The New Mob is on the Internet

| December 28, 2018

article image
According to the Secureworks State of Cybercrime Report 2018, the bulk of cybercrime-related damage around the globe is perpetrated by a small group of well-organized, dangerous, and covert criminal groups. What’s worse, the report shows that the boundary between a nation-state and cybercriminal actors is becoming increasingly blurred as the former learns about the tools and techniques employed by the latter and vice/versa. The report shows that these groups are avoiding the dark web where at all possible to evade detection by threat research and government law enforcement groups, employing highly sophisticated tactics such as social engineering and ransomware. As we move forward into 2019, these threats will likely only become more advanced and harder to detect, requiring authorities and private citizens alike to invest in heightened protection, training, and deterrences.

Spotlight

Innovera

Innovera is a leading IT security and IT continuity consulting shop in the Turkish territory. With offices in Istanbul and Ankara, Innovera provides services to a portfolio of enterprise customers. Focus verticals are banking, telecomms and large government agencies. Innovera annually runs SHIELD, Turkey's signature cyber security conference.

OTHER ARTICLES

Protecting against Cybersecurity Threats when Working from Home

Article | March 11, 2020

With the spread of the novel coronavirus (COVID-19), many organizations are requiring or permitting employees to work remotely. This post is intended to remind employers and employees that in the haste to implement widespread work-from-home strategies, data security concerns cannot be forgotten.Employers and employees alike should remain vigilant of increased cybersecurity threats, some of which specifically target remote access strategies. Unfortunately, as noted in a prior blog post, cybercriminals will not be curtailing their efforts to access valuable data during the outbreak, and in fact, will likely take advantage of some of the confusion and communication issues that might arise under the circumstances to perpetrate their schemes. Employees working from home may be accessing or transmitting company trade secrets as well as personal information of individuals. Inappropriate exposure of either type of data can lead to significant adverse consequences for a company.

Read More

Security by Sector: Medical IoT Gets Much Needed Dose of Cybersecurity

Article | March 11, 2020

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why? Information security risks and challenges in the healthcare industry are well documented and much maligned. There are several reasons why the healthcare sector is particularly vulnerable, but one of the chief causations is the high amount of connected yet insecure devices commonly used within hospitals, clinics and medical centers. For example, a report from researchers at healthcare cybersecurity company CyberMDX discovered that connected medical devices are twice as likely to be vulnerable to the BlueKeep exploit compared to other devices on hospital networks.

Read More

We Need to Improve Cybersecurity Standards in Space

Article | March 11, 2020

Last month, SpaceX became the operator of the world’s largest active satellite constellation. As of the end of January, the company had 242 satellites orbiting the planet with plans to launch 42,000 over the next decade. This is part of its ambitious project to provide internet access across the globe. The race to put satellites in space is on, with Amazon, UK-based OneWeb and other companies chomping at the bit to place thousands of satellites in orbit in the coming months. These new satellites have the potential to revolutionise many aspects of everyday life – from bringing internet access to remote corners of the globe to monitoring the environment and improving global navigation systems. Amid all the fanfare, a critical danger has flown under the radar: the lack of cybersecurity standards and regulations for commercial satellites, in the US and internationally. As a scholar who studies cyber conflict, I’m keenly aware that this, coupled with satellites’ complex supply chains and layers of stakeholders, leaves them highly vulnerable to cyberattacks.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | March 11, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

Spotlight

Innovera

Innovera is a leading IT security and IT continuity consulting shop in the Turkish territory. With offices in Istanbul and Ankara, Innovera provides services to a portfolio of enterprise customers. Focus verticals are banking, telecomms and large government agencies. Innovera annually runs SHIELD, Turkey's signature cyber security conference.

Events