now browsing by tag


#nationalcybersecuritymonth | What I taught 60,000 NASA employees about cybersecurity

Source: National Cyber Security – Produced By Gregory Evans Working for NASA is a big job and a true honor. Every day, the talented men and women of NASA must think on a cosmic level because it’s not just about space exploration and research. Sometimes it’s about planetary safety, such as their plan to destroy […] View full post on AmIHackerProof.com

#cybersecurity | hacker | Former Twitter employees charged with using access to spy for Saudi Arabia

Source: National Cyber Security – Produced By Gregory Evans

A pair of former
Twitter employees – one an engineer and the other a media partnership manager –
were busted for accessing users’ account and personal data on behalf of Saudi
Arabia to ferret out opponents of the kingdom.

Engineer Ali Alzabarah and manager Ahmad Abouammo were charged with operating within the U.S. as agents of a foreign power, the Justice Department said Wednesday. In charges filed in a San Francisco court, the FBI noted the two defied Twitter policies and used their “access to proprietary and confidential Twitter information,” including the email addresses, phone numbers, birthdates and IP addresses of Twitter users, on behalf of the Saudi government. Abouammo is linked to Saudi Crown Prince Mohammad bin Salman (MbS), who U.S. intelligence officials say ordered the murder of journalist Jamal Khashoggi.

“The criminal complaint unsealed today alleges
that Saudi agents mined Twitter’s internal systems for personal information
about known Saudi critics and thousands of other Twitter users,” U.S. Attorney
David L. Anderson said in a statement. “U.S. law protects U.S. companies from
such an unlawful foreign intrusion. We will not allow U.S. companies or U.S.
technology to become tools of foreign repression in violation of U.S. law.”

The Justice
Department charges lay out a scheme in which Abouammo spied on three Twitter
accounts while Alzabarah accessed 6,000 accounts to suss out Saudi dissidents
and activists in the U.S. who opposed Saudi Arabia’s policies in exchange for
monetary compensation.

A third man,
Ahmed Almutairi, who worked for a social media firm associated with the Saudi
government, served as an intermediary and is being sought by authorities. Alzabarah
and Almutairi are both Saudi citizens while Abouammo is a citizen of the U.S.

recognize the lengths bad actors will go to try and undermine our service,”
Twitter said in a statement. “Our company limits access to sensitive account
information to a limited group of trained and vetted employees.”

The charges
were first reported
by the Washington Post.

Original Source link

The post #cybersecurity | hacker | Former Twitter employees charged with using access to spy for Saudi Arabia appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Payroll Fraud: A Growing BEC Threat to Businesses and Employees Alike

Source: National Cyber Security – Produced By Gregory Evans The FBI reports that direct deposit change requests increased more than815% in 1.5 years $8.3 million. This number represents the total reported losses due to payroll diversion schemes that were reported to the FBI’s Internet Crime Complaint Center (IC3) between Jan. 1, 2018 and June 30, […] View full post on AmIHackerProof.com

Employees for #city of #Atlanta allowed to #turn #computers back #on

Employees for the city of Atlanta who haven’t been allowed to turn on their computers after a major hack put the city at risk last week are now being allowed back online.

Atlanta Mayor Keisha Lance Bottoms says teams of city IT experts and outside companies are still trying to diagnose what happened during the cyberattack that has crippled the city’s computer systems and left business at a standstill.

The computers at City Hall were turned off for several days and experts believe the hackers gained access to computers systems through a remote portal.

The attack continues to cause all kinds of problems and is frustrating people who are trying to conduct business with the city. It’s a big pain for people like Eulises Wimberly, who needed to take care of business at municipal court.

“They didn’t tell me anything. They just gave me this piece of paper here to reschedule my appointment again. I feel kind of bad because I had pay $30 for someone to bring me from Lawrenceville over here,” said Wimberly.

Wimberly isn’t the only one running into problems. Lauren Downer and her husband just bought a house and had to do everything the old fashioned way.

“My husband and I closed on our house Friday,” says Downer. “We had no water, the web site was down all weekend so we had no choice but to come in and ask to get our service turned on.”

Downer was able to physically fill out the paperwork needed for new service but it would’ve been much easier had the city website been operable.

City officials, including Mayor Keisha Lance Bottoms insist that critical systems that the police and fire departments use have not been affected so far but many other services are not available.

The mayor likened the cyber crisis to the water infrastructure crisis under Mayor Shirley Franklin’s administration, saying the digital infrastructure needs the same kind of emergency upgrade. The city’s computers have been idle except for those that can run off of hotspots and bluetooth. Everything else is pen and paper.

In addition to the FBI and Georgia Tech, the city has enlisted the help of an Atlanta-based computer company. They’re still trying to determine how the hacker got in. Even if they paid the ransom, they don’t know where the attack started. And that could mean attacks could happen over and over again.

Also, the mayor says there’s no evidence that anyone’s personal information has been compromised.


The post Employees for #city of #Atlanta allowed to #turn #computers back #on appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Many #employees know #little about #cybersecurity #threats

Companies are surrounded by cybersecurity threats, but many are not making it a priority to educate employees about them, a survey says.

Nearly half (46%) of entry-level employees don’t know whether their company has a cybersecurity policy, according to research firm Clutch.

The survey demonstrated a lack of awareness that can put companies at risk for IT security breaches. Nearly two-thirds of employees (63%) said they don’t know whether the quantity of IT security threats their companies face will increase or decrease over the next year. Additionally, among entry-level employees, 87% said they don’t know how the number of threats will shift in the next year.

The survey also found that employees are less likely to recognize IT services as the primary area of security vulnerability at their company. Instead, they cited theft of company property as the primary threat to company security, ahead of unauthorized information and email phishing scams.

The findings are a bit ironic, because “most cyberbreaches are caused by employees, inadvertently,” Robert Anderson, co-chair of the cybersecurity and data privacy group at Lindabury, McCormick, Estabrook & Cooper, P.C., told FierceCEO.

“There is a tendency for businesses to not put the emphasis on employees, but they are the greatest vulnerability,” Anderson said.

Read More….


The post Many #employees know #little about #cybersecurity #threats appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

How #Facebook’s Annual #Hacktober Campaign Promotes #Cybersecurity to #Employees

Source: National Cyber Security – Produced By Gregory Evans

While the word “cybersecurity” may evoke thoughts of highly sophisticated attacks that require fancy computing equipment and skilled hackers, the reality is that most attacks — especially in a corporate environment — involve simpler strategies that depend upon one thing: exploiting human behavior.

Most companies are hard at work building technology to better protect themselves and their users or customers. But technology can only get us so far. People are the most important factor in any company’s cybersecurity strategy, and investing in security engagement goes a long way in helping companies reduce the probability of a breach.

Facebook runs security engagement programs year-round, but the most important tool in our arsenal is Hacktober, an annual, monthlong tradition each October designed to build and maintain a security-conscious culture. It’s our version of National Cyber Security Awareness Month, a campaign to get people involved in cyber security and play their part in making the internet safer and more secure for everyone.

Hacktober has a number of different elements, from phishing tests and marketing campaigns to contests, workshops, and expert talks. Participation is not mandatory, but we find that about one-third of employees participate in at least one activity over the course of the month. Everything is designed to remind our employees how to protect themselves, our company, and the millions of people who use Facebook every day.

Security awareness can be engaging rather than scary — or worse, boring. If we create an interactive and fun environment around security, people will learn important security lessons and retain them throughout the year.

At Facebook, we take a “hacker” approach to security awareness because that ethos is a core part of our culture, which means it resonates with our employees. One of the best examples of this is our Capture the Flag (CTF) competitions.

CTFs are computer-based competitions that allow people to practice securing machines and defending against mock cyber security attacks. We know many of our employees enjoy solving complex problems in a competitive environment, and CTFs give us a way to create that type of fun, competitive atmosphere around security education. This year we deployed two versions: a jeopardy-style CTF where challenges could be solved by doing research and an attack-defense CTF that relied on real-world attacks and exploits. The CTFs were hosted on our open-sourced platform, and the challenges were designed by a cross-functional team of security engineers each with a specialized skill set (mobile application security, Windows security, and so on) to ensure a well-rounded CTF experience.

In the spirit of keeping things fun and engaging, we also offered a series of lighter events that reflected our hacker culture, like hands-on lock picking classes. And to generate buzz around all of our activities and keep our employees engaged, we offered Hacktober-branded “swag” — T-shirts, hats, stickers, and magnets —designed in the “Hack-o-lantern” branding we’ve established over the last seven years.

All employees should feel comfortable talking about security. Everyone should be able to raise concerns without hesitation, even if their role in keeping our company safe may not be so obvious.

We believe all employees must participate in keeping Facebook a safe, secure place on internet. Over the course of Hacktober, we run a series of “hacks” such as phishing emails and rogue authentication pushes that help us assess the response of our employees to these simulated attacks. We also hold informal fireside chats with speakers like Condoleezza Rice, the former U.S. secretary of state and renowned expert on geopolitical risk. Her joint talk with Facebook CSO Alex Stamos gave people an opportunity to hear about the evolution of nation state–sponsored cyberattacks.

To mitigate the risk of human error, companies need to broaden their definition of security. Hacktober isn’t just about “cyber” security. It’s also about the physical security and safety of our employees. We partner with our physical security colleagues to provide training classes for employees, such as a travel safety course geared toward female employees, and use Facebook to share training videos on the threat of tailgating.

Employees should know the people who work on our security teams. And they should understand their role in protecting people on Facebook.

Facebook has grown over the years, which means the process of identifying and communicating with members of the security team can be challenging. We tried to simplify this by creating a security help form on our intranet as well as offering tours of our Global Security Operations Center. We also promote our security work through a massive marketing campaign: We built a dedicated microsite for people to visit and learn about different activities, and promoted it with Hacktober posters, resource cards, and coffee sleeves. We also created an internal Hacktober Facebook group where employees could post questions, provide feedback, collaborate on CTF challenges, or just post their thoughts on current security topics or concerns.

Hacktober is also a great learning opportunity for the security team. The microsite served as a data source for us to find out what people are most interested in, but we’re constantly tracking metrics that help us improve our programs — and we try to apply some of the lessons in real time. For example, we suspended this year’s phishing campaign in the middle of the month when our data showed a significant drop in people clicking on phishing links and an increase in the number of people reporting the phishing scams to the security team. In essence, we had achieved our goal of changing employee behavior and decided it would be better to allocate resources elsewhere.

Campaigns like Hacktober can be one of the most effective ways to assess social engineering risk and understand what types of human behavior your company or organization is most vulnerable to. Is it phishing? Weak passwords? Physical security? And what tools or tactics can your team deploy to address these threats?

We designed Hacktober to fit the culture and security needs of Facebook, but other companies can apply many of these principles as well. Just remember that any successful campaign must have support from senior leadership, align with the company culture, and take some of the fear out of the security conversation. Security education isn’t about shaming people for poor habits. It’s about rewarding positive behavior and fostering a security-conscious culture among your most critical resource: people.

Here’s how your company can create its own Hacktober:

  • Prioritize organization and branding. Facebook decorates its walls with posters with a distinctive “Hack-o-lantern” design and uses internal groups to share posts about Hacktober. Creating a unique identity for your awareness effort helps people identify it and find ways to get involved.
  • Partner with third-party organizations. The National Cyber Security Alliance is a great partner for security awareness work and offers ideas and content.
  • Recognize and reward engagement. Hacktober memorabilia like T-shirts and stickers are wildly popular at Facebook. Facebook employees who report suspicious activity or uncover one of our hacks are rewarded with one of these coveted prizes, which help drive awareness and incentivize others to get involved.
  • Run real-world security tests. Simple tests can go a long way toward reminding people to remain vigilant. We recommend things people would encounter in an average work day: sending spear-phishing emails (malicious emails that appear to come from a trusted source) or dropping USB drives around the office with fake malware, which teaches employees to think twice before plugging an unknown device into their computer.
  • Bring people together. Offer educational sessions with your security team, host interactive workshops, and run competitions and contests. You can even use the Facebook open-source CTF platform to run your own CTFs.
  • Keep it fun. Security doesn’t have to be scary. Facebook has invited families to its HQ for a safety-themed movie and pumpkin-carving night. These and other hands-on activities help educate people in a fun, casual environment.

The post How #Facebook’s Annual #Hacktober Campaign Promotes #Cybersecurity to #Employees appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Obtained #Access to #NSA Employee’s Home #Computer, #Kaspersky Lab Reveals

Source: National Cyber Security – Produced By Gregory Evans

Kaspersky Lab has updated its investigation on the hacking of a home computer used by an NSA employee.

MOSCOW (Sputnik) — Kaspersky IT security company has announced that access to information on the home computer of the employee of the US National Security Agency (NSA) could have been obtained by an unknown number of hackers.

According to the Kaspersky Lab probe that is linked to media reports about the company’s software allegedly having been used to search and download classified information from the home computer of a NSA employee, the user’s computer was infected with Mokes backdoor, a malware that allows the hackers to obtain access to a device.

“The malware… was a full blown backdoor which may have allowed third parties access to the user’s machine,” the Kaspersky Lab has stated.

However, it is possible that Mokes was not the only malware that infected the computer in question, the company said, adding that while Kaspersky software on the computer was enabled, it reported 121 alarms on different types of malware.

“The interesting thing about this malware is that it was available for purchase on Russian underground forums in 2011. Also noteworthy is that the command-and-control servers of this malware were registered to a (presumably) Chinese entity going by the name ‘Zhou Lou’ during the period of September to November 2014,” the statement explained.

Allegations Against Kaspersky Lab

The internal investigation by Kaspersky Lab was launched after The Wall Street Journal reported in October that a group of hackers allegedly working for the Russian officials had stolen classified data through the National Security Agency (NSA) contractor, which used antivirus software made by the Russian software producer.

Shortly later, the New York Times reported that Israeli intelligence services have hacked into the network of Kaspersky, and warned their US colleagues that the Russian government was allegedly using Kaspersky software to gain access to computers around the world, including in several US government agencies.

Both reports came a month after the US Department of Homeland Security ordered state agencies and departments to stop using Kaspersky Lab software within the next 90  days, with the company’s CEO Eugene Kaspersky refuting all the allegations spread by the media regarding the Russian cybersecurity company’s involvement in spying on US users through its products and calling such claims groundless and paranoiac.

When commenting on the situation in an interview to Die Zeit newspaper, Eugene Kaspersky has, “There is a feeling that we just had been doing our job better than others, that we had been protecting our clients better than others … Probably, someone in the United States is very unhappy about it.”

Most recently, Wikileaks has revealed that the CIA had written a code to “impersonate” Russia-based Kaspersky Lab, which had been used at least three times.

READ MORE: WikiLeaks: CIA Wrote Code to ‘Impersonate’ Russia-Based Kaspersky Lab

Kaspersky Lab is one of the largest private cybersecurity companies in the world, with its technologies protecting over 400 million users and 270,000 corporate clients.

The post Hackers Obtained #Access to #NSA Employee’s Home #Computer, #Kaspersky Lab Reveals appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Payday problems: Cyber thieves swipe paychecks from Atlanta school employees

Source: National Cyber Security – Produced By Gregory Evans

Atlanta Public Schools issued new paychecks to 27 employees who fell victim to what the superintendent called a phishing attack by cyber thieves. Superintendent Meria Carstarphen said Internet scammers stole $56,459 in payroll funds by rerouting direct deposit information from 27 unsuspecting employees. Another seven employees had their direct deposit…

The post Payday problems: Cyber thieves swipe paychecks from Atlanta school employees appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers Paint a Bullseye on Your Employees and Endpoints

Source: National Cyber Security – Produced By Gregory Evans

End users and their devices are right smack in the center of the battle between enterprise InfoSec teams and malicious hackers, and it’s not hard to see why. When compromised, connected endpoints — desktops, laptops, smartphones, tablets — offer intruders major entry points into corporate networks. However, end users are…

The post Hackers Paint a Bullseye on Your Employees and Endpoints appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers’ Little Helpers: Employees With Bad ‘Cyber-Hygiene’

Source: National Cyber Security – Produced By Gregory Evans

On this year’s list of top 10 policy and technology priorities, the National Association of State Chief Information Officers (NASCIO) named cybersecurity No. 1. When people think about cybersecurity, they often focus on the vulnerabilities of hardware and software systems. For example, as Governing reported in late July, “several local…

The post Hackers’ Little Helpers: Employees With Bad ‘Cyber-Hygiene’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures