Flaw in SS7 Lets Attackers Empty Bank Accounts

Infosecurity Magazine | February 04, 2019

Flaw in SS7 Lets Attackers Empty Bank Accounts
A UK bank fell victim to a malicious SS7 attack that led to cyber-criminals emptying bank accounts at the UK’s Metro Bank, according to Motherboard. Though malicious actors have been able to exploit flaws in telecommunication infrastructure for years, it’s not being reported that attacks are able to intercept codes used for banking using Signaling System 7 (SS7) attacks. According to Motherboard, the National Cyber Security Centre (NCSC) said that it is aware that cyber-criminals are exploiting a telecommunications vulnerability to target bank accounts “by intercepting SMS text messages used as 2-Factor Authentication.” “Legacy communications protocols were often architected with utility in mind, not security,” said Matt Walmsley, EMEA director at Vectra. “We’ve seen old-school fax protocols being recently used to delivery malicious payloads into multifunction printers. Using the telephone infrastructure for illicit activity isn’t new, either."

Spotlight

You don't have to be an IT recruiter to know that Cyber Security professionals are some of the most sought after in the technology sector. While openings are plentiful across industries; we are excited to present our pick of exclusive positions in the NY metro area offering the most potential for unique, high-impact, advantageous, and fulfilling careers. Do you have what it takes to add value in one of these opportunities?

Related News

DATA SECURITY

Arctic Wolf Security Operations Cloud Reaches Massive Scale and a Global Footprint

Arctic Wolf | November 09, 2021

-Arctic Wolf®, a leader in security operations, today announced the global expansion of its industry-leading cloud-native platform, the Arctic Wolf Security Operations Cloud, to provide customers and partners with unified visibility, protection, and automation, through a growing number of technical integrations. With the establishment of a European Security Operations Center (SOC) in Frankfurt, Germany, Arctic Wolf customers in any location, will have full flexibility in how their native security solution data is stored and accessed to aid in their compliance with local and international data governance regulations. Built on an open XDR architecture, the Arctic Wolf Security Operations Cloud has scaled to ingest, parse, enrich, and analyze over 1.6 trillion security events and 1.3 petabytes of data each week from over one million licensed users at 2,000 global customers. By leveraging machine learning and artificial intelligence the Arctic Wolf Security Operations Cloud now processes events at an equivalent or greater rate than that of other market-defining cloud platforms. This momentum is driven by a strong uptick in demand for the technology in the enterprise market, demonstrated by Arctic Wolf’s 510% year-over-year large enterprise ARR growth in the first quarter of the fiscal year. Unlike the rest of the industry that is just now starting to parse solutions to integrate data from multiple attack surfaces, Arctic Wolf’s platform was built from day one on a cloud-native architecture that seamlessly ingests data from endpoint, network, identity, and cloud sources to deliver automated threat detection and response at scale. This unification of an organization’s security data ensures only verified security incidents are escalated to customers, effectively eliminating alert fatigue, and ensuring internal security resources have the time needed to focus on hardening their overall security posture. Powering Security Operations at a Global Scale To further support Arctic Wolf’s ongoing global expansion, the company has leveraged the scalability and extensibility of the AWS public cloud infrastructure, providing new customers the ability to have their native security solution data hosted within the Arctic Wolf Security Operations Cloud in their choice of the United States, Germany, or Canada. With five SOCs spread across North America and Europe, as well as a growing team of remote security analysts, organizations within Arctic Wolf’s global customer base can have confidence that the Arctic Wolf Concierge Delivery Model aligns with the needs of their compliance requirements on their security journey to end cyber risk. Delivering Critical Outcomes Across the Entire Security Operations Framework The massive growth in the power and scale of the Arctic Wolf Security Operations Cloud has been pushed by explosive market demand for security operations, which has resulted in the company doubling its sales for eight consecutive years and achieving a $4.3B valuation as part of a $150M Series F funding round in July. In addition to the business expansion driving the momentum of its cloud-native platform, Arctic Wolf has also made aggressive investments in ecosystem integrations, resulting in the Arctic Wolf Security Operations Cloud adding support for dozens of new security data sources over the last year. Arctic Wolf’s universal and unlimited approach to data ingestion allows customers to gain visibility and control over historically disparate security solutions, while removing the need for security leaders to choose which data sources are important or cost-effective to monitor. Supporting Quotes: “While every other aspect of the modern technology stack has a category-defining platform —think Salesforce, ServiceNow, and Workday— no one in cybersecurity has managed to unify the market and produce a true platform that serves all security operations use cases for midsize and enterprise customers,The Arctic Wolf Security Operations Cloud delivers exactly that – the unified security operations experience that owns the outcome for the customer, and our new global footprint makes it easier than ever for organizations to have full control over where their native security solution data is stored.” Nick Schneider, president and chief executive officer of Arctic Wolf “Accelerated digital transformation and the shift to cloud-based solutions require organizations to rethink data protection strategies and upscale their data security infrastructures to meet the ever-evolving privacy and data compliance landscape,” said Duncan Brown, vice president, European Enterprise Research, IDC. “This trend is global in nature and in Europe, in particular, we are seeing a rapid movement to adopt cloud environments. The vendors who will lead the market in that change will need to demonstrate a proven track record in delivering a mature, global cloud model that meets data sovereignty requirements without compromising speed and scalability.” With the Security Operations Cloud, Arctic Wolf is the first to deliver a cloud-based platform that gives organizations the protection, resilience, and guidance they need to defend against cyber threats, including Managed Detection and Response (MDR), Managed Risk, Cloud Security Posture Management (CSPM), and Managed Security Awareness —each delivered by the unique concierge delivery model. About Arctic Wolf: Arctic Wolf® is a global leader in security operations, delivering the first cloud-native security operations platform to end cyber risk. Powered by threat telemetry spanning endpoint, network, and cloud sources, the Arctic Wolf® Security Operations Cloud ingests and analyzes more than 1.6 trillion security events a week across the globe, enabling critical outcomes for most security use cases and optimizing customers’ disparate security solutions. Now deployed to more than 2,000 customers worldwide, the Arctic Wolf® Platform delivers automated threat detection and response at scale, and empowers organizations of any size to stand up world-class security operations with the push of a button.

Read More

DATA SECURITY

GBA to Launch Cyber Supply Chain Threat Mitigation Subsidiary

Global Business Alliance | July 19, 2021

The Global Business Alliance (GBA) has announced the launch of GBA Sentinel. It is a wholly-owned subsidiary that focused on assisting worldwide companies in identifying and addressing possible supply chain and cyber susceptibilities rapidly. Global companies know it is authoritative for the private sector to cooperate with federal agencies to confirm a safer atmosphere. Through GBA Sentinel, worldwide businesses can gain access to industry-leading supply chain risk management compliance tools of Fortress Information Security. Fortress exclusively delivers actionable risk visions on the supply chain ecosystem of resources and sellers, thereby allowing companies to alleviate their cybersecurity risks and assure controlling compliance logically. Today, Fortress secures the supply chains of dangerous infrastructure for more than 40 percent of the U.S. power grid. In addition, it works carefully with key federal agencies to improve their supply chain cyber flexibility. This inventiveness is a first for the Global Business Alliance, representing 200 of the major global companies operating in the US. About the Global Business Alliance The Global Business Alliance (GBA), as the premier voice of international companies in the United States, energetically encourages and protects an open economy that welcomes global companies to invest in America. Our associates are American companies with worldwide heritage and a crucial part of our nation's economic success. When America is open for business, we all take advantage of it.

Read More

SparkCognition and Siemens to Co-Develop AI-driven Cybersecurity System

SparkCognition | June 15, 2020

SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens. Designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security. SparkCognition and Siemens today announced a new collaboration on a cybersecurity system, DeepArmor Industrial, fortified by Siemens, which is designed to protect endpoint, or remote, operational technology (OT) assets across the energy value chain by leveraging artificial intelligence (AI) to monitor and detect cyberattacks. The innovative AI-driven system will deliver next-generation antivirus, threat detection, application control, and zero-day attack prevention to endpoint power generation, oil and gas, and transmission and distribution assets, which for the first time brings fleet level cybersecurity monitoring and protection capabilities to the energy industry. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations, and the critical infrastructure that powers communities throughout the world," said Leo Simonovich, Head of Industrial Cybersecurity at Siemens. "Many energy companies with remote, endpoint assets have struggled to defend their environment because they either lacked the visibility to detect, or the agility to mitigate, cyberattacks that threaten operational technologies. Read more: CYBERATTACKS ON CRITICAL INFRASTRUCTURES WITNESS SHARP RISE DURING THE PANDEMIC Together with Siemens, we are excited to bring next-generation endpoint protection that is specifically designed to increase the cyber resilience of OT networks and prevent advanced threat actors from impacting critical infrastructure. ~ SparkCognition This new partnership combines Siemens' cybersecurity expertise in securing operational technology with SparkCognition's expertise in artificial intelligence to deliver the energy industry's first solution capable of detecting and protecting remote assets against cyberattacks. Through our extensive work with the energy industry, we've seen the pain points and challenges the industry is facing right now," said Sridhar Sudarsan, Chief Technology Officer at SparkCognition. "The industry needs security solutions that can both operate autonomously and are designed with the modern industrial environment in mind. The threat of mega cyberattacks targeting critical infrastructure is worsening, according to a joint study conducted by the Ponemon Institute and Siemens that surveyed global energy industry executives on a wide range of threats, vulnerabilities, and strategies required to protect oil and gas assets. The study found that 67 percent of respondents believe the risk level to industrial control systems over the past few years has substantially increased because of cyber threats. The study also found that 61 percent of respondents said their organization's industrial control systems protection and security was not adequate. Cyberattacks on the energy industry are on the rise in volume and in sophistication, and they increasingly threaten companies' physical safety and security, business operations. OT assets operating in the field today are particularly vulnerable to cyberattacks as much of the energy industry's critical infrastructure was engineered before the widespread digitization of industrial control systems. This leaves portions - or entire fleets - without the ability to be patched or cost effectively updated with new security defenses. With award-winning machine learning technology, a multinational footprint, and expert teams focused on defense, IIoT, and finance, SparkCognition builds artificial intelligence systems to advance the most important interests of society. Our customers are trusted with protecting and advancing lives, infrastructure, and financial systems across the globe. Siemens Gas and Power GmbH & Co. KG is the global energy business of the Siemens group, which has been working with its customers on solutions for the evolving demands of industry and society for more than 150 years. With planned stock listing, Siemens' energy business will operate independently as Siemens Energy in the future. It will offer broad expertise across the entire energy value chain, along with a comprehensive portfolio for utilities, independent power producers, transmission system operators, the oil and gas industry, and other energy-intensive industries. Read more: SMALL AND MEDIUM BUSINESSES NEED TO IMPROVE THEIR CYBERSECURITY POST COVID-19 LOCKDOWN

Read More

Spotlight

You don't have to be an IT recruiter to know that Cyber Security professionals are some of the most sought after in the technology sector. While openings are plentiful across industries; we are excited to present our pick of exclusive positions in the NY metro area offering the most potential for unique, high-impact, advantageous, and fulfilling careers. Do you have what it takes to add value in one of these opportunities?