Tag Archives: Threat Intelligence

BlackBerry Cylance outlines cyber security predictions for 2020

Josh Lemos, vice-president of research and intelligence at BlackBerry Cylance, has put forward some predictions on cyber security trends for 2020 that will impact Governments and companies across a variety of industry sectors.

(1) Uncommon attack techniques will emerge in common software

Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent research at BlackBerry found malicious payloads residing in WAV audio files, which have been used for decades and categorised as benign.

Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways in which to secure less commonly weaponised file formats, like JPEG, PNG and GIF, etc without hindering users as they navigate the modern computing platforms.

BlackBerryCylance2020Predictions

(2) Changing network topologies challenge traditional assumptions and require new security models

Network-based threats that can compromise the availability and integrity of 5G networks will push Governments and enterprises alike to adopt cyber security strategies as they implement the 5G spectrum. As cities, towns and Government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as the expansion of bandwidth that 5G requires inevitably creates a larger attack surface.

Governments and enterprises will need to retool their network, device and application security. We will see many lean towards a zero-trust approach for identity and authorisation on a 5G network.

Threat detection and threat intelligence will need to be driven by Artificial Intelligence and machine learning to keep up.

(3) 2020 will see more cyber-physical convergence

As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and the physical will officially converge. This is evident given the recent software bug in an Ohio power plant that affected hospitals, police departments, subway systems and more in both the US and Canada.

Attacks on Internet of Things (IoT) devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape.

Cyber security will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it. 

(4) State and state-sponsored cyber groups alike are the new proxy for international relations

Cyber espionage has been going on since the introduction of the Internet, with Russia, China, Iran and North Korea seen as major players. In 2020, we will see a new set of countries using the same tactics, techniques and procedures as these superpowers operate against rivals both inside and outside of national borders.

Mobile cyber espionage will also become a more common threat vector as mobile users are a significant attack vector for organisations that allow employees to use personal devices on company networks.

We will see threat actors perform cross-platform campaigns that leverage both mobile and traditional desktop malware. Recent research discovered nation state-based mobile cyber espionage activity across ‘The Big 4’, as well as in Vietnam. There’s likely to be more attacks coming in the future. This will create more complexity for Governments and enterprises as they try to attribute these attacks, with more actors and more endpoints in play at a larger scale.

Leave a comment

Filed under Risk Xtra

Echosec launches security-focused anonymous search tool for The Dark Web

Online data aggregation and information discovery specialist Echosec has introduced Beacon, a search platform for The Dark Web purpose-designed to help discover threats and prevent future attacks.

Beacon is an intelligence tool that helps security teams and public safety professionals alike to find key information from The Dark Web safely through a regular web browser. Previously, the only way to access The Dark Web was through a TOR browser.

The Dark Web is non-indexed and non-secure, yet searching it is crucial for security and public safety organisations as it’s a veritable hotbed for nefarious activity. Beacon provides end users with a single point of entry into The Dark Web and presents critical information in a structured and consistent way.

Organisation of Dark Web data makes analysis of it more efficient and threat intelligence actionable for law enforcement, security and risk managers.

EchosecBeacon

“Beacon helps teams to quickly identify information that can prepare them for the worse case scenario,” said Michael Raypold, CTO at Echosec. “Through Beacon, end users can identify threats quickly and enable efficient issues management.”

A basic Beacon search can provide intelligence on subjects like drug trafficking, the sale of firearms and hacker data. A UK search conducted on 12 April found 14,849 instances of hacker data using the keyword “UK + hacking,” while “UK + credit card” returned 16,600 and “UK + guns” 2,650 results respectively.

More advanced search functions in Beacon have produced thousands of results for information on the sale of identities, e-mail addresses and other personally identifiable information. One excerpt from a credit card search result on a Dark Web site reads: “Hello all clients ! – I’m a hacker, good seller, best tools, sell online 24h. – I want introduce to you my services and sell fresh cvv (visa/master,amex,dis,bin,dob,fullz..) all country, Dumps track 1&2, Account paypal, SMTP, RDP, VPS, Mailers, do WU transfer and Software Bug Transfer Western Union. – I sell cvv Fresh – Fast and Good price.”

Beacon is commercially available and simple and safe to interact with for users of all backgrounds. However, due to the sensitive nature of The Dark Web, Echosec meets with potential customers to review and approve their case before providing access. Echosec also takes steps to ensure that Beacon use is compliant with the current privacy laws and data provider terms.

*More information about Beacon may be found at https://www.echosec.net/darknet/

Leave a comment

Filed under Risk Xtra