#infoSec

now browsing by tag

 
 

Simplicity should underpin enterprise security in a Covid-19 world: Magda Chelly surveys the global infosec landscape | #corporatesecurity | #businesssecurity | #

Responsible Cyber co-founder will focus on education, communication, and more at this year’s RSA Conference

Infosec recruitment flaws and adapting cybersecurity posture for a global pandemic are two notable topics being discussed at tomorrow’s virtual RSA Conference.

These themes will be the focus of three talks from Magda Chelly, head of cyber risk consulting for Marsh Asia.

She is a certified CISO, on the advisory board for the Executive Summit of Black Hat Asia 2020, runs a popular YouTube channel focused on cybersecurity, and has won a string of accolades for being a cybersecurity influencer. Chelly is also the co-founder of Singapore-based security-as-a-service company Responsible Cyber.

Speaking to The Daily Swig, Chelly gives the inside track on her RSA presentations and reflects on the global disparities in cybersecurity maturity and the career opportunities open to female infosec professionals.

How did you get into cybersecurity?

I started being interested in cybersecurity when I was doing my PhD in telecoms engineering.

I evolved into an IT/CRM [customer relations management] consultant and even worked in sales and business development roles.

Since then I have had advisory roles [in cybersecurity], which have mostly evolved from governance to more technical cybersecurity – for example, cloud security with AWS, Microsoft Azure, Office 365 – to a more global approach when it comes to being a CISO.

That means building the whole cybersecurity strategy and rolling it out across one to three years, especially with regulated businesses like insurance. It was exciting because I needed to ensure that the company was not only getting up to speed, but also that they didn’t get themselves into trouble.

Magda Chelly

Please tell us about your role at Marsh…

Marsh Asia provides cyber risk consulting. It focuses on risk quantification, as companies are still facing challenges evaluating and quantifying cyber risks to find out the related financial losses.

Unlike other risks, there is limited historical data about cybercrime, mainly because it is a relatively new risk area, but also due to its constantly changing form.

Cyber risk management has not yet been ‘reduced to practice’ on a wide scale.

This approach enables point estimates of the financial cost – the severity – of cyber events with good accuracy.

YOU MIGHT ALSO LIKE Virtual cybersecurity conferences: An expanding list

Having credible quantitative estimates for both severity and likelihood will allow risk managers to answer the fundamental question: “What is the likelihood that our organization will experience a cyber event causing a loss of greater than, say, $100 million in the next 12 months?”

Most often, it is the likelihood question that derails many attempts at quantifying cyber risk, due to the unpredictable nature of a human-initiated threat.

So we’re talking dollars here – how data loss might happen, how much my business might lose, and how much I can get in terms of investment.

What can RSA Conference attendees expect to hear about ‘Getting the Security and Flexibility Balance Right in a Covid-19 World’?

I’ll be addressing how to be aware of the evolving risks within an uncertain environment.

And I’ll be [urging attendees to make] simplicity [a pillar of their cybersecurity approach] because fundamentals can be applied. You can, for example, apply your NIST compliance checklist every time a risk changes. I will be talking about alternatives.

I will be presenting about use cases and some additional changes that are super interesting.

I believe that cybersecurity professionals tend to be over confident about their capabilities.

We’re talking about an environment with a lot of factors that might impact our security. We’re not talking about traditional corporate security and enterprise boundaries. We cannot take the same approach.

RELATED How to become a CISO – Your guide to climbing to the top of the enterprise security ladder

If you go into an employee’s ecosystem and you understand how they work, you realize that they will find a way to [surmount] technical challenges by using their personal emails, etc, so that of course raises additional risks. And working in a quarantine environment raises risks that were not considered.

And the fact that some [employees] will go back to the office, some will stay working remotely – how do you manage that securely?

Cybersecurity professionals also have a challenge communicating with employees, who [sometimes] do not even know that there is a [security] team.

We tend to make employees feel that we are not reachable. If you’re a CISO of a big company then, obviously, you’re very busy. You have a team and you cannot spare time to talk to everyone, but it’s extremely important to go beyond just sending a newsletter and make sure that employees see cybersecurity as part of the culture.

So don’t talk about only corporate requirements. Talk about how they need to consider cybersecurity in everyday activities – no matter if it’s a corporate requirement or not.

RSA 2020 takes place virtuallyThis year’s RSA Conference is taking place virtually

And what about your other talk: ‘Hacking the Cybersecurity Job Market: A Primer for Students and Grads’?

This is about helping the student understand the different [available] career paths.

We hear about a big skills gap globally. Sometimes [this is exacerbated by] the fact that HR will request everything and anything in the job description. From a hacker to a compliance manager, to a CISO, [all skills and experience] is put in one job description, which is of course impossible. [Or they ask for] someone junior, but already with experience, so it just doesn’t make sense.

So [I will talk about] finding the right balance, and how to address the challenges and start the discussions with HR teams.

How does Singapore, or Asia more widely, compare to Europe or North America in terms of its cybersecurity maturity?

I would say it’s very different. The Asian market is very fragmented. Every country has different maturity, different initiatives, and different – especially regulatory – requirements.

Singapore is one of the most mature in terms of regulations – we have the PDPA privacy law, the Cybersecurity Act, the MAS TRM guidelines.

In countries where maturity is much lower, companies just do not feel that they need to do anything [to strengthen cybersecurity].

The Asian market compared to Europe or the US is still much, much lower in terms of general maturity, which means, again, there is a greater opportunity to help those companies.

You founded the Singapore chapter of Women of Security, or WoSEC. How would you summarize the chapter’s aims?

I’m trying to help female professionals get the right support, to give them a safe environment with talks, workshops, social gatherings where we can talk about challenges, we can give some job opportunities, and recommend mentors.

How much progress are you seeing in terms of achieving parity of opportunity between female and male professionals?

I think there are a lot of unconscious biases, but it is changing.

I’ve seen a very positive change in the US and Europe. Asia is still trying its best but it’s not there yet. There’s a lot of work to do.

Companies like Marsh have diversity programs, and they are supporting WoSEC, so the problem is not there as such.

But general feedback from the top of other companies in the region [suggests that] the problem is that the HR process doesn’t [encourage] that inclusion or diversity very well. And then unconscious biases don’t help female professionals [once they do get roles].

It really depends on the country and the culture.

Finally, you noted that cybersecurity is often seen as exclusively the domain of IT teams. Experts also often feel that cybersecurity’s status as a cost center devalues its importance. Are attitudes improving in the boardroom?

Small and medium-sized enterprises are generally focused on increasing sales.

They still lack awareness around cyber risk and do not consider it as a business risk. So they try to get it outsourced. But they are ignorant of the risks that they are exposed to, because the IT or managed service provider [might not be] doing anything about security because it’s not in the contract. This is something I have seen in Singapore and abroad.

What mostly drives change is the regulatory requirement. We cannot just assume that a company will raise their understanding of cybersecurity just because then they are aware [of the problem] – unless the business owner is technologically savvy.

It needs a regulatory push. In Singapore, we have the Monetary Authority of Singapore technology guidelines, for example.

READ MORE Strategies for combating increased cyber threats tied to coronavirus

Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

View full post on National Cyber Security

#infosec | Norwegian Cruise Line Suffers Data Breach

Source: National Cyber Security – Produced By Gregory Evans

A major cruise operator has suffered a data breach as the travel industry battles the storm created by the COVID-19 outbreak.

Information from a database belonging to Norwegian Cruise Line was discovered on the dark web by an intelligence team at DynaRisk on March 13. 

Data exposed in the incident included clear text passwords and email addresses used to log in to the Norwegian Cruise Line travel agent portal by agents working for companies including Virgin Holidays and TUI. 

DynaRisk said data relating to 29,969 travel agents was breached from the portal on the agents.ncl.eu website on March 12.

“After verifying that the data records are legitimate credentials, we notified a Norwegian Cruise Line representative immediately. Despite opening our message later that day, we received no response. After five days a representative responded to our team to discuss the breach,” said a DynaRisk spokesperson.

DynaRisk said that the incident left agents who were “already vulnerable at this time” at higher risk of cybercrime. 

A DynaRisk spokesperson said: “They are now exposed to account takeovers on numerous platforms, sophisticated phishing emails and fraud, which could put further pressure on large travel agents or worse still, put smaller agents out of business.”

Norwegian Cruise Lines told Infosecurity Magazine: “It has recently come to our attention that the agents.ncl.eu website may have been compromised. In an abundance of caution, we are in the process of asking certain travel partners that may have been affected to change their password for the site and any site for which they may have used the same password, and to remain vigilant of any suspicious activity or emails. 

“We believe limited personal information was involved, specifically names of travel agencies and business contact information such as business addresses and email. This appears to be a unique and isolated incident that involved only a regional travel partner portal which houses marketing materials and educational information and did not involve guest data. We are deeply committed to protecting the security and confidentiality of information and regret any concern this matter may have caused.” 

Norwegian is the third cruise line this month to hit the cybersecurity headlines. Princess Cruises and Holland America Line both reported being hacked on March 2.   

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Norwegian Cruise Line Suffers Data Breach appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | UK Spies Hunt Down Covid-19 Threats

Source: National Cyber Security – Produced By Gregory Evans

The UK’s National Cyber Security Centre (NCSC) has stepped in to remove malicious and phishing websites linked to Covid-19 scams, but warned that attacks could increase if the outbreak does.

The GCHQ body said that phishing efforts using the Coronavirus as a lure have led to victims losing money and sensitive data across Europe.

It urged businesses and consumers to consult its advice on email scams and dealing with malware to better insulate them from the threat of ransomware, credential theft and fraud.

“The NCSC has seen an increase in the registration of web pages relating to the Coronavirus suggesting that cyber-criminals are likely to be taking advantage of the outbreak,” it said.

“Continued global susceptibility to phishing will probably make this approach a persistent and attractive technique for cyber-criminals. Moreover, if the outbreak intensifies, it is highly likely that the volume of such attacks will rise.”

Security vendors have been sounding the alarm over phishing attacks for more than a month. Emails are often spoofed to appear as if sent from the World Health Organisation (WHO), the US Center for Disease Control (CDC) or other official bodies, and claim to contain new information on the outbreak in an attachment or via a link.

Some are laden with malware while others request the user enter their email and password, Outlook log-ins or other credentials to proceed. There are also reports, cited by the NCSC, of fraudsters requesting Bitcoin donations to fund a fake vaccine, and even scam sites selling fake antiviral equipment.

“We know that cyber-criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the Coronavirus outbreak,” said NCSC director of operations, Paul Chichester.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails. In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | UK Spies Hunt Down Covid-19 Threats appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Sextortion Fallout Scam Tricks Users into Malware Download

Source: National Cyber Security – Produced By Gregory Evans

Security researchers are warning of a new sextortion-related campaign designed to trick the recipient into clicking on a nude image booby-trapped with malware.

The unsolicited email contains a message from ‘Red Skull’ hacking crew, who claim to have compromised the account of a contact of the recipient and found images of his naked girlfriend.

As this individual didn’t pay up, the hackers are now emailing the image to everyone in his contacts list, or so the scam goes.

To view the picture, the user is encouraged to “enable content” and in so doing execute macros on the machine. However, doing so will run a PowerShell command in the background to download and execute the Racoon information-stealing malware, according to IBM X-Force.

Fortunately, the associated domain has been taken down.

“This new take on sextortion is quite remarkable. It makes the victim believe that someone they know has been exploited in an attack that has nothing to do with them. If people do not identify as the victim, they may act much more careless, especially those curious to find out who was actually targeted,” the security vendor explained.

“Thanks to the quick removal of the domain, it is safe to say that the success of this single campaign should be less significant, despite the sophistication and creativity of its emails. Nevertheless, the threat actor distributing these emails has been very actively exploring new methods of social exploitation, so this will certainly not be the last time we write a collection about these types of emails.”

In fact, the same hackers are behind a new campaign in which malicious spam is sent to users posing as an “indictment message” sent by a court. The relevant information on the hearing is said to be included in the malicious attachment.

Other phishing emails use DocuSign as a lure to click through and unwittingly download Racoon.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Sextortion Fallout Scam Tricks Users into Malware Download appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Cybersecurity Isn’t “Cool” Enough to Attract New Talent

Source: National Cyber Security – Produced By Gregory Evans

New research published today has found nearly half of cybersecurity professionals believe their industry is experiencing a skills gaps because it isn’t considered “cool” or “exciting.”

The “Opportunity in Cybersecurity 2020” report surveyed over 200 cybersecurity professionals in the UK and the US about their personal experiences working in the industry. Of those questioned, 42% felt that public perception of the industry as being boring and full of dorks was dissuading fresh talent from pursuing a career in cybersecurity. 

This opinion was found to be most prevalent among millennial respondents, 46% of whom blamed the cybersecurity skills gap on the industry’s square image.  

Shamla Naidoo, former CISO at IBM, said, “To many people, cybersecurity equates to—and is limited to—someone in a hoodie bent over a keyboard in a dark room. That’s not the case at all. If we don’t expand beyond that, we’ll lose out on even more people in the industry.” 

The report was drawn from surveys and research conducted by the Center for Economics and Business Research, commissioned by cybersecurity firm Tessian. 

According to the report, improving the industry’s image to recruit more women especially could have a particularly beneficial effect for America. Researchers discovered that if the number of women working in cybersecurity in the US equaled that of men, the economy would receive a $30.4bn boost. 

Fresh talent who don’t give a fig about the industry’s image may be put off working in cybersecurity because of the lack of equality when it comes to salary. At present, cybersecurity’s reputation is tarnished by an embarrassing 17% difference in how much men and women are paid in the US, and an even more shameful gap of 19% in the UK.

Of those surveyed for the report, 45% of US respondents said offering equal pay would help with recruitment. 

Researchers found that offering equal pay would also strengthen the US economy. An additional $12.7bn would be added to the US economy if women’s salaries were equal to those of their male colleagues.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Cybersecurity Isn’t “Cool” Enough to Attract New Talent appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | University of Kentucky Defeats Month-Long Cyber-Attack

Source: National Cyber Security – Produced By Gregory Evans

The University of Kentucky (UK) has fought off a month-long cyber-attack that impacted UK Healthcare and caused a system-wide slowdown.

According to UK officials, the disruption was caused by cryptocurrency mining malware installed by threat actors on the UK network in February. The malware caused daily interruptions to everyday functions and triggered temporary failures of UK’s computer system.

Disruptions were chiefly felt at UK Healthcare, which operates UK Albert B. Chandler Hospital and Good Samaritan Hospital in Lexington, Kentucky. Together, the hospitals serve more than 2 million patients. 

An investigation into the attack has found no evidence to suggest that patient or student data was compromised.  

University spokesperson Jay Blanton said: “Understanding that our review is ongoing, and based on the consultation of outside experts, we have no evidence to date that any personal health information or other sensitive data, such as personal student or employee data, has been downloaded or accessed.”

Eric Monday, UK’s executive vice president for finance and administration, said the attack appeared to have originated from outside the United States. He expressed the view that the attack had been carried out in an attempt to hijack the “vast processing capabilities” of the UK network to mine cryptocurrency. 

Following the attack, the university hired an independent computer forensic firm to help improve cybersecurity and installed CrowdStrike security software as a preventative measure against future threats. UK is believed to have spent more than $1.5m on ejecting the malware from its network and improving cybersecurity.

A major 3-hour reboot of the university’s IT systems, carried out without the students’ knowledge yesterday morning, is believed to have finally removed the lingering malware threat. 

In a message sent out to the university’s campus community on Monday morning, Blanton said: “A significant step in this procedure involved a short, planned network outage that took place earlier this morning, which we communicated overnight. Per the advice of our cybersecurity partners, it was necessary to limit the information provided in this initial communication. Now that the network has been restored and more aggressive security measures have been implemented, we can communicate with full transparency without risk of sacrificing the security of our systems.” 

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | University of Kentucky Defeats Month-Long Cyber-Attack appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | US to Give Ukraine $8m for Cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

The United States has pledged $8m to support a Ukrainian cybersecurity project. 

The generous commitment was announced by the State Department on Tuesday as part of a “cyber-dialogue” that took place between the two countries in Ukraine’s capital, Kyiv. 

A new cybersecurity project sponsored by USAID (the US Agency for International Development) will be the beneficiary of the promised injection of American dollars. Over the next four years, it is anticipated that the project will raise a total of $38m, all of which will be spent on improving Ukraine’s cybersecurity. 

Among other things, the money will be used to expand and develop the country’s cyber-workforce and to support legal and regulatory reform. 

The $8m pledge comes just three years after the US gave Ukraine $10m of cybersecurity assistance. America’s first cash injection was agreed upon in 2017 as part of the first ever cyber-dialogue held between the two countries. 

A review of the cybersecurity projects in operation between Ukraine and the US followed in 2018.

According to the State Department, the third cyber-dialogue held on March 3 and its accompanying financial pledge served to reaffirm “our shared commitment to ensure an open, interoperable, reliable, and secure cyberspace in which all states behave responsibly.”

Issues discussed at the meeting included how to respond to a serious cyber-incident, how to strengthen critical infrastructure against cyber-attackers, and how to secure the security of the 5G network.

On the agenda also were cyber-capacity building and international cyber-policy issues, including engagements in multilateral fora and policies around public attribution.  

Attending the dialogue were America’s acting deputy chief of mission at the US embassy in Kyiv, Joseph Pennington, various officials from the Federal Bureau of Investigation, and representatives from the US Defense, Energy, Homeland Security, and Treasury departments.

Ruslan Nimchynskyi, Ministry of Foreign Affairs director general for international security, led Ukraine’s interagency delegation.

America’s pledge to offer further financial support to Ukraine follows a request by Ukrainian authorities for support from the United States to investigate a cyber-attack. Ukraine asked for assistance from the FBI to examine an attack on Ukrainian gas company Burisma, which it believes was engineered by Russian military hackers.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | US to Give Ukraine $8m for Cybersecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Hackers Steal Customer Info from UK FinTech Loqbox

Source: National Cyber Security – Produced By Gregory Evans

A UK-based fintech was hit by a “sophisticated” cyber-attack last month, compromising the payment information and personal details of its customers.

The firm, which helps customers improve their credit score by taking out and repaying loans with it, revealed the incident in an email to customers seen by MoneySavingExpert.

It happened on February 20 this year, and although the number of customers affected is thus far unknown, the variety of personal information compromised should set alarm bells ringing for those affected.

It includes customers’ names, dates of birth, postal addresses and phone numbers alongside: the first six and last four digits of their card number, expiry date, sort code and two digits from their bank account number.

This information isn’t enough on its own for hackers to use in payment or account takeover fraud, but it could certainly be deployed to make follow-on phishing attacks more convincing.

If a victim responded to such an email with more of their details, hackers could piece together enough digital information to commit a range of identity fraud scams.

“Cyber-criminals are quick to create genuine-looking fake sites and emails designed to manipulate further information out of their victims including passwords or other missing data,” warned ESET cybersecurity specialist, Jake Moore.

Loqbox itself has claimed to have notified the relevant regulatory authorities and police, and has taken steps to address the security issues which led to the breach.

It reassured customers that any funds paid into accounts were still secure. However, there’s no public breach notification on its website or Twitter feed, the latter not having been updated since June 2019.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Hackers Steal Customer Info from UK FinTech Loqbox appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Californian Jailed for Cyber-Stalking Mass Shooting Victims’ Families

Source: National Cyber Security – Produced By Gregory Evans

A California man who used social media to stalk and threaten the families of American mass shooting victims has been sentenced to 66 months in a federal prison.

Brandon Michael Fleury, of Santa Ana, was convicted of cyber-stalking and sending a kidnapping threat to the friends and family of people who were killed in the Marjory Stoneman Douglas High School shooting in Parkland, Florida. The mass shooting, which occurred in 2018, left 17 students dead.

To commit his crimes, 22-year-old Fleury created 13 different Instagram accounts, using a barrage of aliases, including alleged Parkland shooter Nikolas Cruz and executed serial killer Ted Bundy. 

Fleury would then post malicious messages, tagging the friends and families of Parkland shooting victims. 

These messages, posted from December 28, 2018, to January 11, 2019, included statements like, “I’m your abductor I’m kidnapping you fool,” “With the power of my AR-15, you all die,” and “With the power of my AR-15, I take your loved ones away from you PERMANENTLY.”

Many of the messages, including ones written under usernames referring to Cruz and containing Cruz’s profile picture, directly taunted victims’ friends and families about the deaths of their loved ones in the Parkland shooting. 

One message, targeting Jesse Guttenberg, who lost a sister in the attack, read: “I took Jaime away from you. You’ll never see her again hahaha.”

Aliases used on Instagram by Fleury included @teddykillspeople and @nikolas.killed.your.sister.

Upon examining tablets owned by Fleury, law enforcement found thousands of saved images of the notorious Bundy along with images of Fleury’s targeted victims. Police also found saved screenshots of the messages that Fleury had sent to his victims.

Fleury was arrested in the Santa Ana home he shared with his father and brother and charged in January 2019. Law enforcement tracked him down after subpoenaing Instagram for IP addresses and account information related to the threatening and harassing posts. 

Following his convictions for interstate transmission of a threat to kidnap and interstate cyber-stalking, US District Judge Rudolfo A. Ruiz II sentenced Fleury on Monday to a 66-month custodial sentence.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Californian Jailed for Cyber-Stalking Mass Shooting Victims’ Families appeared first on National Cyber Security.

View full post on National Cyber Security

#infosec | Ransomware Attack at US Power Station

Source: National Cyber Security – Produced By Gregory Evans

A Massachusetts power station hit by ransomware is refusing to meet attackers’ financial demands.

The Reading Municipal Light Department (RMLD) was targeted on Friday by cyber-criminals hoping to extort money by encrypting data in the station’s computer system. Unfortunately for them, station bosses opted to hire an outside IT consultant to help them deal with the ransomware infection instead of paying for the return of their files.

RMLD said that its IT team had been working tirelessly since Friday to identify and isolate the problem, which was believed to have been contained by yesterday afternoon. Outside help was brought in to make doubly sure that all traces of the malware had been removed.

After attackers drove the electricity provider off their website, RMLD took to Twitter earlier today to spread news of the ransomware attack.

From their account @readinglight, the company posted: “RMLD’s website, http://rmld.com, is currently unavailable due to a widespread issue our vendor is experiencing. There is no ETA for a resolution at this time. This issue is affecting multiple city and town websites in MA. Updates will be shared as they become available.”

Electricity services were not interrupted by the attack, and RMLD said that the grid remains secure.

RMLD said that there were no indications that customers’ financial data had been compromised as a result of the attack. Information regarding customers’ bank accounts and credit cards is stored in a separate system managed by third-party provider Invoice Cloud.

Online payments remained unaffected by the ransomware attack, as they are handled by Invoice Cloud. RMLD said that prompt payment discounts will be honored despite a potential delay in the carrying over of payments from Invoice Cloud to RMLD’s billing system.

Customer data that may have been exposed in the attack includes names, addresses, email addresses, and records of how much electricity an individual has accessed. 

RMLD has not confirmed how the ransomware entered their computer system, nor has the electricity provider stated how much money was requested by the attackers.    

According to records obtained by NBC10 Boston, 1 in 6 Massachusetts communities have been targeted by ransomware and at least 10 communities have used taxpayers’ money to recover encrypted data.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

The post #infosec | Ransomware Attack at US Power Station appeared first on National Cyber Security.

View full post on National Cyber Security