over 600 cyber attacks over the course of the last year, with hostile nation-states blamed for a ‘significant’ number of the attempts at hacking UK-based targets.
The NCSC Annual Review 2019 sheds a light on some of the work the cyber arm of GCHQ has done over the last year to help protect the UK from malicious cyber activity and reveals that it handled 658 incidents in the last 12 months, providing support to almost 900 victims of cyber attacks.
Some of the cyber attacks which have targeted the UK in the past year include a phishing scam posing as an airport refund email which attempted to defraud over 200,000 people, nation-state backed hackers attempting to steal intellectual property from universities, a ransomware attack against the police.
It takes the total number of cyber incidents the NCSC has dealt with since it opened its doors in 2016 to almost 1,800 as cyber criminals and other malicious threat groups continue to target the UK.
For the first time, the NCSC has detailed the sectors which has been most commonly called on to support in reaction to incidents. Government is the top target for cyber attacks, followed by academia and tech companies. Managed service providers are the fourth most common organisations which the NCSC has helped with cyber incidents, followed by transport and health in joint fifth place.
“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts,” said Ciaran Martin, chief executive of the NCSC.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
The report lists Russia, China, Iran and North Korea as hostile states actively targeting the UK with cyber attacks, following the NCSC strategy of calling out countries conducting attacks.
The NCSC is also trying to keep individual users safe from cyber attacks and has revealed one way it has been doing so is with something called the Haulster operation which automates defence of credit cards by flagging fraudulent intention against them.
Haulster takes stolen credit card data collected by the NCSC and its partners and returns information about them to banks – often before being used for crime, allowing financial institutions to protect users from their money being stolen. So far, this operation has flagged fraudulent information against a million stolen credit cards and the NCSC aims to increase the scope of the operation.
The NCSC also continued with its policy of Active Cyber Defence (ACD), a strategy designed to ensure there are fewer cyber attacks in the world, causing less harm to users in the UK and beyond in the process.
A major element of this is a takedown service which stops phishing and other malicious websites from operating as soon as possible by contacting the web host and getting the sites removed from the internet.
According to the annual report, 98% of phishing URLs – 177,335 of them – discovered by the takedown service were successfully forced to stop operating. In 62% of cases, this happened within 24 hours of the website being deemed to be malicious.
The fight against these malicious domains means the UK only accounts for 2% of the websites hosting phishing scams around the world – down from 3% last year and 5% when the NCSC started operating.
However, despite a number of successes from the NCSC, the organisation isn’t under any illusion that the fight against cyber attacks and hacking is anywhere near over – and that everyone has a part to play in battle.
“Looking ahead, there is also the risk that advanced cyber attack techniques could find their way into the hands of new actors, through proliferation of such tools on the open market,” said Martin.
“Cyber security has moved away from the exclusive prevail of security and intelligence agencies towards one that needs the involvement of all of government, and indeed all of society,” he added.
READ MORE ON CYBER SECURITY
View full post on National Cyber Security
An estimated 97% of cyber-attacks originate from or involve email.
This estimate cited by The Wall Street Journal may be a little bit high, according to IT consultant J. Peter Bruzzese, who believes it is between 90% and 95%. But it nevertheless means emails are the biggest threat and employees are typically the weakest point at which an organisation can be attacked.
Speaking at the Armour Expo on Friday, 4 Oct., Bruzzese said gone are the days when hackers would drop infected USB sticks in the parking lot of their target organisation.
Those who picked up the devices and used them would ultimately infect their computers and potentially a whole network. The method was so successful that IT teams started to super glue the USB drives on computers to render them unusable.
“We actually have software for that,” the IT consultant said. “But some people are really extreme. Why? Because that’s where the threat was coming from.”
Nowadays these types of attack have been replaced by sophisticated email scams.
These can take the form of ransomware and other malware attacks, URL links that lead to malicious websites and even impersonation attacks that make heavy use of “social engineering”, the hacker term for manipulating the victim through verbal or written interaction.
Far from the Nigerian email scams, which involved preposterous stories written in bad English, these attacks appeal right to the heart of the victim, said Bruzzese. They are emails using sophisticated language, often imitating a person known to the target, and containing plausible messages or requests.
The IT consultant presented an email that he, although highly sensitised to the threat, fell prey to himself. It was purportedly sent from the CEO of a client company, who informed Bruzzese that the company had changed direction and to continue the collaboration his compensation structure would have to be adjusted. More information was supposedly contained in an attached Excel file.
Of course, Bruzzese said, he should have noticed that he had never communicated with the CEO about compensation in the past or that an Excel spreadsheet was not really needed in this context.
“I wasn’t thinking. That is what your end-user is like most of the time,” he told local IT professionals at the event hosted by IT and cyber-security firm eShore.
The first thing he therefore recommends is end-user training.
“You have to prevent the end-user from making that click or opening that attachment. If you can stop that just a proportion of the time, you will save the company the frustration of a ransomware attack, the frustration of some form of impersonation attack or URL-based attack where they get password credentials.”
But in some cases, even the best training will not be sufficient. When homoglyphs, different character sets that look like letters, are used to replicate an email domain name, Brazzese said what looks like “apple.com” to the naked eye will actually be “xm00-ak68.com”, adding, “That’s how sneaky these folks are.”
The solution therefore must involve technology on top of user security awareness because most people will not pick up on these attempts. “You have to have the technology in place. An end-user is never going to see a URL that is based on homoglyphs.”
Moving email systems into the cloud will take care of some, but not all, security issues. Most people think that if they use Office365 they will never have a problem with a ransomware attack because their email is in the cloud and on Microsoft servers, Brazzese noted. “That makes sense, except there is a new form of attack called a ‘ransomcloud’ attack.”
In this attack, the end-user is prompted with a fake Microsoft message to opt into certain settings to enhance their security. Once these settings are accepted, the attackers can take control of the Microsoft mailbox online and they can encrypt it.
“They only way you can get your mailbox back is to pay the ransom unless you have a back-up, which in Office365 most people don’t,” the IT consultant added, because most people believe that Microsoft backs up their emails in such a way that they can be easily restored. But with 180 million corporate users across the globe that is impossible, he said.
The post #cyberfraud | #cybercriminals | Strengthening the human firewall against cyber attacks appeared first on National Cyber Security.
View full post on National Cyber Security