Tag Archives: Cyber Criminals

NATO selects BlackBerry’s encrypted voice technology for secure calls

The NATO Communications and Information (NCI) Agency has awarded a contract for BlackBerry’s SecuSUITE for Government to encrypt the conversations of its technology and cyber leaders wherever they communicate – in the workplace, at home or when travelling abroad.

The NCI Agency helps NATO’s 29 Member Nations communicate securely and work together in smarter ways. It acquires, deploys and defends communication systems for NATO’s political decision-makers and Command Centres, working on the front lines against cyber attacks. Due to the classified nature of the information the NCI Agency handles, it’s critical that all communications remain secure, combating any opportunity for a cyber criminal to electronically eavesdrop on conversations.

BlackBerrySecusuite1

“As cyber criminals and state-sponsored actors become increasingly more sophisticated, we needed a highly secure way for our cyber leaders to have phone conversations with people inside and outside of our organisation regardless of where they are in the world,” said Kevin Scheid, general manager of the NCI Agency. “BlackBerry’s voice encryption technology helps solve this challenge and strengthens our elite cyber defence strategy.”

Dr Christoph Erdmann, senior vice-president of BlackBerry SecuSMART at BlackBerry, responded: “Eavesdropping on calls is one of the easiest ways to gain access to private information. We’re extremely proud that the NCI Agency, a world leader in the development and use of technology that keeps NATO nations secure, has put its trust in BlackBerry’s software to secure voice communication. No matter the operating system or ‘thing’ used to communicate, BlackBerry’s arsenal of cyber security technology ensures that our customers’ data remains private.”

BlackBerrySecusuite2

BlackBerry’s SecuSUITE for Government supports Android and iOS smart phones and tablets, and can be can be installed on-premise, in a Data Centre or in the cloud.

Use cases for the solution include: 

*Secure conferencing: Encrypts conversations between a secure conference bridge and a SecuSUITE for Government-enabled devices

*Secure landing: Encrypts mobile devices to a landline within a network

*Break-in: Protects any communication between a mobile or landline on the user’s home network to a SecuSUITE for Government-enabled mobile device

*Break-out: Secures mobile devices to the employee’s home network and from there to external mobile or landlines through PSTN extension

BlackBerryNATO

SecuSUITE for Government has been evaluated and certified to be compliant with the Common Criteria protection profile for VoIP applications and SIP servers. It has also earned a NIAP certification and has been placed on the NSA Commercial Solutions for Classified Program component list of products certified for use on classified systems.

*For more information on BlackBerry’s SecuSUITE for Government visit blackberry.com/government

Advertisements

Leave a comment

Filed under Risk Xtra

UK’s SMBs battling average of five cyber attacks per annum

Small and medium-sized businesses (SMBs) in the UK have faced up to an average of five cyber attacks in the last 12 months. That’s according to research commissioned by online encryption specialists Appstractor Corporation that highlights the growing threat such businesses face from online criminals.

A significant number of IT decision-makers in these SMBs believe they’re being put at greater risk of attack because their security software isn’t keeping pace with the sophisticated nature of the attacks with which they’re confronted.

According to the new independent report entitled ‘Under Attack: Assessing the Struggle of UK SMBs Against Cyber Criminals’. some businesses (19%, in fact) faced as many as ten attacks in the last year. IT bosses who took part in the research survey suggested that one of the major causes for concern for SMBs in the UK is that security and encryption software is aimed at individual consumers or large corporations and Governments, meaning that they cannot be deployed effectively in a small business environment.

SMBCyberSecurity

In fact, only 44% of IT decision-makers in SMBs believe that they’re able to properly protect themselves against cyber criminals using current software and systems when compared to the ability of large businesses to protect themselves.

A third believe that the UKs small business community – which makes up 99% of businesses, according to the Federation of Small Businesses – is being “forgotten about” and placed at a higher level of risk when compared to their larger counterparts.

When it comes to the level of threat faced by these smaller companies, Appstractor Corporation’s research found that 17% of companies faced at least one attack in the last year, 28% were attacked two or three times, 32% faced four or five attacks and 19% were attacked between six and ten times.

A small proportion of companies – 2% – said that their company had been targeted up to 20 times in the last 12 months.

Commenting on the report, Paul Rosenthal (CEO and founder of Appstractor Corporation) agreed that current solutions were not up to scratch. but also said that some SMBs were making themselves an easy target for criminals.

“It’s the case that SMBs are at a disadvantage in the cyber security arms race because software and platforms are not being effectively designed for them, so they have to shoehorn consumer or large enterprise-grade solutions into their company which don’t work in small businesses. IT managers and small business owners need to rid themselves of their current ideas that they are too small to be targeted and so don’t have to worry about security and encryption software. The reality is that small businesses are being targeted by criminals more than ever before. Techniques like automated mass targeting are putting them at a serious and present risk of attack.”

*To access the full report click here

Leave a comment

Filed under Risk Xtra

‘Technology at the Edge’: Axis Communications unveils Top Five Trends to shape 2018

Surveillance specialist Axis Communications’ CTO Johan Paulsson has outlined the Top Five Trends that the company feels will shape the New Year. 

Paulsson stated: “As the Greek philosopher Heraclitus said: ‘The only one constant in life is change’. There’s perhaps no better example of this than the technology industry, where innovation is so rapid that even the most fantastic of imagined futures seem like they could become a reality in the not too distant future.”

Axis Communications has put together five top technology trends that the Lund-based business feels will have a great impact on the security and surveillance industry now and in the years to come, helping to facilitate a smarter and, of course, safer world.

JohanPaulssonCTOAxisCommunicationsWeb

Johan Paulsson: CTO at Axis Communications

(1) A move towards the edge

“Two of the greatest trends that have propelled our industry forward in recent years,” observed Paulsson, “are cloud computing and the Internet of Things (IoT), both of which are delivering undeniable benefits to businesses and consumers alike. That said, they also come with implications, namely the rise in the amount of data being transferred, processed and stored. Going forward, we anticipate that ‘edge’ computing will become ever popular, alleviating this issue by performing data processing at the ‘edge’ of the network, closer to the source of the data. Doing so significantly reduces the bandwidth needed between sensors, devices and the Data Centre.”

(2) Cloud-to-Cloud

Paulsson observed: “Despite the move towards edge computing, the cloud will continue to play a significant role in IT infrastructures. As an increasing number of companies offer cloud-based services, the cloud ecosystem is increasingly becoming the preferred point of integration, rather than the traditional on-premise system. One benefit of integration between clouds is the significant potential reduction of in-house IT services required, in turn creating great cost benefits.”

(3) Deep and machine learning

According to Paulsson: “We’ve now reached a stage where the full benefits of deep learning architectures and machine learning can begin to be realised. The explosion of data available to analyse is helping businesses become increasingly intelligent. As applications develop, there are significant opportunities for predictive analytics which could facilitate incident prevention: from terrorist incidents to slip and fall accidents; from traffic issues to shoplifting and even the tragedy of rail suicides.”

(4) Cyber security

“Once again,” outlined Paulsson, “cyber security must appear on the list of trends for the next 12 months and beyond. The constant enhancement of cyber security will be a never-ending task. This is because well-resourced cyber criminals will never stop looking to exploit vulnerabilities in any new technology. As the number of connected devices grows, so too do the potential flaws that, if left unaddressed, could provide the opportunity for networks to be breached.”

Embellishing this theme, Paulsson said: “Legislation is being created to address these concerns. In the European Union, the forthcoming General Data Protection Regulation – the deadline for compliance for this being 25 May – will unify the protection of data for individuals within the EU, wherever that data is held or used.”

(5) Platforms to realise the full benefits of the IoT

In conclusion, Paulsson informed Risk UK: “The IoT has reached a point where it’s crucial to use scalable architecture to successfully collect and analyse data and manage the network of connected devices. Such an IoT platform allows equipment from different node vendors to co-exist and easily exchange information to form smart systems using existing network infrastructure. There are numerous companies, both well-established providers of technology and new market entrants, that are enabling platforms to support IoT devices. The next 12 months will see further maturation of this process.”

*Read more: https://www.axis.com/blog/secure-insights/technology-trends/

Leave a comment

Filed under Risk UK News

Ransomware attacks cause one fifth of infected SMEs to cease business operations immediately

More than one third of businesses have experienced a ransomware attack in the last year, while over one-in-five (22%) of these impacted companies had to cease operations immediately. That’s according to a study conducted by Malwarebytes.

The Annual State of Ransomware Report finds that the impact of ransomware on SMEs can be devastating. For roughly one-in-six of impacted organisations, a ransomware infection caused 25 or more hours of downtime, with some companies reporting that it caused systems to be down for more than 100 hours.

Further, among SMEs that experienced a ransomware attack, one-in-five (22%) reported that they had to cease business operations immediately, while 15% lost revenue.

“Businesses of all sizes are increasingly at risk of ransomware attacks,” said Marcin Kleczynski, CEO at Malwarebytes. “However, the stakes of a single attack for a small business are far different than those for a large enterpriseThe findings demonstrate that some SMEs are suffering in the wake of attacks to the point where they must cease business operations. To make matters worse, most of them lack the confidence in their ability to stop an attack, despite significant investments in defensive technologies. To be effective, the security community must thoroughly understand the battles that these companies are facing such that we can better protect them.”

Ransomware2

Most organisations make addressing ransomware a high priority, but still lack confidence in their ability to deal with it. 75% of those organisations surveyed place a high or very high priority on addressing the ransomware problem. Despite these investments, nearly 50% of the companies questioned expressed little to only moderate confidence in their ability to stop a ransomware attack.

For many, the source of ransomware is unknown and infections spread quickly. For 27% of organisations that suffered a ransomware infection, decision-makers couldn’t identify how the endpoint(s) became infected. Further, more than one third of ransomware infections spread to other devices. For 2% of the organisations surveyed, the ransomware infection impacted every device on the network.

SMEs in the US are being hit harder by malicious e-mails containing ransomware than SMEs in Europe. The most common source of ransomware infections in US-based organisations is related to e-mail use. 37% of attacks on SMEs in the US were reported as coming from a malicious e-mail attachment and 27% from a malicious link in an e-mail. However, in Europe, only 22% of attacks were reported as originating from a malicious e-mail attachment. An equal number were reported as having emanated from a malicious link in an e-mail.

Most SMEs don’t believe in paying ransomware demands. 72% of respondents believe that ransomware demands should never be paid. Most of the remaining organisations believe that demands should only be paid if the encrypted data is of value to the organisation. Among organisations that chose not to pay cyber criminals’ ransom demands, about one third of them lost files as a result.

Current investments in technology might not be enough. Over a third of SMEs claim to have been running anti-ransomware technologies, while about one third of businesses surveyed still experienced a ransomware attack.

“It’s clear from these findings that there’s widespread awareness of the threat of ransomware among businesses, but many organisations are not yet confident in their ability to deal with it,” said Adam Kujawa, director of malware intelligence at Malwarebytes. “Companies of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”

Leave a comment

Filed under Risk UK News

London Digital Security Centre and Oxford University pool resources to develop White Paper on Digital Security for SMEs

Oxford University, in association with the London Digital Security Centre (LDSC), will be looking at the challenges faced by SMEs and their importance to the economy as a supply chain link to larger companies and Government in order to produce an academic White Paper entitled ‘Developing Security Education and Awareness Programmes for SMEs’ for publication this coming November.

The White Paper will provide an overall review of the LDSC’s approach and effectiveness on security education for SMEs. This work will provide recommendations for assessing the effectiveness of such programmes in future and the LDSC’s specifically.

Providing education and training for this sector is crucial in order to ensure that cyber security capacity measures (such as ‘10 Steps to Cyber Security – Cyber Essentials’) are actually implemented. This White paper will explore current offerings on cyber security education and training for SMEs and identify the existing gaps.

DataBreach

Drafted by Dr Maria Bada and Dr Jason Nurse, the authors have already published similar work on the effectiveness of cyber security awareness raising. This new White Paper will build on previous knowledge and expertise using interviews and focus groups to collect information.

Dr Bada commented: “Our aim is to review the London Digital Security Centre’s approach to security education for SMEs and the motivation for this initiative. We will critically reflect on the effectiveness of the LDSC’s approach thus far. Our methodology is based on qualitative and quantitative data.”

The LDSC has already recognised the challenges that SMEs face when it comes to cyber security and is helping businesses to embrace digital innovations and operate in a secure online environment such that they protect themselves against cyber criminals.

John Unsworth, CEO at the LDSC, concluded: “Our role is to help improve the security posture of SMEs operating in London. It’s vital we understand their motivation and the issues they face to ensure the training and advice we give is implemented. This is particularly important given that over 1,000 SMEs in London report a digital crime to Action Fraud every month.”

Leave a comment

Filed under Risk UK News

Cyber criminals “exploiting human weaknesses” to make their gains

Cyber attackers are relying more than ever on exploiting people instead of software flaws to install malware, steal credentials or confidential information and transfer funds. A study by Proofpoint found that more than 90% of malicious e-mail messages featuring nefarious URLs led users to credential phishing pages, while almost all (99%) email-based financial fraud attacks relied on human clicks rather than automated exploits to install malware.

The Human Factor Report found that business e-mail compromise (BEC) attack message volumes rose from 1% in 2015 to 42% by the end of 2016 relative to e-mails bearing banking Trojans. BEC attacks, which have cost organisations more than $5 billion worldwide, use malware-free messages to trick recipients into sending confidential information or funds to cyber criminals.

BEC is now the fastest-growing category of email-based attacks.

Clicking

“Accelerating a shift that began in 2015, cyber criminals are aggressively using attacks that depend on clicks by humans rather than vulnerable software exploits, tricking victims into carrying out the attack themselves,” said Kevin Epstein, vice-president of Proofpoint’s Threat Operations Centre.

“It’s critical for organisations to deploy advanced protection that stops attackers before they have a chance to reach potential victims. The earlier in the attack chain you can detect malicious content, the easier it is to block, contain and resolve.”

Nearly 90% of clicks on malicious URLs occur within the first 24 hours of delivery, with 25% of those clicks occurring in just ten minutes and nearly 50% within an hour. The median time-to-click (the time between arrival and click) is shortest during business hours from 8.00 am to 3.00 pm EDT in the US and Canada, a pattern that generally holds for the UK and Europe as well.

Watch your inbox closely on Thursdays. Malicious e-mail attachment message volume spikes more than 38% on Thursdays over the average weekday volume. Ransomware attackers in particular favour sending malicious messages from Tuesday through until Thursday. On the other hand, Wednesday is the peak day for banking Trojans. Point-of-Sale campaigns are sent almost exclusively on Thursday and Friday, while keyloggers and backdoors favour Mondays.

Attackers understand e-mail habits and send most e-mail messages in the four-to-five hours after the start of the business day, peaking around lunchtime. Users in the US, Canada and Australia tend to do most of their clicking during this time period, while French clicking peaks around 1.00 pm.

Swiss and German users don’t wait for lunch to click. Their clicks peak in the first hours of the working day.

UK workers pace their clicking evenly over the course of the day, with a clear drop in activity after 2.00 pm.

Leave a comment

Filed under Risk UK News

“Watering hole-style cyber attacks on the rise” warns High-Tech Bridge

On Sunday 12 February, security firm Symantec released an analysis of a new wave of attacks that has been underway since at least October 2016 and came to light when a bank in Poland discovered previously unknown malware running on a number of its computers.

The bank then shared indicators of compromise with other institutions and a number of those other organisations confirmed that they too had been compromised.

These ‘watering hole’ attacks attempted to infect more than 100 organisations in 31 different countries.

Symantec has blocked attempts to infect customers in Poland, Mexico and Uruguay by the same exploit kit that infected the Polish banks. Since October, 14 attacks against computers in Mexico have been blocked, 11 against computers in Uruguay and two against computers in Poland.

wateringholecyberattack

Preliminary investigations suggested that the starting point for the Polish infection could have been located on the web server of Poland’s financial sector regulatory body, namely the Polish Financial Supervision Authority (www.knf.gov.pl).

Commenting on this news, Ilia Kolochenko (CEO of High-Tech Bridge) said: “We should expect that cyber criminals will find more creative and reliable ways to compromise their victims. Trustworthy websites, such as governmental ones, represent great value for cyber criminals, even if they don’t host any sensitive or confidential data.”

Kolochenko continued: “In the past, hackers used one-off or garbage websites to host malware, but as corporate users become more educated and vigilant, attackers need to find more reliable avenues to deliver malware and enter corporate networks. That’s why Gartner, as well as other independent research companies, continuously say that the risk posed to corporate web applications is very high and seriously underestimated. Spear phishing and watering hole attacks against high-profile websites will grow significantly in the near future.”

Leave a comment

Filed under Risk UK News, Uncategorized