Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Defence. Show all posts
Digital Security
Chief Information Security Office CISO CISO role Cyber Defence Cyber Privacy Cyber Security Digital Security

Why T-POT Honeypot is the Premier Choice for Organizations

 

In the realm of cybersecurity, the selection of the right tools is crucial. T-POT honeypot distinguishes itself as a premier choice for various reasons. Its multifaceted nature, which encompasses over 20 different honeypots, offers a comprehensive security solution unmatched by other tools. This diversity is pivotal for organizations, as it allows them to simulate a wide range of network services and applications, attracting and capturing a broad spectrum of cyber attacks. 
 
Moreover, the integration with the custom code developed by the Cyber Security and Privacy Foundation is a game-changer. This unique feature enables T-POT to send collected malware samples to the Foundation's threat intel servers for in-depth analysis. The results of this analysis are displayed on an intuitive dashboard, providing organizations with critical insights into the nature and behaviour of the threats they face. This capability not only enhances the honeypot's effectiveness but also provides organizations with actionable intelligence to improve their defence strategies. 
 
The ability of T-POT to provide real-time, actionable insights is invaluable in today’s cybersecurity landscape. It helps organizations stay one step ahead of cybercriminals by offering a clear understanding of emerging threats and attack patterns. This information is crucial for developing robust security strategies and for training cybersecurity personnel in recognizing and responding to real-world threats. 
 
In essence, T-POT stands out not only as a tool for deception but also as a platform for learning and improving an organization’s overall cybersecurity posture. Its versatility, combined with the advanced analysis capabilities provided by the integration with the Cyber Security and Privacy Foundation's code, makes it an indispensable tool for any organization serious about its digital security. The honeypot api analyses malware samples and the result of the honeypot can be seen on the backend dashboard. 
 
Written by: Founder, cyber security and privacy foundation.
Read more »
Yahoo
Cyber Defence Cyber Security Digital World Geopolitical Protocols Russian Security Framework supply chain security Ukraine Yahoo

Russian Hackers Target Ukraine's Fighter Jet Supplier

 

A cyberattack on a Ukrainian fighter aircraft supplier has been reported, raising concerns about whether cybersecurity risks in the region are increasing. The incident—attributed to Russian hackers—highlights the need to have robust cyber defense strategies in a world where everything is connected.

According to a recent article in The Telegraph,  the cyber attack targeted Ukraine's key supplier for fighter jets. The attackers, suspected to have ties to Russian cyber espionage, aimed to compromise sensitive information related to defense capabilities. Such incidents have far-reaching consequences, as they not only threaten national security but also highlight the vulnerability of critical infrastructure to sophisticated cyber threats.

Yahoo News further reports that Ukrainian cyber defense officials are actively responding to the attack, emphasizing the need for a proactive and resilient cybersecurity framework. The involvement of top Ukrainian cyber defense officials indicates the gravity of the situation and the concerted efforts being made to mitigate potential damage. Cybersecurity has become a top priority for nations globally, with the constant evolution of cyber threats necessitating swift and effective countermeasures.

The attack on the fighter jet supplier raises questions about the motivations behind such cyber intrusions. In the context of geopolitical tensions, cyber warfare has become a tool for state-sponsored actors to exert influence and gather intelligence. The incident reinforces the need for nations to bolster their cyber defenses and collaborate on international efforts to combat cyber threats.

As technology continues to advance, the interconnectedness of critical systems poses a challenge for governments and organizations worldwide. The Telegraph's report highlights the urgency for nations to invest in cybersecurity infrastructure, adopt best practices, and foster international cooperation to tackle the escalating threat landscape.

The cyberattack on the supplier of fighter jets to Ukraine is an alarming indicator of how constantly changing the dangers to global security are. For countries to survive in the increasingly digital world, bolstering cybersecurity protocols is critical. The event emphasizes the necessity of a proactive approach to cybersecurity, where cooperation and information exchange are essential components in preventing cyberattacks by state-sponsored actors.
Read more »
Threat actors
Artificial Intelligence Cyber Defence Cyber Security Cyberspace Global Economy International Cooperation Malicious actor Military Intelligence Threat actors

Cyber Militarization: Navigating the Digital Battlefield

Technology and the internet are now ubiquitous, creating vulnerabilities and enabling the militarization of cyberspace. This trend poses a number of threats to global security, including accidental or deliberate conflict between states, empowerment of non-state actors, and new arms races. The international community must cooperate to address this issue, developing norms and rules, building trust, and investing in cybersecurity.

Cyberspace once considered a relatively neutral domain for communication and information sharing, is now increasingly becoming a battlefield where nation-states vie for power and influence. The articles linked in this discussion shed light on the complex issue of militarization in cyberspace.

Kaspersky, a leading cybersecurity company, delves into the subject in their blog post, "How to Deal with Militarizing Cyberspace." They emphasize the growing concerns about the use of cyberspace for military purposes, such as cyberattacks and espionage. This article emphasizes the need for international cooperation and cybersecurity measures to address the challenges posed by this evolving landscape.

In the blog post from EasyTech4All, titled "The Inevitability of Militarization of CyberAI," the focus is on the convergence of artificial intelligence and cyber warfare. It highlights the significant role AI plays in enhancing military capabilities in cyberspace. This shift underlines the need for discussions and regulations to govern the use of AI in military operations.

Additionally, the document from the Cooperative Cyber Defence Centre of Excellence (CCDCOE) titled "The Militarization Of Cyberspace" offers an in-depth examination of the historical context and evolution of militarization in cyberspace. It explores the various facets of this phenomenon, from the development of offensive cyber capabilities to the establishment of cyber commands in military structures.

The militarization of cyberspace raises critical questions about the use of cyber tools for aggressive purposes, the potential for escalation, and the importance of international agreements to prevent cyber warfare. The interconnectedness of the global economy and critical infrastructure further amplifies the risks associated with cyber warfare.

To address these challenges, a multi-faceted approach is essential. This includes the development of international norms and regulations governing cyber warfare, cooperation between nations, investment in cybersecurity, and continuous monitoring of cyber threats.

Cyberspace militarization is a complex and evolving issue that requires our attention. By exploring the articles and materials provided, we gain a glimpse into the many facets of this challenge, from its historical roots to the use of AI in warfare. As technology advances, it becomes increasingly important to use cyberspace in an ethical and responsible manner. It is up to us all to ensure that the digital realm remains a force for good and progress, rather than a catalyst for instability and conflict.

Read more »
Security Culture
Cyber Defence Cyber Security HR Department HR Responsibility Human Resource Security Culture

Responsibilities of an HR to Strengthen Their Company’s Cyber Defenses


Suppose a company is hit by a ransomware attack today, who will the company personnel call or rely on, to remediate their issue. Most probably, a cybersecurity expert. However, companies nowadays go numb in the initial hours of the incident, since nobody knows anyone’s phone numbers. Lack of access to emails or messaging systems results in a halt, leading to customers and workers just wondering what is going on. This panic further intensifies into a full-blown crisis.

While this may look like a job of the IT and security department, protecting a company reduces down to two ideas – organizational culture and planning – something that comes under the command of human resources. 

The HR department is in a unique position to integrate cybersecurity readiness into an organization's daily operations.Too reduce risks and make sure the company has the skills necessary to be resilient to foreseen difficulties, which include cyberattacks, it is responsible for developing policies and procedures. Additionally, HR departments themselves are major targets for hackers as they are the stewards of employees' private and sensitive information. However, this vital role of the HR team is highly overlooked.

In regards to this, Claudette McGowan, CEO of cybersecurity company Protexxa has mentioned some ways that could help HR make their companies a rather tough target for cybercriminals. We are listing some of these suggestions:

Build a Security Culture 

With the growing cyberspace culture, one can only imagine how many digital issues can be lobbed at a time, making it challenging to determine them all. A strong cybersecurity culture comes to the resort, since it helps organizations to protect themselves against attacks, and minimizes the radius of attack in case it has already been executed. 

However, for this, everyone must be on the same page when it comes to online behaviours. 

To ensure this, HR must make sure that the company is equipped with training tools so that employees can determine what should and should not be done. 

Integrating cybersecurity into performance appraisals is the greatest approach to guarantee that everyone perceives it as a crucial part of their responsibilities. This should not involve criticizing employees for each dubious link they click on. Instead, it ought to be a productive discussion about how they are progressing with their cyber literacy education. Employees can utilize cyber health-check tools to examine their online behaviour and resolve vulnerabilities (such as reusing Pa$$w0rd throughout the majority of the internet or not using two-factor authentication), and similar tools are frequently used to monitor progress toward cybersecurity goals at the organizational level.

Stop Hoarding Data 

The HR department should be active when it comes to updating its data retention policy. ‘Updating,’ since companies are already encompassed with a data retention policy. If not, then the company is bound to hoard this data forever, which may expose it to several risks. The more data a company has, the worse a breach is, especially if the company is storing data that is no longer in use. 

Determine ‘Who Calls the Shots’ in Case of a Breach 

In times of crisis, while everyone may have an opinion on ‘what should be done,’ it should priorly be decided who holds the decision-making power. 

The only requirement in the job description for incident commanders is that they be the person who knows their company's cybersecurity concerns the best. Depending on the size of your company, that may be the head of IT, the cybersecurity leader, or Joanne in accounting who has taken a few courses in this area. Whoever it is, HR must make sure to recognise it and make it apparent to the team before an issue occurs.

Finally, Note the Contacts Down

However old school and mundane it may sound, but contact numbers of the incident team must be noted down, and the list should be updated without fail to make sure that an ‘professional’ is at standby to help an organization resolve the issues systematically.  

Read more »
USA
Cyber Attacks Cyber Defence GoDaddy USA

GoDaddy, a Web Hosting Provider Hit Multiple Times by the Same Group

 

This month, GoDaddy, a leading web hosting provider, revealed that it had experienced a major security breach over several years, resulting in the theft of company source code, customer and employee login credentials, and the introduction of malware onto customer websites. 

It means that the hackers were able to access and modify certain websites hosted by GoDaddy, in a way that allowed them to install malicious software (malware) onto these websites. This malware could then potentially harm visitors to these sites by stealing their personal information, infecting their devices, or performing other malicious actions. 

While much of the media attention has focused on the fact that GoDaddy was targeted by the same group of hackers in three separate attacks. The threat actors typically employ social engineering tactics such as calling employees and luring them to a phishing website. 

While reporting the matter to the U.S. Securities and Exchange Commission (SEC) the company said that the same group of hackers was responsible for three separate security breaches, including: 

In March 2020, a phishing attack on an employee resulted in compromised login credentials for around 28,000 GoDaddy customers and a few employees. 

In November 2021, attackers stole source code and information related to 1.2 million customers by using a compromised GoDaddy password, including website administrator passwords, sFTP credentials, and private SSL keys. 

In December 2022, hackers accessed GoDaddy's cPanel hosting servers and installed malware that redirected some customer websites to malicious sites intermittently. 

We don't have much information about the cause of the November 2021 incident, except that GoDaddy has said it involved a compromised password and took two months to discover. For the December 2022 malware breach, GoDaddy has not disclosed how it occurred. 

However, we do know that the March 2020 attack was initiated through a spear-phishing attack on a GoDaddy employee. While GoDaddy had initially described the incident as a social engineering attack, one of their affected customers actually spoke directly to one of the hackers involved. 

GoDaddy is a company with around 7,000 employees and an additional 3,000 workers through outsourcing firms in India, the Philippines, and Colombia. 

When employees log in to company resources online, many companies require them to use a one-time password along with their regular username and password. This password can be sent via SMS or generated by an app. But this type of security measure can be easily bypassed by phishing attacks that ask for a one-time password along with the regular password. 

However, using physical security keys is a multi-factor option that is resistant to advanced phishing scams. These keys are inexpensive USB devices that implement Universal 2nd Factor (U2F) multi-factor authentication. 

Physical security keys are small devices that can help protect your online accounts from being hacked. When you log in to your account, you have to insert the key and press a button on it to complete the login process. This makes it hard for hackers to steal your password or trick you into giving it away. Even if you accidentally go to a fake website, the security key won't work and your account will stay safe.
Read more »
User Privacy
Cisco Cyber Defence Data Breach ICO Identity Theft United Kingdom User Privacy

Companies are at Risk From Remote Workers Losing Thier Laptops

 

Data thieves can steal a laptop from a coffee shop table, a lost property bin, an unlocked locker, your desk at work, or even your luggage on a crowded commuter train, and it's far away when you first realize it's gone. They are difficult to identify and trace, and because most individuals carry computers, it is simple to steal without anybody knowing. Many data theft events are simply crimes of opportunity rather than deliberate attacks, and stolen laptops make an excellent target.

Organizations are penalized a total of £26 million, according to data compiled by Cisco Systems, after employees misplaced company-owned laptops and phones.

The Information Commissioner's Office has collected over 3,000 reports of missing devices with user data during the past two years. Businesses are far more prone to be penalized than companies that have been the target of ransomware hackers if employees' misplaced laptops and phones consist of consumer information.

The majority of organizations are putting in place their cyber defenses, yet many do not consider their staff to be a threat to company data. But a major aspect of cyber security preparation is searching within the organization for potential insider threats. It might be challenging to tell whether a staff member has genuinely used company systems or if they are attempting to assault the company.
  
According to data protection legislation, the loss of a device containing or having access to the personal data of customers or suppliers must be reported to the ICO. As per Lindy Cameron, the CEO of the National Cyber Security Centre, ransomware is one of the most severe cybersecurity risks in the UK.

Martin Lee, technical lead for cybersecurity at Cisco, warned that office workers who are unable to resume their usual commute may see an increase in lost or stolen devices that carry important company data. Businesses in the UK have been investing heavily to ensure that their corporate networks are impenetrable because of the increased awareness of cyber threats brought on by rising data breaches. 



Read more »
Hacks
ASCS Cyber Defence Cyber Security Cyber Threats Cyberattacks Data protection Hacks

7 Minutes a Day, Malicious Cyber Criminals Strike, Here's How to Defend

 


There has been an increase in malicious cyberattacks targeting Australian businesses over the last few years. As a result, these businesses are being advised to raise their standards when protecting customer information. 

In a new report published by the Australian Cyber Security Centre (ASCS), it has been found sophisticated state and criminal actors are striking more frequently, with a cyber crime being reported every seven minutes, according to the paper. 

In the wake of the "concerning" report that was released by the Department of Homeland Security, Cyber Security Minister Clare O'Neil put businesses on notice that they will need to handle the cyber data of their customers more securely and effectively. 

During the past financial year, the Cyber Security Agency received over 76,000 reports from the community about cyber-related issues, which was a 13 percent increase from last year's number. 

The number of publicly reported security holes also increased by 25 percent over the previous year. 

An estimated $100 million has been lost by Australians with compromised email systems. This amounts to an average of $64,000 in compromised emails reported to the authorities, each time.

Fraudulent emails are sent by scammers who send emails purporting to be businesses to solicit payments. For example, a real estate agent will ask for a deposit on a property. 

Richard Marles, the Deputy Prime Minister, has said that everyone needs to be more alert to possible threats. 

"In comparison to cyberspace, the environment in which we live is much more challenging. Although there are many pickpockets around, this appears to be happening at an unprecedented level," he told ABC radio station. 

Keeping yourself safe does not have to be complicated. There are several simple steps anyone can take to do so. 

The measures include not clicking on links in text messages or emails that are not marked as such, ensuring that their software is up-to-date, and taking additional care when dealing with their data. 

In a recent interview, Marles said the government was investing heavily in the cybersecurity sector. In response to this, the company updated its systems and considered a public education campaign. 

There has been a study that suggests small businesses lose on average $39,000 as a result of cyberattacks, and the figure reaches $88,000 for medium-sized businesses as a result of these attacks. 

It has been reported that the average loss was $112,000 in Western Australia and $26,000 in the Northern Territory, according to the Australian Bureau of Statistics. 

As per the NSW government, the average loss was almost $70,000, and the losses in all other states and territories were between $50,000 and $50,000 on average. 

Cyber incidents affect about a third of the total number of computers in the state and Commonwealth of Australia, with the Commonwealth and state governments at risk. 

As a result, the next big target was healthcare systems. This is mainly because cybercriminals are targeting vulnerable businesses that are more likely to pay a ransom when they want their data back. Therefore, health systems are the ideal next target. 

Abigail Bradshaw, the agency's director, said that cyber threats are continually evolving and that they are more frequently targeting the country's critical infrastructure, which is becoming more widespread. 

As a result of the program, more than 24 million malicious domain requests have been blocked. In addition, 29,000 attacks on Australian services have been taken down. Furthermore, 185 ransomware movements have been stopped, which represents an increase of 75 percent. 

Besides this, the agency was also involved in five successful operations, which included the shutdown of online criminal marketplaces as well as foreign scam networks. 

How to protect yourself 


As part of its recommendations, the ACSC urges individuals to take steps to protect themselves from cybercrime. 

  • Information that is critical to the organization should be protected by updated devices 
  • Turn on multi-factor authentication to make the system more secure 
  • Make sure that you regularly back up your devices 
  • Passphrases should be set up to ensure their security 
  • You should report scams and keep an eye out for threats if you come across them
Read more »
Russia
Cyber Defence Cyber Security National Cyber Security Russia

Russian experts created protection for ships and ports from cyber attacks


Russian company Engineering Technologies has developed a Poseidon system to protect ships and ports from cyberattacks. Domestic and foreign customers are already interested in this development.

Currently, 90% of the world's cargo is transported by sea. Objects of marine infrastructure due to their high automation and computerization are often victim of hackers. So, in 2017 and 2018, cyber attacks were carried out on the largest sea carriers Maersk (Denmark) and COSCO (China), as a result of which cargo terminal systems were blocked. In Russia in early 2018, hackers tried to disrupt the work of the Administration of the Sea Ports of Azov Sea.

"The Poseidon complex is being developed to protect ships and marine infrastructure facilities – ports, shipyards, drilling platforms from cyberattacks," said Artem Dolgikh, Poseidon Project Manager and Technical Director of Engineering Technologies.

Currently, most ships are protected using standard software, as well as security rules and policies on network equipment.

Poseidon uses the author's database of cyber vulnerability scenarios for the marine area and an automated threat detection algorithm implemented on the basis of neural networks and artificial intelligence.

According to Artem Dolgikh, the application of the program will reduce the costs of shipowners. So, a number of industry-specific marine companies, both in Russia and abroad, are already interested in it.

It became known that the software part of the system is planned to be developed in Russia, and the hardware part can be produced both on the territory of the Russian Federation and abroad.

Earlier, E Hacking News reported that now shipping companies are considering moving into the digital era and to work out a system which will integrate blockchain technology into one vast platform. A number of different shipping lines, such as A.P. Moeller- Maersk A/S have teamed up with technology companies, and they are about to revolutionize the shipping industry and upgrade the world’s most complex logistics network.
Read more »
Subscribe to: Posts (Atom)