now browsing by tag


#minorsextrafficking | EU shares plans to prevent child sex abuse | #parenting | #parenting | #kids

European Commissioner for Home Affairs Ylva Johansson listens to a question during an online news conference with European Commissioner for Promoting our European Way of Life Margaritas Schinas at the […] View full post on National Cyber Security

#cybersecurity | #hackerspace | How to prevent the data breach that keeps on happening

Source: National Cyber Security – Produced By Gregory Evans

By Dr Steve Jeffery, pre-sales engineer

The potential for revealing personally identifiable information (PII) in the ‘To’ or ‘CC’ fields of an email is a risk well understood. Yet despite this, it remains the source of far too many data breaches.

• In January 2020, Capita accidentally leaked the email addresses of all those attached to a support incident ticket on their call handling system.
• In October 2019, West Berkshire Council sent an email containing a survey about leisure centres to 1,107 recipients who could all see each other’s email addresses.
• In April 2019, the UK Home Office accidentally disclosed details of hundreds of EU citizens requesting settled status to one another
• A UK Freedom of Information request in 2018, showed at least 147 self-reported data breaches to the ICO were down to this error.

Accidental in nature, it’s easy to see why these types of breaches occur. When we want to send an email to a number of people – be that a newsletter, an event invitation, or an update on a technical support ticket – we might simply copy and paste the email addresses into the ‘To’ or ‘CC’ fields and press ‘Send’ without giving it a second thought. This approach means that all recipients of the email are visible to each other, which isn’t a problem if you are addressing a group known to one another, but in the case of a mailing list to customers, it is a privacy breach that could result in a fine.

It is no surprise that human error is the cause of so many breaches. Conditioned to using email, we have become inured to the potential danger that exists every time we press ‘Send’. Focussing on the task at hand, we don’t always give the time required to consider the privacy ramifications of our actions. We know that ‘BCC’, or blind carbon copy, is the field to use to ensure email addresses remain private, yet accidents still happen. What can an organization do to mitigate this risk?

Reducing the risk of an email data breach

To offset the inevitable risk associated with email communications, organizations need a clear cybersecurity strategy encompassing people, processes, and technology. Email policies need to be established, the workforce trained, and policy rules enforced with software. The software acts as the final safety net against the inadvertent actions of employees.

The Clearswift Secure Email Gateway can support employees to make better decisions, without increasing the administration burden on the IT support team.

In the gateway, simply create an email policy rule that automatically holds emails where the number of recipients in the “To” or “CC” fields exceeds a minimum number set. When an email exceeds that threshold, an alert is sent to the employee. If the action was deliberate, the employee can release the email without the need to raise an IT support ticket. The decision to release the email message is audited and recorded in the gateway. If, however, a mistake occurred, the employee can delete the email and create a new version compatible with the organization’s privacy policies.

Additional information

Learn more about preventing data breaches with Clearswift Secure Email Gateway
Step-by-step guides for setting up Recipient Limiters can be found on the Customer Support Portal.

Source link

The post #cybersecurity | #hackerspace |<p> How to prevent the data breach that keeps on happening <p> appeared first on National Cyber Security.

View full post on National Cyber Security

How Tweets Could Prevent War, an App Store Dilemma, and More News

Source: National Cyber Security – Produced By Gregory Evans Twitter is shocking and Apple is balking, but first: a cartoon about posthumous photo sharing. Here’s the news you need to know, in two minutes or less. Want to receive this two-minute roundup as an email every weekday? Sign up here! Today’s News Did Twitter help […] View full post on

#comptia | #ransomware | Why Tier-II Cities In India Must Prepare To Prevent Ransomware Attacks

Source: National Cyber Security – Produced By Gregory Evans While the issue of cyber threats is consistently on the rise, there is a general perception that only metro cities may be prone to cyber-attacks. But in fact, research has found time and again that it is the other way around. Multiple cities in India and […] View full post on

#cyberfraud | #cybercriminals | Business Mail Compromise: 5 ways to detect this scam and what can be done to prevent it

Source: National Cyber Security – Produced By Gregory Evans Advertisement Millions of dollars and lots of personal information are being stolen by a growing threat known as the Business Email Compromise (BEC). Business Mail Compromise: 5 ways to detect this scam and what can be done to prevent itMillions of dollars and lots of personal […] View full post on

New York is #quietly working to #prevent a major #cyber attack that could bring down the #financial #system

Source: National Cyber Security News

Five months before the 9/11 attacks, US Secretary of Defense Donald Rumsfeld sent a memo to one of his advisers with an ominous message.

“Cyberwar,” read the subject line.

“Please take a look at this article,” Rumsfeld wrote, “and tell me what you think I ought to do about it. Thanks.”

Attached was a 38-page paper, published seven months prior, analyzing the consequences of society’s increasing dependence on the internet.

It was April 30, 2001. Optimistic investors and frenzied tech entrepreneurs were still on a high from the dot-com boom. The World Wide Web was spreading fast.

Once America’s enemies got around to fully embracing the internet, the report predicted, it would be weaponized and turned against the homeland.

The internet would be to modern warfare what the airplane was to strategic bombers during World War I.

The paper’s three authors — two PhD graduates and the founder of a cyber defense research center — imagined the damage a hostile foreign power could inflict on the US. They warned of enemies infecting computers with malicious code, and launching mass denial of service attacks that could bring down networks critical to the functioning of the American economy.

Read More….


View full post on National Cyber Security Ventures

What is #cryptojacking? How to #prevent, #detect, and #recover from it

Source: National Cyber Security News

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.

Either way, the cryptojacking code then works in the background as unsuspecting victims use their computers normally. The only sign they might notice is slower performance or lags in execution.

Why cryptojacking is on the rise

No one knows for certain how much cryptocurrency is mined through cryptojacking, but there’s no question that the practice is rampant. Browser-based cryptojacking is growing fast. In November, Adguard reported a 31 percent growth rate for in-browser cryptojacking. Its research found 33,000 websites running cryptomining scripts. Adguard estimated that those site had a billion combined monthly visitors.

“Cryptomining is in its infancy. There’s a lot of room for growth and evolution,” says Marc Laliberte, threat analyst at network security solutions provider WatchGuard. He notes that Coinhive, the most popular JavaScript miner that is also used for legitimate cryptomining activity, is easy to deploy and generated $300 thousand in its first month.

Read More….


View full post on National Cyber Security Ventures

Turn off #cameras and #tracking devices in children’s #Christmas #presents to prevent #hacking, Information #Commissioner tells #parents

Source: National Cyber Security – Produced By Gregory Evans

Parents should turn off the cameras and automatic tracking devices in their children’s Christmas presents because of the risk of hacking, the Information Commissioners’ Office has warned.

With a rise in the number of ‘smart’ toys and devices gracing the wish list this year, parents should consider the safety of them being connected directly to the internet before giving them as gifts, according to the data regulator.

When adults are not going  to personally use cameras in toys to view what is happening remotely then they should consider turning the function off all together, Deputy Commissioner Steve Wood said.

The warning comes amid growing concerns about the ability of criminals to hack into toys containing sensors, microphones, cameras, data storage and other multi-media capabilities.

In a blog on the regulators website Mr Wood wrote: “You wouldn’t knowingly give a child a dangerous toy, so why risk buying them something that could be easily hacked into by strangers?

“In the same way that safety standards are a primary consideration for shoppers buying toys, we want those buying connected items in the coming weeks to take a pause and think about both the child’s online safety, and also the potential threat to their own personal data such as bank details, if a toy, device or a supporting app is hacked into.

“Unlike Santa, those looking to hack into your devices don’t care whether you’ve been naughty or nice.”

Parents are advised that they should ensure that they are buying products from a reputable source, that all passwords and usernames are changed from the default option and to use two-step identification where available.

Mr Wood continued: “Some toys and devices are fitted with web cameras. The ability to view footage remotely is both their biggest selling point and, if not set up correctly, potentially their biggest weakness, as the baby monitor hacking issue of a few years ago demonstrated.

“If you have no intention of viewing footage over the internet, then turn the remote viewing option off in the device’s settings, or else use strong, non-default passwords.”

He added: “One of the main selling points of children’s smart watches is the ability for parents to know where their children are at all times. However, if this isn’t done securely, then others might have access to this data as well. Immediately get rid of default location tracking and GPS settings and set strong, unique passwords.”

Parents are also advised to turn off Bluetooth or set strong passwords to protect their child’s data from hackers.

The Deputy Commissioner concluded: “If you aren’t convinced a smart toy or connected/wearable device will keep your children or your personal information safe, then don’t buy it. If consumers reject products that won’t protect them, then developers and retailers should soon get the message.”

The post Turn off #cameras and #tracking devices in children’s #Christmas #presents to prevent #hacking, Information #Commissioner tells #parents appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Data Analytics: The #New Tool To Prevent #Cyber Security #Attacks

Source: National Cyber Security – Produced By Gregory Evans

Data Analytics: The #New Tool To Prevent #Cyber Security #Attacks

Cyber attacks and security breaches are now a constant threat for businesses. Costing the global economy $450 billion in 2016, they’re now occurring with increased regularity, which in turn has forced businesses to focus more on cybersecurity protocols to protect their key data.

A report issued by Malwarebytes showed that over one billion Malware-based incidents manifested between June and November of 2016, and it’s expected that most of those incidents actually went unnoticed until they had breached a network.

A primary target for cybercriminals are the gaps found when big data files are stored, and following the introduction of the cloud, with its unlimited storage facilities, a new avenue has been opened for hackers to penetrate a system. Allowing for the storage of larger datasets in one place, which can then be simultaneously accessed by numerous people, it’s this transition from data centre storage to the cloud that cybercriminals are looking to target. If security protocols of a business are not enforced and up-to-date then a system can be breached.

However, it isn’t only big data storage systems that now harbor potential threats. Cybercriminals have now begun to utilize smartphones and wearable technology to breach a company network. With statistics showing that four out of five UK adults now own a smartphone, many of which access secure work WiFi networks on a daily basis, it has opened up as the next route that hackers are choosing to exploit.

As the threat from cybercriminals increases, businesses can’t take data security lightly, as cybercriminals are constantly finding new ways to access a system.

Detecting a threat as soon as it penetrates a security firewall is not an easy task by any means, and when a breach does happen there’s no simple fix. They are, however, manageable, and it’s data analytics that has become the newest line of security to help stop threats and increase protection.

A recent survey found that 53% of businesses use data analytics to detect high-security threats to their business. This is a figure which should increase, as findings from a report by the Ponemon Institute shows that an organisation is 2.25 times more likely to recognise a threat within hours or minutes if they implement data analytics.

What is data analytics?

The process of data analytics involves data specialists examining large sets of data to uncover anomalies that are not normally seen by the naked eye. Analysts will sift through data searching for unknown correlations in figures or hidden patterns, and from the information collected, they’re able to perform a comprehensive analysis, and use their findings to identify and deter cyber attacks.

To identify if and when a security breach may happen, analysts will apply predictive analysis techniques to data when it’s under examination. Using statistical methods such as predictive modelling, it enables analysts to use statistics to predict potential outcomes. Partnered with data mining, in which analysts sift through large amounts of historical data, they are then able to cross-examine it with real-time data in order to firm up their predictions.

If a threat area is identified, security protocols will then be implemented, alongside algorithms relevant to the data type or structure which are placed in the development code. This should then close the vulnerability and stop firewall breaches instantaneously.

What can it do for your business?

Despite the ability for data analytics to offer a solution to a daily problem, it’s still something that hasn’t been put to full use by businesses. But with software now available that can be used to aid analysis of larger datasets such as Hadoop, it’s becoming a more mainstream solution.

The data gathered during the analytics process will provide a business with a better understanding of cyber attacks arming them with the correct tools to ultimately stop them from happening. It also allows IT security teams to protect businesses from the inside out.

Larger organisations often have an in-house team constantly monitoring security. But for smaller businesses, there are still options to increase your security protocols. Systems such as managed security service providers offer some network security management, which can be used if your business simply doesn’t have the resources to hire a large team of experts.

Data analytics can also help to quash the potential threats from inside your organisation. Using a security information and event management system (SIEM), businesses are able to monitor devices that are connected to the network, and through the data collected, if a security risk is identified it can be halted.

Implementing data analytics is a practice that every business can use to protect themselves against cyber attacks, increasing their front line of defence, the information collected can help improve security on a business network, and could – in the future – mean an end to the unpredicted breaches to security systems.


The post Data Analytics: The #New Tool To Prevent #Cyber Security #Attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Illinois taking measures to prevent cyber hacking

Source: National Cyber Security – Produced By Gregory Evans

Cyber hacking is a global threat. Now Illinois is taking steps to make sure your information is safe. According to the Department of Innovation and Technology, 91 percent of all cyber-attacks start with an email. Typically, it’s a phishing email that looks completely normal but is actually a threat. The…

The post Illinois taking measures to prevent cyber hacking appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures