Following the news around Russia announcing that it had stopped 25 million cyberattacks during the World Cup, Sean Sullivan, Security Advisor at F-Secure offers the following comment: Sean Sullivan, Security Advisor at F-Secure: “Clearly there weren’t 25 million “cyber-attacks”. (Which would be physically destructive if properly defined.) And what about DDoS attacks? Unlikely. What then? IP addresses and other related activity? Probably. I have no doubt that threat monitoring would have generated 25 million suspicious data points during the World Cup. So, it would be more accurate to say something such as unauthorised network scans and DDoS attempts were monitored and successfully…
ISBuzz Team
Action Fraud UK has warned that both businesses and universities need to be on guard against a new scam, which has already resulted in firms being defrauded of £350,000. Hackers are registering spoof UK university domains to look like they belong to UK university email addresses. These domains are used to contact suppliers and order high value goods such as IT equipment and pharmaceutical chemicals in the university’s name and the suppliers are never paid back. Kevin commented below as part of our security experts comments series. Kevin Bocek, Chief Cybersecurity Strategist at Venafi: “The universities and other businesses affected by this…
After Verizon’s data breach exposing the personal data of 14 million customers, web security company High-Tech Bridge’s CEO, Ilia Kolochenko, has commented that identifying and preventing such risks can be easy if done proactively: Ilia Kolochenko, CEO at High-Tech Bridge: “This is a remarkable, albeit sad, example of shadow IT created by third-parties in the era of cloud. Such incidents are very difficult to prevent and mitigate. Even if you meticulously control the security policies of your suppliers and request records of their external and internal audits, human mistake on their side remains unpredictable and thus virtually unpreventable. We will…
The Ukrainian Secret Service (SBU) said today it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region. Commenting on the news are the following security professionals: Craig Young, Security Researcher at Tripwire: Consumer routers show up in very unexpected places at times but critical infrastructure is certainly the last place I’d expect to find them. Due to the lack of details provided by Ukranian Secret Service, it is not possible to know which devices may have been compromised with VPNFilter malware and what they were being used for…
A new scam is doing the rounds, where fraudsters are emailing people their own passwords in a bid to convince them they secretly filmed them watching porn on their computers. Figure 1 – Example Email Action Fraud officials have said it is the first time they have ever seen a scam include the victim’s real password in the subject line. The security experts have contacted several of the victims who have confirmed that the passwords are genuine. Eyal Benishti, CEO & Founder at IRONSCALES: “Criminals are clever, and will go the extra mile to scare victims in order to get…
The special counsel investigating Russian interference in the 2016 election issued an indictment of 12 Russian intelligence officers on Friday in the hacking Hillary Clinton’s campaign and the Democratic National Committee during the presidential election. The 12 Russians stole and leaked emails as part of a Russian government effort to interfere with the election. The indictment came only three days before President Trump was planning to meet with President Vladimir V. Putin of Russia in Helsinki, Finland. Leo Taddeo, Chief Information Security Officer at Cyxtera: “The indictment teaches cyber security professionals several important lessons. Many legacy security solutions, even when…
Following yesterday’s release of Recorded Future’s research on Russia’s national vulnerability database, and the Trump-Putin summit in which it was suggested that the US and Russia work more closely on cyber initiatives, Priscilla Moriuchi has followed up with her thoughts. Please see below. Priscilla Moriuchi: “Without a doubt there are many issues within the cyber context that the United States and Russia could work together on to improve. These include cyber operations in wartime, attacks on critical infrastructure, and cyber-enabled intellectual property theft among others. However, operating a joint working group on cybersecurity in order to examine the digital and forensic evidence…
In response to the news that Telefonica has suffered a data breach which exposed the details of millions of Spanish users, Rob Shapland, IT security experts commented below. Rob Shapland, Principle Cyber Security Consultant at Falanx Group: “Telefonica will need to assess the scope of the breach in order to understand how it impacts GDPR. Has the breach been exploited and the information stolen by hackers? If so, they will certainly need to inform the GDPR supervisory authority, and very likely each of the affected customers. They could then be liable to fines of up to €20 million or 4% of…
The UK’s National Health Service is celebrating its 70th anniversary this year. To coincide with this, the UK government has made a big financial commitment to the service’s future. The NHS annual budget of £114 billion will rise by 3.4 percent a year. Technology is one of the four main pillars to be covered in a new 10-year plan that’s supported by this new funding. But, as the service was seriously disrupted by cyber-attacks only a year ago, there is clearly a need to consider cybersecurity as part of any future investment in new technology. The challenge of protecting NHS…
Today PWC published a report which stated that AI will create as many jobs as it displaces by boosting economic growth. In response to the release of this report, Matt Walmsley, EMEA Director at Vectra – a company that automates the hunt for cyber threats by using AI – has provided commentary on how AI is helping to create new cybersecurity jobs. Matt Walmsley, EMEA Director at Vectra: “AI is already changing the workplace, and in some areas creating new work opportunities. For example, in the uniquely adversarial world of cybersecurity, we’re seeing that AI is addressing a significant professional skills and…