now browsing by tag
Some industries, like financial services and healthcare, have been targets of cyberattacks since day one. For years, manufacturing seemed far less interesting to hackers, and even C-suite executives at these companies weren’t particularly worried about the risk of attack. However, all that’s changed now that the Internet of Things (IoT) dominates production systems across the manufacturing industry. Although these devices have helped to usher in the era of “smart” manufacturing, they’ve also dramatically expanded the attack surface across global manufacturing systems. One study revealed an average of 5,200 attacks per month on IoT devices in 2018 alone.
Cyberthreats like NotPetya, WannaCry, Stuxnet, and EKANS are constantly evolving and targeting companies in every industry around the world. But the biggest risk to manufacturing companies is that few of these organizations are truly prepared to counter these types of threats. Here are some of the top risks manufacturers face today:
- Extended downtime: While intellectual property theft and ransomware are big threats to any company, the consequences of a major attack are often unique and can be devastating. For instance, a single attack could shut down a plant’s operations or even reconfigure machinery to produce faulty products without anyone realizing it until the human and business costs have skyrocketed. Although the true cost of downtime is hard to quantify, many factories lose an average of 5% to 20% of their productivity due to downtime.
- Longer recovery time: Consider that many manufacturers are actually smaller companies that produce parts for larger global enterprises. These smaller manufacturers often lack mature IT security practices to prevent a cyberattack, which not only makes it easier for hackers to infiltrate their systems, it may also make it much harder for these companies to restore operations impacted by a cyberattack.
- Loss of trade secrets: A manufacturing company’s systems and processes are often closely kept trade secrets. Guarding this information is not only critical for safety but also necessary to protect the company’s competitive advantage. However, the widespread use of always-on IoT devices offers bad actors countless ways to access devices and systems. Once hackers have gained access, they can potentially hack into the cameras in computers and mobile devices to surveil a physical location. They may also be able to gain access by stealing a third-party vendor’s credentials, which is why manufacturers must gain tighter control over their vendor privileged access management.
- Breach of customer confidentiality: For many hackers, customer data is a goldmine, which is why these systems are so frequently attacked. In one instance, cybercriminals breached a manufacturing company’s customer information system and installed malware that remained active for an entire year. The hackers were able to extract volumes of highly confidential customer data such as name, billing address, telephone number, payment card number, expiration date, and verification code. The malware was specifically designed to access victims’ shopping carts to access these details.
- Loss of reputation: Once a company’s data has been breached and customers have been impacted (either through production delays or loss of personal information), it’s extremely hard for a company to rebuild those relationships. The larger the deal, the larger the impact outages and delays can have on delivery dates across the supply chain. For manufacturers working with larger customers, a cyberattack that shuts down production can destroy not just the revenue from the deal, but also cause more financial damage from missing contractual agreements. While a company or customer may be entitled to compensation from a manufacturer, it’s much harder to repair the damage to a brand in a highly competitive and high-demand industry.
The good news is, there are solutions to help reduce the threat of malicious attacks through outside or third-party entities such as manufacturing partners and vendors. Stay tuned for our next blog, “Improve security in manufacturing with vendor privileged access management” to find out how!
In the meantime, to learn more about the risk of cyberattacks on manufacturing systems, download our infographic “The Top Remote Access Threats in Manufacturing.
The post Five ways cyberattacks put manufacturing systems at risk appeared first on SecureLink.
*** This is a Security Bloggers Network syndicated blog from SecureLink authored by Ellen Neveux. Read the original post at: https://www.securelink.com/blog/five-ways-cyberattacks-put-manufacturing-systems-at-risk/
View full post on National Cyber Security
#comptia | #ransomware | Spike in Texas cyberattacks against municipalities has City of SA in constant defense mode
SAN ANTONIO – Six months ago, cybercriminals attacked local government agencies in 23 Texas cities. The statewide attack brought the Lone Star State to the front and center of the discussion about cybercrime.
“Municipalities are always a target because we have very complex systems, broad responsibilities. Here in San Antonio, we have more than 40 departments and city services, almost 13,000 employees,” said City of San Antonio IT Director and Chief Information Officer Craig Hopkins.
Ransomware attacks in 23 Texas cities have officials taking preventive measures
Hopkins said he consistently prioritizes cybersecurity for those reasons and instead of training employees once a year, he sends out information once a month.
“Up to 95% of the incidents we have are usually driven by human error,” he said.
Hopkins teaches city employees about the main types of cyberattacks. He said “phishing” is the most common.
“Phishing basically says, ‘I want you to click on a link, and I want you to give up some information that you may not normally give. I can take over one account, and then I can impersonate you inside of your organization and move horizontally,’” Hopkins said.
He then explained a concept called “whaling.”
“Think of that as a big fish. People of a certain title, city manager, the chief financial officer — targeting them because if you can impersonate them, you can create influence over other people, so financial scams tend to come out,” Hopkins said.
Hopkins also warned about physical security, which can include people looking over your shoulder at confidential information, people calling your phone pretending to be someone else or people piggybacking into facilities where employees use an access card.
He said he could not go into specific technicalities of the city’s protective system, but he said all businesses should be taking preventive measures, especially agencies or companies with outdated systems.
Copyright 2020 by KSAT – All rights reserved.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans In late November the Avast Threat Labs team discovered cyberattacks that exploited Brazilian users’ routers to send them to phishing pages designed to look like actual websites the victim wanted to visit. In this case, sites included Brazilian banking, and news sites, as well as Netflix. […] View full post on AmIHackerProof.com
Infamous Internet villains Lizard Squad are at it again. A group of cybercriminals, who most notably target gaming servers with distributed denial of service (DDoS) attacks, have turned their attention to the United Kingdom’s political system. The cybercrime gang apparently have a particular disdain for the UK’s Labour Party, as they seem to be solely focusing their efforts on them. The first shots were fired, as the UK publication The Independent reports, when Lizard Squad admitted to the “sophisticated and large-scale” cyberattacks against Labour servers. According to party leader Jeremy Corbyn, the cyberattacks failed as the Labour servers have “robust security systems.”
The reasons that Lizard Squad gave for the DDoS attacks were posted on their Twitter account:
Today’s DDoS attack on the Labour Party is to show that no terrorist supporting government should allow to rule a country. Our botnet is connected to millions of devices around the world to enable more power to process such attacks.
Further tweets show the group acting like the trolls they are known to be in the hacking community, going so far as to taunt Jeremy Corbyn by stating:
@jeremycorbyn, noticed any changes in your bank recently?
It appears that, as the aforementioned tweet indicates, the group is now focusing in on the Labour leader exclusively. In private messages with The Independent, one member of Lizard Squad stated the following:
If Labour do win the election, you can expect the whole of the government and Labour websites to go offline… Jeremy Corbyn’s family members’ personal accounts have been compromised and their home internet is under a DDoS attack as we speak.
Lizard Squad has proven to be, in my opinion as a cybersecurity researcher and penetration tester, nothing more than trolls who want to sew chaos. Just imagine the morons on 4chan with a botnet and you get a pretty good idea of who Lizard Squad are. They don’t have many legitimate hacking abilities like APT28 or Lazarus. Rather, they merely exist to be a nuisance by employing DDoS attacks against high profile targets to get attention.
It is a double-edged sword reporting on them, as DDoS attacks against major targets cannot be ignored. But this gives the plonkers the exact attention they want. Whatever proposed political aims of these recent campaigns against the Labour Party are, it is highly likely that this is merely a smokescreen. Botnet users like Lizard Squad do everything for the lulz and not much else.
And we are laughing at them.
Featured image: Flickr/Emil
The post #hacking | Lizard Squad threatening UK Labour Party with cyberattacks appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans Article by Wontok product head Bruce Carney Never a day goes by without headlines of yet another cyber-attack, data breach or identity theft – even boardrooms have finally become familiar with terms like “ransomware” – an alien concept in the past that belonged to the “geeks […] View full post on AmIHackerProof.com
(ThyBlackMan.com) The world of cybersecurity is truly fascinating and scary in equal measure, and it is something which more of us need to be aware of, especially if you run a business.gave a talk at a conference recently about the aims and desires of hackers and cybercriminals, which was a essentially a cautionary tale which everyone must pay attention to. Bharat has seen it all in the world of cybercrime and he still witnesses things which shock and surprise him. To understand the importance of this we must first understand why people hack in the first place, and what they are looking for when they do so, let’s take a look.
Technically speaking the term ‘ethical hacking’ is used to refer to hackers who are recruited by a company to test out their cybersecurity for them. In this case however we are discussing hackers who are not hired by anyone, but who hack for their own ethical reasons. For example let’s say that a company decides to do business with a dubious company, some hacking groups may attack this company’s system to show their disdain and to cause them as many problems and public embarrassment as they can.
A huge number of hackers actually do this and get paid by one oftener clients for the work that they have done. Few hackers get into the game because of the criminality, but once they have amassed those skills which allow them to hack, criminal organizations and nefarious individuals realize what they are able to do and then try to sub-contract them for various types of hacks. It is actually rather difficult to steal money from a hack, which is why many do it as a paid-for service.
Surprisingly a huge number of the hacks which we see really have nothing to do with crime per se, but are in fact done by hackers who are trying to show off how good they are. There is a real sense of brinksmanship in the hacking community and each level of cybersecurity is seen as a challenge more than a deterrent. Whilst this may be harmless in terms of criminality, a hack such as this can still cause a big headache to many companies who will then have to review their systems and its security.
There is of course individuals who will hack with criminal intent, they may look to cause damage to a business or government system, or they may be looking to steal whatever they find once they have breached the system. This could be personal information, trade secrets or straight up cash, there is a huge amount that they will be able to obtain once they have successfully hacked into a system. These are the minority but they do present a very real danger to many companies and individuals.
This is something that is on the rise and it is something which you need to educate yourself about sooner rather than later.
Staff Writer; Rick Carter
The post #hacking | Bharat Bhise HNA – Understanding Why Hackers Commit Cyberattacks. appeared first on National Cyber Security.
View full post on National Cyber Security
The event in progress in Abu Dhabi on Monday.
Business Bureau, Gulf Today
In a collective effort to promote a secure and stable financial landscape in the UAE, UAE Banks Federation (UBF), in partnership with SWIFT, the leading provider of secure financial messaging services, on Monday hosted the ‘SWIFT Customer Security Programme (CSP)’ conference. The CSP conference, which took place in Abu Dhabi, witnessed industry experts coming together to discuss how the widespread implementation of SWIFT CSP can support banks in combating all types of threat of cyberattacks by equipping them with necessary information and tools to mitigate electronic financial frauds.
SWIFT CSP is an initiative aimed at reinforcing the overall security of the global banking system by improving information sharing throughout the community, enhancing SWIFT-related tools for customers, sharing best practices for fraud detection and enhancing support by third party providers. Through the programme, SWIFT has also recently launched the Customer Security Control Framework (CSCF), which outlines a series of compulsory and advisory security controls for customers, which can help them strengthen and improve cyber security standards across the UAE.
Commenting on the occasion, AbdulAziz Ghurair, Chairman of UBF, said: “On the back of accelerated technological innovation, the threat of cybercrime has significantly increased over the years, and the localised instances of payment fraud have reiterated the necessity for greater and more extensive partnerships to solve these issues. In line with our commitment to foster a safer and more protected banking environment across the UAE, we are delighted to collaborate with SWIFT to encourage the industry-wide adoption of the SWIFT CSP. Cybercriminals are becoming quickly smarter, and we are developing more sophisticated technologies that are becoming fundamental for banks to implement innovative platforms that promote improved transaction processes and provide relief and security for customers.”
Onur Ozan, Head of the Middle East, North Africa & Turkey, SWIFT, said: “With the Customer Security Programme, SWIFT is reinforcing the security of the entire global banking system. Worldwide, financial institutions are adopting SWIFT’s CSP as attackers prove increasingly determined and cunning. The CSP is delivering tangible results, supporting institutions in stepping up to this growing threat.”
The conference included several discussions focusing on SWIFT CSP and CSCF initiatives and the profound impact that such could have on finance and banking environment, emphasising the evolution of the payment landscape as a primary reason to adopt safer security measures.
Meanwhile, a meeting between members of the CEOs Advisory Council of the UAE Banks Federation (UBF) was held in Dubai to discuss recent developments, issues and advancements in the finance and banking sector in the UAE, with a particular focus on Emiratisation.
Directed by AbdulAziz Al Ghurair, Chairman of UBF, the meeting focused on a wide range of topics, including progress on existing UBF programs and initiatives, advances on Emiratisation efforts, findings and results from UBF’s latest Trust Index Survey, and the upcoming Middle East Banking Forum (MEBF) in November 2019.
Speaking on the occasion, AbdulAziz Al Ghurair said: “The astounding amount of change and transformation in the UAE banking industry means it is increasingly necessary for us to regularly hold these meetings, so that we may analyse key strengths, opportunities, and challenges in the sector. For this specific meeting we identified our priorities based on the current happenings in the financial and banking industry, as well as the overall larger economy. The recent announcement of the creation of more than 20,000 jobs for Emiratis in top-tier sectors, including banking, has driven us to focus on Emiratisation efforts within banks, and evaluate ways of working together to enhance the skills and expertise of UAE nationals. Additionally, we are confident that the banking sector will continue progressing and evolving in lieu of the highly positive results from the recently announce Trust Index Survey 2018.”
Distinctively positioned at the centre of the banking industry, which underpins the economy, UBF has a responsibility to support the UAE’s progressive vision to empower society at all levels. Whether it’s addressing the ever-changing challenges in the market, or developing the skills of UAE nationals to increase their recruitment to vital positions in the industry, UBF is continuously working towards a sustainable and diversified economy.
Current plans and initiatives in the banking sector focus on innovation and digitisation, and aim to provide easy access to multiple government and non-government services. From next month, banks will start adopting UAE Pass, a new mobile app which acts as a digital identity and digital signature solution, enabling individuals to conduct financial transactions, upload documents, validate documents and share data. The Emirates Digital Wallet, a tool aimed at promoting financial inclusion and driving a cashless society, is also being developed and will be launched soon.
The post #cyberfraud | #cybercriminals | Firms to combat cyberattacks and fraud in UAE banking sector appeared first on National Cyber Security.
View full post on National Cyber Security
A city government on the verge of shutdown, with multiple city departments not able to function because of a massive technology breakdown. A crippled municipal court system that has stopped working. Millions in lost revenue because residents can’t paying water bills, and vital communications like sewer and infrastructure repair requests can’t be processed. Finally, all electronic communication systems for first responders is rendered inoperable for several days. The cause is a powerful computer virus released into a city system by hackers demanding payment.
If this sounds like the newest plot from a Hollywood disaster movie, think again. It’s the reality of a cyber attack that recently hit the city of Atlanta, and is likely the first of many more that American cities, counties and states are likely to face.
Just two weeks ago, Atlanta was hit by a “ransomware” attack known as SamSam, nearly bringing down all city operations. The city continues to be hobbled by the attack, with many of its systems still not fully functional. Atlanta like most major cities was caught flat-footed and unprepared. Attempted ransomware attacks against local governments in the United States have become all too common. A 2016 survey of the International City/County Management Association (ICMA) for jurisdictions across the country found that one-quarter of local governments reported that they were experiencing attacks of one kind or another.
With such an ongoing threat, you would imagine that cyber-security would be a major priority for municipal government. Shockingly, less than half the local governments surveyed said they had a formal cybersecurity policy, and only 34 percent said they had a written strategy to recover from breaches.
Simply put, American cities are unprepared to deal with the reality of cyber-attacks.
Atlanta is certainly not alone with its cyber preparedness issues. Municipalities often have very limited technology budgets, with investments funneled to meet immediate tech needs rather than focusing on cyber defense. With limited money and expertise, implementing the most basic security practices can be challenging, let alone cutting edge defenses in this fast changing and evolving threat. Compounding the problem is that hackers aren’t necessarily attacking cities specifically, but they are simply looking at vulnerable sites with poorly protected governments an easy target.
Houston may be particularly vulnerable for an Atlanta-style attack.
Webroot, an internet security firm, analyzed the malware infection rates for 2016, to evaluate which communities were most vulnerable to cyber attacks. Houston was the No. 1 ranked city with more than 60,000 infected devices, making it potentially the municipality most likely subject to attack in the country.
Against this backdrop, what if anything can be done to keep Houston safe?
Houston has in many ways led on the issue of cyber-security and protection. One of the earliest cities in the country to have a chief information/technology officer, it has since 2013 also had a chief technology Security officer who is tasked with maintaining a consistent and uniform security plan for the city’s technical infrastructure. Houston, unlike many other cities, does maintain a formal cybersecurity policy that is updated on a real time basis.
What’s missing however, is the budgetary flexibility to quickly update systems and software. In today’s world cyber-security is critically important to our daily lives. We need to prioritize software and critical infrastructure updates in the same way we prioritize first responders with the resources to protect us.
The city continues to operate on outdated systems that are vulnerable to cyber-attack. If we don’t update our systems, we could find ourselves in the exact same position as Atlanta.
In the modern era, maintaining a strong cyber security system is as important as making sure we have adequate police and fire protection.
View full post on National Cyber Security Ventures
Criminal cyber-attacks on UK businesses increased last year, according to the annual report of the National Cyber Security Centre.
Firms face a growing threat from ransomware, data breaches and weaknesses in the supply chain, according to the report, published on Tuesday. Emerging threats include theft from cloud storage, which the NCSC argues too many businesses put their faith in.
“Criminals are launching more online attacks on UK businesses than ever before,” a summary accompanying the report said.
The NCSC, in effect the shop window for the government surveillance agency GCHQ, was set up in late 2016 amid alarm over potential attacks on UK institutions, infrastructure and businesses.
The report, Cyber Threat to UK Business Industry 2017-2018, is published to coincide with the opening of a organised by the NCSC, which is expected to attracted 1,800 cybersecurity experts from law enforcement, government and the private sector.
Ciaran Martin, head of the NCSC, said: “The last year has seen no deceleration in the tempo and volume of cyber incidents, as attackers devise new ways to harm businesses and citizens around the globe.
“The NCSC’s aim is to make the UK an unattractive target to cyber criminals and certain nation states by increasing their risk and reducing their return on investment.”
The report was written in collaboration with the National Crime Agency. Donald Toon, director of economic and cybercrime at the NCA, said: “UK business faces a cyber threat which is growing in scale and complexity. Organisations which don’t take cybersecurity extremely seriously in the next year are risking serious financial and reputational consequences.”
Under-reporting of cybercrime by businesses means crucial evidence and intelligence about threats and offenders can be lost. Toon called for full and early reporting of cybercrime.
by the NCSC show 34 significant cyber-attacks took place between October 2016, when the agency was launched, and the end of 2017. A further 762 attacks were less serious. “2018 will bring more of these attacks,” the report said.
It does not break down the figures to distinguish which attacks were purely criminal and which were state-sponsored. The report said that the distinction can be blurred, making attribution difficult.
Among the surveys cited was one by , which recorded a 91% increase in ransom attempts between the first and third quarters of last year.
Vulnerabilities highlighted in the NCSC report included the spread of the , which includes the interconnection of household appliances and other devices. “The internet of things and its associated threats will continue to grow and the race between hackers’ and defenders’ capabilities will increase in pace and intensity,” the report said.
“Many internet-connected devices sold to consumers lack basic cybersecurity provisions. With so many devices unsecured, vulnerabilities will continue to be exploited.”
The NCSC has also issued a warning over cloud security: “As more organisations decide to move data to the cloud (including confidential or sensitive information), it will become a tempting target for a range of cyber criminals.
“They will take advantage of the fact that many businesses put too much faith in the cloud providers and don’t stipulate how and where their data is stored. This could lead to high profile breaches involving UK citizen information.”
The report warns that no matter how good a company’s cybersecurity, it is at risk if this is not matched by the management of service providers and software, which can offer a potential stepping stone into the networks of thousands of clients.
“It is clear that even if an organisation has excellent cybersecurity, there can be no guarantee that the same standards are applied by contractors and third-party suppliers in the supply chain,” the report said. “Attackers will target the most vulnerable part of a supply chain to reach their intended victim.”
The post UK #businesses face #growing #threat from #cyber-attacks appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures