now browsing by tag


#cyberfraud | #cybercriminals | The number of Black Friday scams is increasing and they’re becoming more sophisticated

Source: National Cyber Security – Produced By Gregory Evans With a rise in the number of shops offering Black Friday bargains, security experts say scammers are capitalising on the trend in the hope of conning shoppers. Experts say fraudsters are becoming ‘more sophisticated’ in their attempts to con people out of their hard earned cash, […] View full post on

#cyberfraud | #cybercriminals | Banking scams becoming more sophisticated

Source: National Cyber Security – Produced By Gregory Evans

Falling prey to online scammers is easier than you might think, with scams becoming increasingly more sophisticated and less blatant than the now well-known “Nigerian prince” emails that clog our spam folders.

According to the SA Banking Risk Information Centre (Sabric), reported incidents of digital banking crimes increased by 75 percent between 2017 and 2018, amounting to a total of R262.8 million lost in digital, mobile and app banking crimes last year alone.

Cyber criminals are becoming smarter in their attempts to steal and will use technology in conjunction with social engineering to try to defraud people. Here are just some of the many scams you need to be aware of, so you can start protecting yourself and your information online.

Phishing is one of the most common forms of online scams that uses email as a platform to scam people. Phishing is designed to trick you into clicking on malicious links that can result in malware being installed on your computer or device, or manipulating you into divulging login details for email, social media and bank accounts. This often takes the form of an email that looks like a legitimate and professional communication from a trustworthy source, except for a few small and easy-to-miss details that tell you it’s fake.

Vishing, or “voice phishing attacks”, occurs when fraudsters pose as bank officials or service providers in order to trick people into disclosing personal and sensitive information over the phone, giving criminals access to your bank card details, mobile banking apps and online banking profiles. Your bank will never call you and ask you to share information such as your account details, user name or passwords over the phone.

Source link

The post #cyberfraud | #cybercriminals | Banking scams becoming more sophisticated appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | More women needed in cyber security to meet high industry demand: Sim Ann, Singapore News & Top Stories

Source: National Cyber Security – Produced By Gregory Evans

SINGAPORE – The Republic needs more women to take up positions in cyber security, a sector that is facing a shortfall of talent.

On Thursday (Oct 3), Senior Minister of State for Communications and Information Sim Ann said more women can be encouraged to join the cyber-security industry and thrive in it.

“Given the high demand for cyber security talent, it would be a pity to draw from only half the population,” she said, noting that estimates of the proportion of women in cyber security globally range from as low as 10 per cent to about 25 per cent.

“Effective strategies to tackle cyber security… must integrate the perspectives of all people – both men and women – so that the technologies deployed and the process implemented are practical and inclusive.”

In her opening address to audience members at the Women in Cyber event during the Singapore International Cyber Week (SICW), Ms Sim outlined three ways to get more women to join the cyber-security industry and thrive in it.

First, by engaging young people to raise awareness of the opportunities in cyber security. She said this is important as people often make career choices early in life.

One such initiative is the Singapore Cyber Youth Programme, which reaches out to secondary school-level students for boot camps and career mentoring sessions.

The other two ways are for women to constantly update and deepen their skills to take advantage of emerging trends in a fast-paced sector, and to have a strong community network, she added.

“Women support networks shed light on women role models who can inspire young aspiring professionals. They also serve as a comfortable launch pad for women to plug into broader industry and community networks,” Ms Sim said.

Ms Sim’s call for more women to join the industry follows a warning by the Cyber Security Agency of Singapore (CSA) in July that the industry potentially faces a shortage of up to 3,400 professionals by 2020.

Ms Alina Tan, 26, was among the many female cyber-security professionals in the audience for the Women in Cyber event.

Combining her twin interests in cyber security and car modifications led Ms Tan to specialise in automotive cyber security.

She started working in the Land Transport Authority’s Cyber Division last month, after spending about two years in cyber-security consulting.

“What I enjoy most about working in cyber security is that I’m always learning something new,” said Ms Tan, who in her free time organises weekly meet-ups for like-minded individuals in the local community to conduct their own research in car cyber security.

“I get a sense of satisfaction from discovering vulnerabilities in a system and then finding ways to secure it. You never know what you’re going to find in there and that’s very interesting for me.”

Held at Suntec City and Convention Centre from Oct 1 to Oct 3, SICW 2019 is the fourth edition of the annual event organised by CSA.

Source link

The post #cybersecurity | More women needed in cyber security to meet high industry demand: Sim Ann, Singapore News & Top Stories appeared first on National Cyber Security.

View full post on National Cyber Security

Online #game designed to #bring more #young women into #cybersecurity #field

Source: National Cyber Security – Produced By Gregory Evans

High school girls will soon have a chance to play as “cyber protection agents” in an online game designed to attract more women into the cybersecurity field.

Delaware is one of seven states to partner with the SANS Institute, a for-profit cybersecurity training company, on the pilot of CyberStart. The online game is designed to teach cybersecurity skills to young people through sets of interactive challenges. The first round of the program engaged 358 students in Delaware and 3,300 across all seven states — but just five percent were women.

The latest version, Girls Go CyberStart, is designed to draw more young women to the game and ultimately the fast-growing cybersecurity field.

“The importance of cybersecurity cannot be understated and I encourage young women in Delaware high schools to take advantage of this opportunity to explore career options in this vital field,” Gov. John Carney said. “Delaware needs a pipeline of talent and a strong workforce to remain competitive in the innovation economy.”

Girl Scouts of the Chesapeake Bay CEO Anne T. Hogan said the organization will encourage its members to play the game. “This program will allow girls to learn by doing, develop important problem solving and leadership skills, and take the lead on their futures,” she said.

The players must complete 10 levels of challenges based around protecting an “operational base” under threat of cyber attack. The game will provide an agent field manual to help overcome the basic technical challenges of cybersecurity.

Registration will open January 29 and run until February 16. The first 10,000 applicants can play the game from February 20-25. More information is available at

The post Online #game designed to #bring more #young women into #cybersecurity #field appeared first on National Cyber Security .

View full post on National Cyber Security

Cybersecurity #experts #agree — expect more #ransomware this #year

Ransomware is one of the easiest cyberattacks to detect because it comes with an actual ransom note. However, 2017 gave way to new propagation mechanisms, which automated worming and increased infection rates.

Employee-facing services and technologies are a top concern to cybersecurity professionals. About 40% of employees use personal devices to send work emails and share or access company data without the IT department’s oversight.

The bring your own device policy is challenging for IT departments to combat. Ultimately, the policy leads to unintended shadow IT, which is often the Achilles heel of solid security practices.

Negligent employee actions can cost a company about $280,000 per incident. If the cost were not enough, companies need to come to terms with the fact that 64% of security breaches are caused by ignorant employee actions.

To help companies better track the most high-risk employees​, in terms of their cybersecurity incompetencies, vendors like Microsoft are including simulated ransomware or phishing attacks in their services.

Hackers will always take advantage of human error and poor judgment, so it’s up to security teams to educate line of business employees.


The post Cybersecurity #experts #agree — expect more #ransomware this #year appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

More #countries are #learning from #Russia’s cyber #tactics

When British and US officials blamed Russian military hackers for last summer’s NotPetya ransomware attack, they were confirming long-held suspicions among western governments that Russia is stepping up its hostile cyber capabilities.

The announcement in February was consistent with the recent rhetoric of political and military leaders in the UK and the US as the two countries turn up the heat on Russia and other state adversaries they hold responsible for a string of aggressive cyber attacks. “I think we have been watching nation states grow steadily more aggressive in their use of cyber capabilities,” says John Hultquist, director of intelligence analysis at FireEye, a cyber security company.

February brought a second Russia-related cyber security controversy. On February 16 an indictment filed by Robert Mueller, the US special counsel who is investigating Russian meddling in the 2016 US Presidential elections, charged 13 individuals and three entities with conducting “information warfare” against America.

The work of the Internet Research Agency, a Saint Petersburg-based company accused of creating fake news and setting up phoney US social media accounts to attract online political audiences, may not be a cyber attack in the strictest sense. However, it fits a broader pattern of online warfare being waged by Russian president Vladimir Putin to disrupt the west and its institutions.

Read More….


The post More #countries are #learning from #Russia’s cyber #tactics appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Brace #Yourself For #More than 10 #Billion #Cyberattacks in #2018

Source: National Cyber Security News

The internet is a dangerous place. In 2017 alone, we experienced the Equifax hack, the WannaCry ransomware attack, and the rise of Logan Paul. And according to a new report released by cyber threat research firm SonicWall on Thursday, it’s probably only going to get worse.

SonicWall’s report outlines cybersecurity trends from the past year that are likely to continue into 2018. One of the main takeaways? Malware is back in a big way.

The previous high for yearly malware attacks was set in 2015, before slightly dipping in 2016. But SonicWall found that the incidence of malware attacks shot up again in 2017, setting a new record of 9.32 billion attacks. Last year’s jump was an 18 percent increase over 2017. If the incidence of malware attacks increases at the same rate this year, we could see nearly 11 billion malware attacks in 2018.

It’s not particularly surprising that people are launching cyber attacks with increasing regularity. As technology improves, the barriers to hacking are lessening, and rapid advances in artificial intelligence will make attacks more cost-effective and efficient.

Another key finding from the report is that while total malware attacks increased, ransomware attacks actually dropped by 71 percent.

Read More….


View full post on National Cyber Security Ventures

Is our #smart home #growing more #vulnerable to #hacks?

Source: National Cyber Security – Produced By Gregory Evans

As more of our cameras, speakers, thermostats and locks connect online, they’re increasingly open to meeting up with hackers.

Hackers have come up with new ways to break into your data — sending attacks through our appliances, locks, blinds and anything that connects to the internet. These are part of the so-called Internet of Things (IoT), and hacking attacks sent through these devices “became the preferred weapon of choice,” for starting denial of service attacks last year, says a new report from Arbor Networks, a security software company.

Read More….

The post Is our #smart home #growing more #vulnerable to #hacks? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

More #CEOs to come from the #cyber security #space in #2018

Source: National Cyber Security – Produced By Gregory Evans

Oracle expects to see more chief executive officers to come from the cyber security space in 2018 as part of an effort to boost security.

Arun Khehar, senior vice-president of applications at Oracle Eastern Central Europe, Middle East, Africa, told Gulf News that enterprise security will be company’s top priority for 2018 and much of it will be automated.

With today’s ‘borderless enterprise as a result of cloud, mobile and edge technologies like IoT, he said that there is general consensus that there is no such thing as ‘total security’. As a result, business information can no longer be protected by the IT team trying to create digital castles and restrict access.

“We’ll see an increasing focus on security among companies, especially with new regulations such as General Data Protection Regulation (GDPR) [coming into effect from May 25, 2018] coming in with their associated penalties for failure,” he said.

He added that more companies are expected to turn to the cloud for security as researches show that more mature users recognise that cloud provides better security than on premises environments.

According to research firm Gartner’s latest forecast, worldwide security spending is expected to total $96.3 billion in 2018, an increase of eight per cent from 2017.

With skills continuing to be scarce, Khehar said that security will increasingly feature artificial intelligence/machine learning capabilities. By 2025, autonomous operations will become the catalyst to accelerate enterprise cloud adoption.

By 2025, he said that 80 per cent of cloud operations risk will vanish entirely — a higher degree of intelligent automation will permeate the cloud platform.

“Using machine learning and AI techniques, autonomous operations will anticipate outcomes, take remedial action, and be aware of real-time risks. The top concerns are infrastructure downtime, security threats and vulnerabilities and data protection,” he said.

It’s not just in security that humans can’t keep up, he said, right across the business and across industries; organisations are struggling to make sense of the rapid proliferation of data whether that is in finance, HR, sales or marketing systems or in operations around systems management and security.

Due to the growth in AI, he said that most of us will be chatting with chatbots by the end of 2018.

“We are going to see a new wave of more sophisticated conversational platforms that will be developed; creating chatbots that will feel completely natural to talk to replacing the currently, relatively unsophisticated interfaces,” he said.

Emirates NBD, Mashreqbank, DED, Aramex and Dewa are using chatbots to initiate and carry on conversations with their consumers in the UAE.

“Chatbots will be one of the key technologies that will be found on every organisation’s strategic customer experience road map. Those that get in and adopt them successfully early on will steal a march on the competition,” he said.

There will be a growing number of specialised ‘intelligent bots’ that will interact and learn from each other, he said.

For example, he said that CEOs, CFOs, or employees will be able to inquire about company data. Professionals such as doctors, pharmacists, lawyers, teachers, engineers, and service personnel can retrieve technical information. Citizens and consumers can interact with service organisations.

Oracle expects 2018 to be the year that hordes of smart devices begin to be tamed, as the focus moves away from the ‘things’ themselves to the integrated platforms that will turn IoT data into actionable insights and data-rich business models.

When it comes to IoT, he said that there are three core challenges — integration, analytics and security. “As smart devices share increases volumes of distributed data among themselves, and back into the enterprise, the challenges around these areas will become exponentially more complex,” he said.

The post More #CEOs to come from the #cyber security #space in #2018 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Get #ready for more #hacks in #2018

Get #ready for more #hacks in #2018

After the year we’ve had, do you need any more convincing that your personal information is constantly being exposed to hackers?

It wasn’t just the Equifax hack, which leaked 145.5 million Social Security numbers, or the WannaCry ransomware attack that locked up our computers and demanded a ransom paid in bitcoins.

Even the security software on millions of our computers became suspect when, for example, the US government banned the widely popular Kaspersky Lab software over concerns about connections to the Russian government. And experts made us question whether we can trust the invisible systems that connect our devices to the internet, like Wi-Fi.

But as scary as all this news is, I don’t recommend putting your fingers in your ears and chanting “fa la la la” until the next hack (though sometimes I’m tempted to do that myself).

The good news is that even as things get worse, you can still do a lot to protect yourself from many types of cyberattacks. In fact, it’s because these trends aren’t likely to turn around in 2018 that you should do all of the following:

Start by backing up your photos, music and other important stuff. Also, update all your software. If you’re not doing these two things, the rest of this is useless.
Next, learn how to adopt some of the increasingly easy-to-use tools for locking down your accounts, like authentication apps, Yubikeys and services like Google Now that come with an authentication tool built in.
Finally, don’t give up on security software — you’ll still need it in 2018 with the way things are going.
Sound like too much work? You should really carve out some time for this stuff. If you’ll permit me to be Debbie Downer for a moment, our security situation is likely to get worse, not better in 2018. Here’s how.

Ransomware will get sneakier, so your backups will be even more important

It’s hard to imagine how ransomware could get much worse. In the WannaCry attack, hackers used NSA hacking tools that leaked into the criminal underworld, repurposing them to launch ransomware at regular computer users.

But the attacks will get stealthier, according to Dave Dufour, vice president of cybersecurity and engineering at Webroot. That’s because hackers are coming up with ransomware attacks that are harder for consumer security products to detect. Instead of running files on your computer that your antivirus software can flag as malicious, hackers will rely more on code that looks legitimate because it runs in programs like Microsoft Word.

Patch your phone, patch your Mac, patch your Windows machine.
Dave Dufour, VP, Webroot
Antivirus tools will have to catch up with that trend to protect consumers. But if you don’t want to wait for that to happen (and you shouldn’t), you can keep backups of your files on the cloud and on external devices, Dufour said.

“If you back it up, you don’t have to care about ransomware,” Dufour said.

There’s one more thing you should do to prevent the pain of ransomware. Consider the ransomware attacks of 2017: “Many of them could have been mitigated by patching your systems,” Dufour said. “Patch your phone, patch your Mac, patch your Windows machine.”

Data breaches will continue, so don’t just rely on passwords

The passwords you and I use daily are a terrible security tool that we only rely on because nothing better has come along.

I mean, really, if someone said they’d protect your bank account with a key that anyone can copy at any moment, you probably wouldn’t use it. But that’s what we do with passwords.

Fortunately, that’s beginning to change. More ways to log in and unlock devices came on the scene this year, and you can expect more in 2018.

Apple made the biggest splash here by introducing FaceID in the iPhone X — the first widely available device using facial recognition technology. FaceID raised privacy concerns and inspired attempts to fool the technology with masks. But if users find it as simple and intuitive to use as Apple’s Touch ID fingerprint system, it will add your face to the list of biometrics that can lock down your accounts.

Better security is getting easier

There’s another tool for keeping your accounts secure that’s getting safer and easier to use, though it’s not quite as futuristic and sexy as a 3D scan of your face.

It’s called two-factor authentication.

This system works by adding another step to your login process, so just having your password isn’t enough for malicious actors to get into your accounts. I know, that’s more work for you, and remembering your password is hard enough. But if you use it, you’ll get to feel smug instead of scared the next time there’s a data breach like the one that, as we learned in October, affected all 3 billion Yahoo accounts.

Popular services are adopting more convenient ways for you to use two-factor authentication. In 2017, Facebook started letting you use a piece of physical hardware called a Yubikey to verify your identity. You plug in the device to your computer’s USB drive and tap it to get into your account. Google introduced Google Prompt, which lets you tap a button on your phone to verify your identity when you log into your accounts.

That’s way easier — and safer — than the industry standard of years past, which was entering in a one-time code sent by SMS to your phone.

Security software is still your friend

Things got a little weird this year with security software like antivirus scanners and password managers. Kaspersky antivirus software was banned from US government computers and taken off the shelves by some retailers. Password manager LastPass patched a big security flaw, and OneLogin got hacked. And dozens of antivirus apps on the Google Play store turned out to be malicious.

Security software will continue to be a target for hackers, who would love to trick you into downloading a malicious tool with high-level access to your computer or phone. But that software is still the best (and sometimes only) way to stop some of the most prevalent hacking attacks.

Unless you’re some kind of memory savant, password managers are the only sensible way for you to use unique passwords on all your accounts. That helps keep one data breach at, say, Yahoo, from letting hackers access more of your accounts.

And despite concerns about compromised or outright malicious antivirus scanners, the software hasn’t outlived its usefulness yet. That’s according to Jerome Segura, a security researcher at Malwarebytes, a firm that focuses on catching malicious code that traditional antivirus software can’t catch.

“It’s important to have security software, especially if you’re running Windows,” Segura said.

All that being said, these steps only mitigate damage caused by hackers. As the companies that protect and store our data keep getting compromised, we’ll likely all receive another helping of apologies and free credit monitoring in 2018.

“You are kind of at the mercy of companies if they get hacked,” Segura said.

View full post on National Cyber Security Ventures