cybercrime

now browsing by tag

 
 

#hacking | Russian Cybercrime Boss Burkov Pleads Guilty — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | Police in states across India are relying on private firms and consultants to solve cybercrime cases

Source: National Cyber Security – Produced By Gregory Evans Cyber forensics firms, such as Volon and AVS Labs, are increasingly being asked to crack cases of cybercrime, even as law enforcers build their own teams of cyber intelligence experts. Take this recent instance. A businessman was accused of deceit in a deal, and a court […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | What’s been done to fight cybercrime in East Africa

Source: National Cyber Security – Produced By Gregory Evans

East Africa attracts millions of tourists every year. Over the past 10 years, its earnings from tourism have doubled. Compared to the rest of Africa, the region is experiencing healthy economic growth. This makes it a promising investment destination.

Factors like regional tourism, movement of workers and technology development have catalysed East African integration and cross-border banking.

Many cross-border banks originate from Kenya with branches across the region. One example is Kenya’s Equity Bank, which relies heavily on digital technology. The digital space has many positive attributes but the threat of cybercrime and insecurity is prevalent.

Uganda lost 42 million shillings to cybercrime in 2017. In 2018, Rwanda lost 6 billion francs. In Kenya, between April and June 2019 alone, the country experienced 26.6 million cyber threats.

Across the region, with the increase of digital banking, financial institutions have become targets. These institutions are attractive to cyber criminals because they hold the biggest cash reserves. Africa’s digital infrastructure is ill-equipped to manage the continent’s growing cyber-security risk.

Equity is a pioneer in online and mobile banking with technology that merges banking and telephony. However, it recently suffered a cyber-attack. Last month, Rwandan authorities arrested a cybercrime syndicate comprising eight Kenyans, three Rwandans and a Ugandan. The syndicate had attempted to hack into the Equity Bank system. The group has been involved in similar attacks in Kenya and Uganda.

Early in the year, Kenya’s director of criminal investigation issued warrants of arrest against 130 suspected hackers and fraudsters for alleged banking fraud.

These incidents show that financial losses to cyber insecurity are a growing threat to East Africa’s economy.

Cybercrime occurs through the use of computers, computer technology or the internet. It often results in identity theft, theft of money, sale of contraband, cyber stalking or disruption of operations.

Within East Africa, Kenya, Rwanda and Uganda are taking steps to manage the huge cybercrime risk. But the cyber attack on Equity Bank is proof that these countries need to do more to protect their financial institutions from massive losses going forward.

Regional instruments

The African Union’s Convention on Cyber Security and Personal Data Protection is East Africa’s overarching policy guideline on cybercrime. It was adopted by member states in 2014. The Convention is similar to the Council of Europe’s Cyber Crime Convention which established a cyber security on the European continent.

Rwanda signed the Convention earlier this year, but it’s the only East African country to have done so.

The Convention requires member states to share responsibility by instituting cyber security measures that consider the correlation between data protection and cybercrime. These measures will keep data safe from cyber criminals and preempt its misuse by third parties. It also encourages the establishment of national computer emergency response teams.

The Convention advocates closer cooperation between government and business.

The Convention also creates a provision for dual criminality. This means that cybercrime suspects can be tried either in the country where the crime was committed or in their home country. This provision is meant to ensure smooth cooperation and sidestep any conflict of laws.

There is also a provision on mutual legal assistance. This allows for member states to share intelligence and collaborate on investigations.

Even though Uganda and Kenya aren’t yet signatories, they have nevertheless been establishing legal and policy frameworks provided for under the convention. Rwanda is doing so too, and as a signatory is one step ahead.

Rwandan approach

In 2015, Rwanda came up with a national cyber security policy that established a National Computer Security and Response Centre. The centre detects, prevents and responds to cyber security threats. And in 2016, the Regulatory Board of Rwanda Utilities rolled out network security regulations to protect the privacy of subscribers. They also empower the government to regulate and monitor internet operators and service providers.

The country also has a National Cyber Contingency Plan to handle cyber crises.

Further, Rwanda’s telecom network security regulations require service providers to secure their services by protecting their infrastructure. Every service provider must be licensed and must guarantee the confidentiality and integrity of their services. They must also set up incident management teams. These teams work with the government to manage cyber security threats effectively.

Additionally, Rwanda passed an information and communication technology law in 2016. This contains provisions on computer misuse and cybercrime which criminalise unauthorised access to data.

The country has managed to build the foundations of a strong regulatory framework. It has also taken measures to raise awareness around cyber security. In fact, in the attack on Equity Bank, the authorities acted on a tip from members of the public.

Kenyan measures

In 2014, Kenya launched its National Cyber Security Strategy to raise cyber security awareness and equip Kenya’s workforce to address cyber security needs.

In line with this strategy, Kenya amended its information and communications law to criminalise unauthorised access to computer data.

Kenya has also set up a national computer incident response coordination centre to consolidate key cyber infrastructure and create pathways for regional and international partnership.

Generally, Kenya has a robust cyber security policy which includes a legal and regulatory framework. The result has been that impending cyber attacks are discovered before massive damage is done and ongoing attacks are rapidly arrested.

Uganda’s security

Uganda has legislation to protect cyber security. This includes the Computer Misuse Act which ensures the safety and security of electronic transactions and information systems, and the Regulation of Interception of Communications Act to monitor suspicious communications. It also has a national computer emergency response team.

This regulatory framework is similar to those in Kenya and Rwanda. But in addition, Uganda has a National Information and Technology Authority that provides technical support and cyber security training. It also regulates standards and utilisation of information technology in both the public and private sectors. These measures have boosted the countries’ cyber security strategy.

While Uganda has these measures in place, Kenya and Rwanda are two of the top three cyber secure countries in Africa.

Moving ahead

Kenya, Uganda, and Rwanda have taken solid steps to harmonise cybersecurity processes, data protection, and collaborative prosecution and investigation measures.

They have criminalised cybercrime and established frameworks to manage cyber attacks. International cooperation within the region has also enhanced cyber security.

Source link

The post #nationalcybersecuritymonth | What’s been done to fight cybercrime in East Africa appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Cybercrime Triples in Scotland – Infosecurity Magazine

Source: National Cyber Security – Produced By Gregory Evans

The number of cybercrimes recorded by the Scottish police has more than tripled in a year, according to Scottish newspaper The Herald.

In an article published yesterday, the paper said that new statistics released by the force show that from April to September this year, 4,495 cybercrimes were recorded, including stalking, sexual crimes, and fraud. 

The figures represent an increase of 315% when compared to the same time period in 2018. 

The total figure of recorded cybercrimes could climb higher as data has not yet been received from all divisions. 

Police told the Scottish newspaper that the jump in recorded cybercrimes could be down to better detection and identification techniques rather than a sudden electronic crime-wave. 

“We did not have the means with some of the legacy technology to adequately capture the digital element of all the things that are happening. Now with a bit more sophistication, we can capture the digital nature of a whole series of different crimes,” said Deputy Chief Constable Malcolm Graham.

The Scottish police are currently running a “Tag it, Mark it, Log it” campaign to encourage officers and staff to identify and mark any crimes that are found to have a cyber-element.

Graham said: “There is not an offense of cybercrime, so we are looking at other crimes that have a digital element.”

Graham said that cybercrime had moved far beyond the public perception of targeted attacks and was now closely interwoven with almost all forms of criminality.

“It’s without boundaries. The victims and the perpetrators are not necessarily going to be in the same place. It might be domestic abuse, it might be an organized crime group based in the same area.” 

“But the growing experience is that the victims and the perpetrators are dislocated, nationally, and potentially internationally, so a big element of this is our ability to work with other national and international law enforcement agencies, the National Crime Agency, the security services, and to grow that cooperation to sharing info we need so people in other jurisdictions can be held to account.”

According to Graham, of all the crimes the modern police face, “the vast majority” feature an electronic or digital element either in their execution or in their detection.

“Every crime type certainly could have a digital footprint. I am not saying every single crime would. But there is always going to be some element of evidence that is digital,” said Graham.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Cybercrime Triples in Scotland – Infosecurity Magazine appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | National Cyber-Crime Awareness celebration ends

Source: National Cyber Security – Produced By Gregory Evans By Gifty Amofa/ Eric Appah Marfo, GNA Accra, Oct. 26, GNA – The 5-day celebration of the National Cyber-Crime Awareness Month has come to an end with a call on citizens to be extra-cautious when using the internet. The media was also called to avoid being […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | GLACY+: Inter-Ministerial Round Table on cyber security and cybercrime in West Africa, Ghana an ECOWAS best practice

Source: National Cyber Security – Produced By Gregory Evans

An Inter-Ministerial Round Table on cyber security and cybercrime in West Africa was held in Accra, Ghana, as high-level event of the Climax Week of the National Cyber Security Awareness Month. The meeting gathered together Ministers, diplomats and other dignitaries of countries from the ECOWAS Region, including Ministers from Ghana, Guinea Bissau, Liberia, Niger, Sierra Leone. The meeting was chaired by the Minister for Communication of Ghana, co-chaired by ECOWAS and the Council of Europe, and attended by additional participants coming from Embassies of Burkina Faso Togo and Benin, Ministry of Communications of Nigeria, U.S. Department of State, UK High Commission.

 

A declaration was prepared in the end of the meeting, reporting the main take aways of the day, and will be formally submitted by the Ghanaian government to the next gathering of the ECOWAS Technical Committee.

 

During the meeting, ECOWAS Commission endorsed Ghana as the champion in the region on cyber security and cybercrime matters, requesting the country to act as “ambassador” in the field and share best practices with neighboring countries.

 

Source link

The post #nationalcybersecuritymonth | GLACY+: Inter-Ministerial Round Table on cyber security and cybercrime in West Africa, Ghana an ECOWAS best practice appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | How compromised emails enable cybercrime and real estate scams — Quartz

Source: National Cyber Security – Produced By Gregory Evans The CEO of an unidentified Swiss company was scammed out of nearly $1 million by a multinational fraud ring, according to a criminal complaint unsealed last week in federal court. The executive, who is identified in the filing only as “S.K.,” was in the process of […] View full post on AmIHackerProof.com

#cybersecurity | #infosec | Smashing Security #153: Cybercrime doesn’t pay (but Uber does)

Source: National Cyber Security – Produced By Gregory Evans The cybercrime lovebirds who hijacked Washington DC’s CCTV cameras in the run-up to Donald Trump’s inauguration, the truffle-snuffling bankers at the centre of an insider-trading scandal, and the hackers that Uber paid hush money to hide a security breach. All this and much more is discussed […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | Disputes, Issue 1: Cybercrime: beware the business email compromise

Source: National Cyber Security – Produced By Gregory Evans Over the past three years, the “business email compromise” has become one of the most common, vexing, and financially injurious forms of cybercrime. On any given day, companies around the world and across industry sectors are finding themselves the victim, the pawn or both in cybercrime […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | American Consumers Recognize Their Role in Preventing Cybercrime, are Bothered by Perceived Inconveniences of Advanced Security

Source: National Cyber Security – Produced By Gregory Evans

BROOKFIELD, Wis.–(BUSINESS WIRE)–

55% of consumers understand they need to do more to protect their personal data; but 59% are bothered by temporary inconveniences of advanced security measures

Only 45% of consumers have received formal cybersecurity training from their employer

According to the 2019 Cybersecurity Awareness Insights Study released today by Fiserv, most Americans consider themselves at least somewhat informed of cybersecurity threats, yet many fall short at proactively protecting their personal data. Despite this lack of action, more than half (55%) of American consumers understand they need to do more to protect their data, presenting significant opportunity for businesses to reinforce best practices.

Conducted in the summer of 2019 and originally commissioned by First Data, now Fiserv, the study gathered insights from 1,005 Americans ages 18 to 73. The study explores how aware American consumers are of online privacy and security risks, and how they behave when it comes to protecting themselves from cyber threats.

“While cybercrime continues to grab headlines, our study shows that many Americans have not taken action to protect themselves, and the majority say they are bothered by temporary inconveniences brought about by advanced security measures,” said Jay Ablian, Head of Merchant Security and Fraud Solutions, Fiserv. “There is a clear opportunity for businesses to educate consumers and employees to help them understand both the potential impact of inaction and how security measures are designed to protect them.”

Consumer Awareness

The more consumers know, the better they’re able to protect their personal information online. According to the 2019 Cybersecurity Awareness Insights Study, 75% of consumers consider themselves at least somewhat informed of cybersecurity threats. In addition, 55% of respondents understand they should do more to beef up their online security – especially when using social media, online banking, or online shopping.

Despite this, more than half of consumers can be classified as ambivalent, in denial, or oblivious to cybersecurity risks, with only 6% currently taking the steps needed to proactively protect themselves.

Consumer inaction may be driven by perceived inconveniences. To that end, 59% of consumers report they are bothered by temporary inconveniences brought about by advanced security measures that help ensure higher levels of protection.

Consumer Behavior and Data Protection

Although many consumers consider extra cybersecurity precautions a hassle, they are taking some steps to protect themselves. According to the study, dodging inbound phishing attempts is a strong suit of consumers, but additional vigilance around password security is needed:

  • The top measure consumers take to protect themselves is refusing to click email links or open attachments from people they don’t know, cited by 61% of consumers
  • On the other hand, changing passwords is a cybersecurity step 42% of consumers take only if they are required to
  • Of consumers surveyed, 33% have a go-to password they modify slightly to meet password requirements, and 20% use names of significant people, places or pets. Neither of these methods is considered a best practice.

Cybersecurity Awareness at Work

Consumers often look to their employer to provide cybersecurity training, but aren’t always getting the support they expect. Fifty-eight percent of consumers said their employer sends regular cybersecurity updates, and 45% said their employer offers formal cybersecurity training. Of consumers who aren’t provided cybersecurity training, only 9% said their employer has a plan in place to do so.

Employers have a vested interest in cybersecurity awareness, as educated employees can secure their own information and that of the business. Best practices for employers launching their own cybersecurity training include:

  • Emphasize education at work Ongoing education about new cybersecurity threats equips employees to recognize them and understand potential implications
  • Encourage lockdown at home – Employees can secure their home networks, starting with changing all default passwords – especially for internet routers. Those with families can teach children about the dangers of cybercrime
  • Keep information out of the public eye – Whether on personal or business computers, covering up screens when entering passwords and credentials in public areas helps keep information safe.

Additional Resources

About Fiserv

Fiserv, Inc. (FISV) aspires to move money and information in a way that moves the world. As a global leader in payments and financial technology, the company helps clients achieve best-in-class results through a commitment to innovation and excellence in areas including account processing and digital banking solutions; card issuer processing and network services; payments; e-commerce; merchant acquiring and processing; and the Clover® cloud-based point-of-sale solution. Fiserv is a member of the S&P 500® Index and the FORTUNE®500 and is among the FORTUNE Magazine World’s Most Admired Companies®. Visit fiserv.com and follow on social media for more information and the latest company news.

FISV-G

View source version on businesswire.com: https://www.businesswire.com/news/home/20191016005304/en/

Source link

The post #cyberfraud | #cybercriminals | American Consumers Recognize Their Role in Preventing Cybercrime, are Bothered by Perceived Inconveniences of Advanced Security appeared first on National Cyber Security.

View full post on National Cyber Security