Against

now browsing by tag

 
 

Companies #Look To #Cyber Insurance For #Protection Against #Hackers

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans You have health insurance, car insurance, homeowner’s insurance, how about cyber insurance?   More and more local businesses are buying protection for themselves from huge financial losses in a cyber-attack.   Cyber protection is a fairly new offering in the insurance industry.  But one Sioux Falls development company […] View full post on AmIHackerProof.com | Can You Be Hacked?

Hackers #hired for #year-long #DDoS attack #against #man’s former #employer

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans US federal prosecutors in Minnesota have charged a 46-year-old man with hiring a cyberhitman – well, technically, three hacking services – to launch a year-long campaign of distributed denial of service (DDoS) attacks on his former employer. Prosecutors say that John Kelsey Gammell, 46, contacted seven […] View full post on AmIHackerProof.com | Can You Be Hacked?

‘The #weakest part of #security is us’ – #Ethical hacker on the #fight against #cyber attacks

Source: National Cyber Security – Produced By Gregory Evans

‘The #weakest part of #security is us’ – #Ethical hacker on the #fight against #cyber attacks

‘The weakest part of security is us’

This was the message from ethical hacker Mike G.

Speaking at the Irish Independent annual Dublin Information Sec cyber-security event taking place in Dublin today, Mike G, who helps organisations in their fight against cyber security and hacking, said that humans are very easily hacked.

Citing the hacking of US actress Jennifer Lawrence’s Apple iCloud, Mike G said that the hacking was done through the actresses’ password for iCloud being her dog’s name, and the fact that Ms Lawrence had posted a picture of her dog on Instagram – the hacker went from there and leaked photos apparently showing her in the nude on the internet.

In addition, bad systems design and/or insecure security policies can leave people and organisations vulnerable to hacking.

Mike G, who describes himself as a pilot, engineer, and ethical hacker,  described the various was in which hackers can gain information about a person or a company, including through social media, certain types of jobs – “sales people often give out everything” – and even job listings.

In a sobering talk, he listed spoofing texts, calls and emails among the ways in which people and companies can get hacked.

In addition he said that anything can get hacked including pins, biometrics, TVs, and even our fitbits.

However when a person’s phone can be taken over, it’s “huge” he said.

In what was a stark message to businesses, Mike G asked those present at the event whether their company would be able to recover if the competition had all of their data?

However, the news from the ethical hacker was not all bad.

Mike G and his team do a lot of forensic planning, providing, among other services, cyber security awareness training, and impact penetrating testing to show companies their weak spots and how these can be overcome.

The post ‘The #weakest part of #security is us’ – #Ethical hacker on the #fight against #cyber attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

A Student’s #Guide on How to Help #Protect Against #Identity Theft

Source: National Cyber Security – Produced By Gregory Evans

A Student’s #Guide on How to Help #Protect Against #Identity Theft

Your college career is supposed to be about finding yourself and forging your identity—not having it stolen. But, in the United States, over 15 million consumers experienced identity fraud in 2016.

There’s a new victim of identity fraud every two seconds, according to the 2017 Fraud Study from Javelin Strategy & Research. Many of those victims could be college students.

The risk you face? A thief who steals your identity can commit crimes in your name or prevent you from getting that coveted job after graduation.

It’s smart to take steps to learn how to help protect yourself against identity theft. This guide can help. Think of it as “How to Help Protect Against Identity Theft 101.”

An identity-theft definition
What is identity theft? Identity theft occurs when someone steals your personal information — such as your name, address, Social Security number, date of birth, and more — and commits fraud in your name.

Criminals may use your personal data to take over your bank account or open new credit cards and run up debt, all while pretending to be you. They might file fake tax returns, buy or rent property, or commit a host of other crimes using your information.

As a college student, you have plenty to do without having to worry about identity theft. But, like a looming final exam, identity theft isn’t going away. Learning how to help protect yourself—and your financial future—is fast becoming a required course.

What’s in ‘A Student’s Guide’
Here’s what you’ll find in this guide:

Facts about identity theft
How students can help protect their identity
How identity theft happens—from low-tech to high-tech techniques
We’ve also included two additional sections:

A Teacher’s Guide on How to Help Protect Against Identity Theft
A Campus Police Officer’s Guide on How to Help Protect Against Identity Theft
Facts about identity theft
Here are two things you should know about identity theft: It’s big and it can affect your future.

How big? Consider these statistics:

In 2016, over 100 million hours were spent by identity fraud victims trying to resolve their issue, according to a 2017 Fraud Study from Javelin Strategy & Research.
22 percent of students found out they had been a victim of identity fraud after being denied credit or contacted by a debt collector, according to a 2015 Identity Fraud Study, released by Javelin Strategy & Research. Also, the study found students were three times more likely to be victims of identity-theft fraud than the general population.
Identity theft and your future
As for your future, you came to college to prepare for it. But if you become a victim of identity theft, you could spend hours, days, or more dealing with the mess. You also may face obstacles to starting a career and becoming financially independent.

That’s because when an identity thief commits fraud in your name, it can become part of your record. Your financial history—including an identity thief’s bogus dealings—will likely appear in your credit file. Credit bureaus store that data, and a credit file showing financial misdeeds can lead to a low credit score. A low credit score can make it hard to qualify for a variety of financial products and certain life necessities.

Lenders and other businesses typically check your credit report before deciding whether to lend you money or make other big decisions involving your future. Here are a few ways a damaged credit file can hurt you.

You may have a hard time getting approved for a credit card or loan.
You may not get a job offer from a potential employer.
You could have trouble renting an apartment.
You may be unable to get a cell phone account.
No one can prevent all identity theft. But you can take steps to help minimize the risk, and those start will helping to protect your personal information.

How students can help protect their identity
As a college student, you probably have personal information in a lot of places — in your computer, cell phone, academic file, wallet, even on the top of your desk. The goal is to protect this information.

Here’s how to help protect against identity theft from happening:

Guard your numbers. You have a lot of them — credit and debit card numbers, driver’s license number, PINs. Your Social Security number is your most valuable identifier and one of the most prized by identity thieves. Share these numbers only when absolutely necessary, and only when there’s a legitimate reason to provide them. It’s a good idea to memorize your important numbers and never leave them in plain view of someone else.

Avoid public Wi-Fi. Public Wi-Fi networks are not secure. That means that when you go to a café to do work on your computer, someone can intercept what you’re looking at on the web. That might include your email, browsing history and passwords. Your defense? It’s always smart to use a virtual private network. A VPN creates an encrypted connection between your computer and the VPN server. As a result, a nearby hacker can’t intercept your information. If you’re tempted to perform a financial transaction—like, buying something on the web—a VPN is essential.

Beware of shoulder surfing. Always be aware of your surroundings. Take time to make sure someone isn’t glancing over your shoulder while you enter your PIN number at an ATM or key in personal information into your cell phone. Think twice about providing a credit card number over the phone if someone is within listening distance.

Don’t overshare. Identity thieves often seek to bundle your personal information. What you post on social networks can be a rich source of information. Identity thieves can glean details from your life that could help answer security questions on websites—like, “Where were your born?” or “What’s your favorite food?”

Keep personal information in a safe place. It’s easy to leave a credit card or driver’s license lying on your desk. But colleges are social places. It’s hard to predict who might pass through your living space and potentially steal the information on those cards. It could be a friend, or a friend of a friend, or an out-of-town guest of your roommate.

Shred documents that contain personal information. A paper shredder may not have the same college appeal as, say, a refrigerator in your room. But it’s essential for shredding papers that include your personal information. For instance, you probably receive credit card offers in the mail. Don’t just toss them in the trash, where someone could retrieve them. Shred them right away.

Protect your computer from malware. Malware—short for malicious software—includes computer viruses and spyware. It can get installed on your computer or mobile device and you might not realize it. Identity thieves use malware to steal personal information and commit fraud. What to do? Install security software from a reputable company. It’s also essential to keep all your software programs up to date. Another precaution: Back up your information in case a hacker corrupts your computer.

Get savvy about online scams. Identity thieves may try to trick you into clicking on links that install malware on your computer. Or they might set up fake websites offering amazing “deals” to lure you into providing your credit card information. Stick with reputable websites. Never click on a link or an attachment from someone you don’t know.

Keep track of your credit history. The federal Fair Credit Reporting Act allows you to get a free credit report from each of the three major credit bureaus annually. This is where you can look to see if anyone has opened an account in your name. If you see something suspicious, you can take appropriate actions. You can get your free reports at annualcreditreport.com.

Use strong passwords on all your devices. A strong password includes letters, numbers and symbols. It’s a good idea to have separate passwords for all your devices, including computer, tablet, and cellphone. Never share your password with someone else. And remember to change it periodically. Or consider using a reputable password manager. A passport manager is a software application with strong security features that manages and stores your passwords.

Mind your bank cards. Notify your bank or credit card company if you misplace your credit or ATM card. They’ll likely cancel your card and send you a replacement with a new number. Usually they will review recent transactions with you to identify any suspicious activity. As a general rule, check your bank and credit card statements regularly to make sure all activity is legitimate.

A Teacher’s Guide to How to Help Protect Against Identity Theft
As a teacher, you could have the opportunity to help protect students from identity theft.

It’s a good idea to familiarize yourself with the information in A Student’s Guide on How to Help Protect Against Identity Theft. It will help you understand how identity theft happens in college. And you can help guide students in how to minimize the risk.

A Teacher’s Guide includes a list of resources that you can share with your students to help them keep their identities safe.

Here’s a checklist of ways you can help.

Encourage students to practice smart online habits. Let students know, for instance, that not all networks on campus may be secure. If your course requires purchasing materials online, remind students to use a secure network or virtual private network (VPN). Discuss the risk of sharing personal information when students work collaboratively on projects.
Help keep your students’ numbers safe. It’s a good idea never to use a student’s Social Security number as official identifier in coursework or assignments. A student’s Social Security number is a key piece of information for identity thieves.
If appropriate, let students know there are key ways to help protect their identity. These range from checking their credit reports for suspicious accounts to never using a library or public computer to provide personal information.
Find out if your college offers any presentations or workshops on identity-theft protection. Keep a list of available resources handy.
Remind students to lock their computers and protect them with strong passwords. In general, students should never leave their computer where someone can snoop for personal information or steal it.
Point students to resources that can help provide additional information related to identity theft. Here are a few good ones:
U.S. Department of Education: Offers identity-theft prevention tips and materials.
U.S. Federal Trade Commission: Includes prevention and recovery tips. Also offers free publications in bulk.
Identity Theft Resource Center: Includes tips for students and parents.
Finally, it’s important to remind students that protecting their identities is important to their college career and future. Your identity is one of your most important assets.
A Campus Police Officer’s Guide on How to Help Protect Against Identity Theft
As a college law enforcement official, you know that your job is to keep the campus safe and secure. Helping students protect themselves against identity theft may be a crucial part of that.

Here’s a check list of things you might do:

Be familiar with A Student’s Guide to Help Protect Against Identity Theft. It will help you understand how identity theft happens in college, and how you can help students minimize the risk.
Encourage safe practices: Consider reminding students that campus theft often involves the loss of personal information—whether it involves a wallet, computer or personal documents.
Consider a policy for protecting lost devices, such as computers and cellphones that have been turned in to the campus police department. Establish a protocol for making sure the devices get back to their rightful owners.
Become an active partner in protecting against identity theft. Develop and distribute materials about what students can do avoid identity theft.
Encourage students to lock their dorm rooms or apartments when they’re away.
Point student to resources that can help provide additional information related to identity theft. Here are three good ones:
U.S. Department of Education: Offers identity-theft prevention tips and materials.
U.S. Federal Trade Commission: Includes prevention and recovery tips and facts about identity theft. Also offers free publications in bulk.
Identity Theft Resource Center: Includes tips for students and parents.

The post A Student’s #Guide on How to Help #Protect Against #Identity Theft appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

New #bill could let #companies #retaliate against #hackers

Source: National Cyber Security – Produced By Gregory Evans

New #bill could let #companies #retaliate against #hackers

– A new proposed bill could make it legal for companies to retaliate against hackers.

Dubbed the “hack back” bill, it was introduced last week to allow businesses to hack the hackers who’ve infiltrated their computer networks.

Called the Active Cyber Defense Certainty (ACDC) Act, it amends the Computer Fraud and Abuse Act anti-hacking law so a company can take active defensive measures to access an attacker’s computer or network to identify the hackers, as well as find and destroy stolen information. It was introduced by two U.S. Representatives, Tom Graves, a Georgia Republican, and Kyrsten Sinema, an Arizona Democrat.

“I’ve heard folks say this is like the Wild West what we might be proposing, but in fact it’s not,” Graves told CNN Tech’s Samuel Burke in an interview. “We are already dealing with the Wild West and there’s a lot of outlaws out there but we don’t have a sheriff, we don’t have a deputy and all we were asking for is a neighborhood watch.”

But security experts warn the legislation could have serious consequences if passed.

According to digital forensics expert Lesley Carhart, the fundamental problem with the idea is that a majority of organizations who would want to hack back aren’t qualified to do so responsibly. It often takes a long time to correctly identify who was responsible for a hack.

“In cybercrime and in nation state attacks, there are often lots of attempts to mislead and confuse researchers analyzing the attack timeline or malware,” Carhart said. “A savvy bad guy could fairly easily emulate an innocent third party, and draw down the wrath of unskilled analysts on them.”

One way researchers place blame on a person or group for a hack is by looking at the evidence left in code. For example, researchers found similarities between the WannaCry code and malware created by Lazarus group, a hacking operation that has been linked to North Korea, earlier this year. Intelligence agencies later connected the country to the massive ransomware attack.

But it’s not uncommon for hackers to spoof that evidence and try and trick analysts into thinking it came from somewhere else, such as putting code from known hacking groups, or innocent third-parties, into their malware.

The bill says active defense measures could only be taken inside the U.S., which means it would have limited benefit. A majority of attacks are based outside the country or route their attacks through servers overseas so it looks like they’re coming from overseas, said Amanda Berlin, author of the Defensive Security Handbook.

Companies would also be required to alert the National Cyber Investigative Joint Task Force, an organization led by the FBI, before trying to hack their hackers. The agency could also review active defensive measures before they’re taken.

The FBI and other law enforcement agencies are already involved in investigating and prosecuting cybercrime. They work closely with major security firms and companies impacted by breaches. However, a relatively low number of businesses in the private sector report ransomware, a common and lucrative cyberattack.

Carhart says poking around in a hacker’s network could impede law enforcement investigations and court proceedings by potentially contaminating evidence.

The FBI defense review also introduces some thorny foreign retaliation issues. Kristen Eichensehr, assistant professor at UCLA School of Law, explained in Just Security, a national security publication.

“The FBI’s participation in the review process may trigger the U.S. government’s international legal responsibility for actions of private actors,” she wrote.

However, some firms already engage in hacking back, despite the illegality. Graves said the bill could put some parameters on that behavior.

“Word on the street is many companies are already doing some of these things,” Graves told Burke in an interview. “They know, you know, and I know that they are doing is illegal. What we would be doing is bringing clarity to what some might already be doing and what tools might be successful.”

He also said he hopes additional tools will be developed by the security community that can protect people from hackers.

Some experts believe resources may be better spent elsewhere than through retaliation. According to Berlin, companies should invest in their existing infrastructure to prevent hacks in the first place.

“So many corporations get the basics wrong, or skip steps to spend money on some fancy blinky box that’s supposed to protect them from everything,” Berlin said.

This year’s most serious hack was not sophisticated. Equifax failed to patch a software hole despite a fix existing for months before hackers compromised data on 145.5 million people.

To keep systems secure, Berlin advised companies to remove non-essential machines from direct internet access, and patch early and often to prevent hackers from exploiting known holes. If something can’t be updated or fixed, it should be separated from other networks.

Experts warn that hacking back could also hurt innocent third-parties.

Consider Mirai, a massive botnet that turned connected home devices into an army of zombie computers controlled by one attacker. If a company was attacked by a botnet like Mirai and tried to hack back, they could be hitting an innocent family’s network connected to a security camera, instead of the real person behind the attack.

“I’m afraid it will take us back to ancient Babylon and Hammurabi code which called for an eye for an eye and a tooth for a tooth,” said Bassel Ojjeh, cofounder and CEO of security firm LigaData. “And everyone at this rate will go blind.”

The post New #bill could let #companies #retaliate against #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

10 Approaches You Can Take To Shield Yourself Against Ransomware Attacks

Source: National Cyber Security – Produced By Gregory Evans

The WannaCry attack earlier this year is one of the more notable ransomware attacks in recent memory. The attack, which hit everything from home users to the United Kingdom’s National Health Service, locked key data inside an encryption and then demanded bitcoins in exchange for the key to the data….

The post 10 Approaches You Can Take To Shield Yourself Against Ransomware Attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Safeguarding SMB Customer against Sophisticated Cyberattacks

Source: National Cyber Security – Produced By Gregory Evans

Cybercrime or cyberattacks has become a major concern for the economies across borders, ranging from states, corporates giants, small and medium industries, and even individuals at home. The driving force behind frequent and sophisticated cyberattacks at all levels of organizations, pertains to the idea–what cyber criminals gain? The primary focus…

The post Safeguarding SMB Customer against Sophisticated Cyberattacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybercrime proliferates against banks, other businesses

Keep employees off the Internet and have workers avoid clicking on any attachment or link in an email. Those are the only sure ways to avoid cyberattacks, according to three experts who spoke today at the North Bay Business Journal’s conference on cybersecurity in Rohnert Park. Maybe it sounds severe… View full post on National Cyber Security Ventures

Hydro Ottawa integrates cybersecurity into practices to guard against emerging threats

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Preventing outages and restoring power usually invokes images of work crews clearing fallen trees and connecting wires atop utility poles. But behind the scenes, Hydro Ottawa has a highly skilled cybersecurity team protecting the city’s electricity grid. “It used to be that physical security was the […] View full post on AmIHackerProof.com | Can You Be Hacked?

W.H. cybersecurity coordinator warns against using Kaspersky Lab software

Source: National Cyber Security – Produced By Gregory Evans

Rob Joyce, the Trump administration’s cybersecurity coordinator, said Tuesday the U.S. is lacking 300,000 cybersecurity experts needed to defend the country. He also had a warning for the public about using software from Kaspersky Lab. U.S. officials believe the company has ties to the Kremlin — and the federal government…

The post W.H. cybersecurity coordinator warns against using Kaspersky Lab software appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures