FBI Crackdown on Russian Cybercriminal Website, Admin Arrested

scmagazine | March 26, 2020

FBI Crackdown on Russian Cybercriminal Website, Admin Arrested
  • This comes after DEER.IO administrator and hacker Kirill Victorovich was taken into custody by the FBI in New York City.

  • DEER.IO was involved in conducting cybercriminal transactions worth millions of dollars

  • A DOJ-filed federal complaint says that stores operating via DEER.IO’s Russian-based infrastructure offered stolen financial and corporate data


The FBI on Tuesday seized the website for DEER.IO, a Russian online platform used to conduct millions of dollars’ worth of cybercriminal transactions. The crackdown followed the March 7 arrest of alleged hacker/DEER.IO administrator Kirill Victorovich, who was taken into custody while in New York City.


Active since October 2013, DEER.IO allows users to purchase access to cyber storefronts from which they could sell stolen credentials and other criminal wares and services to customers via an interface.


Victorovich, 28, has been federally charged with unauthorized solicitation of access devices, which carries a maximum penalty of 10 years in prison. According to a U.S. Department of Justice release, Firsov both managed DEER.IO and advertised it on other hacker forums.


READ MORE: Cybersecurity gaps magnified as millions work remotely due to covid-19


Firsov is scheduled to make an April 16 appearance before the Southern District of California Court — the same court that issued the order to seize DEER.IO.


A DOJ-filed federal complaint says that stores operating via DEER.IO’s Russian-based infrastructure offered stolen financial and corporate data, personally identifiable information and user accounts.


From those identities, the FBI identified names, dates of birth and U.S. Social Security numbers for multiple individuals who reside in San Diego County.

- Justice Department


According to a Justice Department press release, earlier this month the FBI purchased 1,100 game accounts — including passwords — from the DEER.IO store known as ACCOUNTS-MARKET.DEER.IS. Having full access to hacked accounts would allow the buyer to make additional purchases that would be charged to the account’s rightful owner. The FBI also bought several thousand accounts from another DEER.IO store called SHIKISHOP.DEER.IS.


There is a robust underground market for hacked stolen information, and this was a novel way to try to market it to criminals hoping not to get caught. Hackers are a threat to our economy, and our privacy and national security, and cannot be tolerated.

U.S. Attorney Robert Brewer


READ MORE: Beazley’s breach briefing 2020 brings expert insights on cybersecurity

Spotlight

"Traditional firewalls and standalone point security products can help but they can also add complexity, latency, and cost. But can you have your cake and eat it too? Yes you can do it all --
1) improve your network security
2) get more control
3) simplify your infrastructure by adopting a Next Generation Firewall (NGFW).
Get the details now."

Related News

DATA SECURITY

Upstream Security Recognized by Frost & Sullivan for Its Contribution to the Automobile Industry

Upstream | August 12, 2021

Upstream Security, provider of a cloud-based mobility cybersecurity and data analytics platform, which is purpose-built for connected vehicles and smart mobility services, announced today that it was selected to receive the 2021 Europe Technology Innovation Leadership Award from leading research group Frost & Sullivan. Following a rigorous process of analysis, consisting of multiple vendor evaluations across various criteria, Frost & Sullivan acknowledged Upstream Security for its visionary outlook and outstanding achievements in developing growth strategies that effectively address new challenges and opportunities in the connected vehicle analytics and cybersecurity space. In its detailed report, Frost & Sullivan noted that Upstream's ability to leverage data, analytics, and cybersecurity technologies helps customers achieve best-in-class vehicle security, higher reliability, and substantial financial savings. Specifically, the following are some of Upstream's values highlighted in the report: ● Unparalleled cybersecurity: Equips original equipment manufacturers (OEMs) with a powerful combination of intrusion prevention and detection systems for automotive telematics protocols, coupled with machine learning algorithms accustomed to fleet and driver behavior. ● Vehicle Security Operations Center (VSOC) integration: Enables both automotive cybersecurity detection and additional non-cyber smart-mobility use cases for deep, contextually rich investigation of automotive related incidents. ● Regulatory compliance: Ensures compliance with UNECE WP.29 (R155). ● Full visibility and flexibility: Provides fleet-wide visibility through analytical tools and real-time actionable insights into fleet health and vehicle activities. ● User-friendly and customizable: Offers a dashboard with crucial insights that enable clients to identify cyber risks in real time, in addition to both pre-built and customizable security policies. Tonya Fowler, Global Research Vice President of Best Practices Recognition at Frost & Sullivan, summarized the company's key contributions to the industry: "Upstream Security has quickly developed an excellent reputation by developing an industry leading cloud-based centralized cybersecurity platform that enables clients to safeguard the technologies and applications of connected and autonomous vehicles via application of big data and Machine Learning." Oded Yarkoni, VP Marketing at Upstream Security, explained the visionary strategy that helped the company clinch this prestigious award: "With vehicles becoming more connected and autonomous, the automotive industry must continually evolve and outpace new risks previously only experienced by the IT industry. At the same time, there is a huge opportunity for car manufacturers, insurers, and the whole industry to better serve and protect drivers while improving operational excellence and financial performance. Upstream Security is at the forefront of this new world, enabling its customers to harness the wealth of information to deliver better results. "We are proud to be recognized for this leadership by Frost & Sullivan, and to continue our mission to become the provider of choice for cybersecurity and data analytics to the connected vehicle industry." More insights about the award selection process and Upstream Security's technology are detailed in the report published by Frost & Sullivan. About Upstream Security Upstream unlocks the value of mobility data through a purpose-built, cloud-based cybersecurity and data analytics platform. The Upstream platform and its pre-built and customizable applications leverage existing mobility data feeds for multiple use cases, including cybersecurity, predictive maintenance, insurance, business intelligence, data quality validation and more. Utilizing data normalization and cleansing; digital twin profiling; artificial intelligence (AI)-powered anomaly detection; and built-in mobility intelligence from AutoThreat® Intelligence, the industry's first mobility-specific threat intelligence and risk assessment solution, Upstream provides unparalleled cybersecurity and data-driven actionable insights that are readily available and seamlessly integrated into the customer's environment. Upstream is privately funded by Mitsui Sumitomo Insurance, Alliance Ventures (Renault, Nissan, and Mitsubishi), Volvo Group, Hyundai, Nationwide Insurance, Salesforce Ventures, CRV, Glilot Capital Partners, and Maniv Mobility. About Frost & Sullivan Frost & Sullivan, the Growth Partnership Company, collaborates with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants. For more than 50 years, Frost & Sullivan has been developing growth strategies for the Global 1000, emerging businesses, the public sector, and the investment community.

Read More

SecurityScorecard Revamps Its Cybersecurity Risk Management Product Amidst Global Shift to Remote Work

SecurityScorecard | June 03, 2020

SecurityScorecard , announced new capabilities in its best-in-class product suite. These updates enable security and risk teams at any organization to collaborate faster and smarter. Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence. This provides a transparent view of what cybersecurity issues have been remediated, with visibility into what has been requested and resolved by their third parties. SecurityScorecard, the global leader in security ratings, announced today new capabilities in its best-in-class product suite. These updates enable security and risk teams at any organization to collaborate faster and smarter amidst a massive global shift to remote work. SecurityScorecard is proud to empower organizations worldwide to combat cyber risks. Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence," said Sam Kassoumeh, COO and co-founder of SecurityScorecard. Companies that use SecurityScorecard to engage their supply chain see a quantifiable improvement in their ecosystem security posture, which is now more important than ever. SecurityScorecard's revamped cybersecurity risk management product suite includes more than 25 unique, new capabilities. These include. Invited Company Experience: Organizations gain the ability to easily improve their score, access to time-saving automations and educational materials that give prescriptive tips on how to collaborate effectively with their third parties.Audit Log: This provides a transparent view of what cybersecurity issues have been remediated, with visibility into what has been requested and resolved by their third parties.Rule Builder: Organizations can now create rules to automatically detect and act on any changes to their score to proactively identify their biggest areas of risk. Read more: MICROSOFT ENHANCES AZURE CLOUD SECURITY FOR GREATER VISIBILITY INTO THIRD-PARTY ACCESS SecurityScorecard is proud to empower organizations worldwide to combat cyber risks. Our solution brings unique and actionable data and analytics to customers so that they can become cyber resilient in less time and with more confidence. ~ Sam Kassoumeh, Founder SecurityScorecard . Custom Questionnaire Creator: With over 20 industry standard questionnaires and the ability to edit and customize any questionnaire, customers can now assess and survey any organization in the world against any framework -- and gain unique SecurityScorecard insights to streamline the assessment process .Summarize Risk Findings on Atlas: SecurityScorecard's leading questionnaire and evidence exchange platform, Atlas, now features the ability for organizations to add notes, findings, and remediation plans. The importance of collaborating on cybersecurity is paramount as workforces shift to remote work, expanding the perimeter beyond what many companies are equipped to handle. Many organizations are depending on their security teams to protect against cyber attacks that pose a major risk to their business operations. SecurityScorecard's leading questionnaire and evidence exchange platform, Atlas, now features the ability for organizations to add notes, findings, and remediation plans,The importance of collaborating on cybersecurity is paramount as workforces shift to remote work . According to a study from McKinsey, 32% of CISOs are looking for more collaborative tools, guides, training, and operating norms that will help secure their organizations. Companies that engage with their SecurityScorecard rating can reap significant benefits. Organizations that are invited to the platform with a security grade of 'C' of below typically exhibit an average of 7 to 8 point improvement. Many newly invited companies have noted that SecurityScorecard has increased their visibility into their risk environment and empowered their teams to remediate issues that were previously overlooked. With over 1.4 million companies rated, SecurityScorecard is the global industry leader in security ratings. SecurityScorecard collects and analyzes global threat signals that allows organizations to have instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. SecurityScorecard is the global leader in cybersecurity ratings and the only service with over a million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 1,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Read more: GOOGLE TOP CHOICE FOR CYBERCRIMINALS FOR BRAND-IMPERSONATION SPEAR-PHISHING CAMPAIGNS

Read More

DATA SECURITY

Area 1 Security and SolCyber Partner to Deliver the Only Managed Preemptive Cloud Email Security to the Midmarket

Area 1 Security | October 22, 2021

Area 1 Security has been selected as the primary cloud email security provider for all customers of SolCyber, the first modern MSSP for the midmarket. Area 1's industry-first preemptive cloud email security stops phishing campaigns 24 days (on average) before they launch — keeping inboxes clean of threats that cause 95% of cybersecurity incidents. The SolCyber and Area 1 partnership brings best-in-class email protection to midsize organizations, which are increasingly targeted by phishing attacks. According to a recent survey by RSM US LLP in partnership with the U.S. Chamber of Commerce, 45% of mid-market executives said that social engineering attacks were successful last year — despite 90% of their organizations providing security awareness training. Additionally, 33% of mid-market executives disclosed that they experienced a ransomware attack or demand in 2020. The implications for mid-market organizations — which typically have fewer in-house resources and specialty expertise compared to larger organizations —are significant and costly. In fact, of the mid-market businesses that have experienced a cyberattack, 63% are unable to resume normal business operations for over a month. In one 12-month period, Area 1 Security prevented more than half a billion dollars in direct losses for its customers, including some of the world's largest healthcare, financial services, retail and consumer goods brands. Its cloud-scale solution is one of the core components in SolCyber's Foundational offering, a simple-to-implement curated technology stack, which also includes endpoint with EDR capabilities, lateral movement detection, and active directory and admin exploitation prevention. We're very excited about our partnership with Area 1 Security. They have an amazing web crawling infrastructure that gives early warning protection that really matters to our customers. It's not often you can find a preemptive security technology that really works, and provides immediate value,Our customers want to stop ransomware and other cyber threats to their businesses. Period. But they typically don't have the time or resources to build a mature security posture on their own. Area 1 fits seamlessly into our Foundational Coverage, it deploys in minutes and is highly scalable, accelerating our customers' time to realize true value. SolCyber CEO Scott McCrady "We are thrilled to partner with a modern MSSP with an extremely user-friendly model. Like Area 1, SolCyber is committed to making it easy for organizations of all sizes to deploy best-in-class cloud-based security," said Steve Pataky, chief revenue officer of Area 1 Security. "We look forward to getting all of SolCyber's customers to INBOX.CLEAN™ — an inbox free of ever-evolving threats that defraud companies of data, dollars and brand confidence." About SolCyber SolCyber, a ForgePoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are streamlined, accessible and affordable for any organization. SolCyber is disrupting the status quo, by providing a new standard of managed security services that work to reduce cyber risk, wastage and complexity. We believe in a secure environment for all. For more information about SolCyber, visit solcyber.com or follow us at @SolCyberMss or on LinkedIn. About Area 1 Security Area 1 Security is the only company that preemptively stops Business Email Compromise, malware, ransomware and targeted phishing attacks. By focusing on the earliest stages of an attack, Area 1 stops phish — the root cause of 95 percent of breaches — 24 days (on average) before they launch. Area 1 also offers the cybersecurity industry's first and only performance-based pricing model, Pay-per-Phish. Area 1 is trusted by government agencies and Fortune 500 enterprises across financial services, healthcare, critical infrastructure and other industries, to preempt targeted phishing attacks, improve their cybersecurity posture, and change outcomes.

Read More

Spotlight

"Traditional firewalls and standalone point security products can help but they can also add complexity, latency, and cost. But can you have your cake and eat it too? Yes you can do it all --
1) improve your network security
2) get more control
3) simplify your infrastructure by adopting a Next Generation Firewall (NGFW).
Get the details now."