Russian hacker group APT28 are accused of planting malware in the German government’s networks for as long as a year. Previously, Russian hackers also hacked the German government in 2015. The attack is allegedly done by the same hackers that targeted Hillary Clinton’s 2016 campaign. This cyberattack is evidence of a long line of cyber war events, proving that the world is not prepared for cyberattacks. Craig Hinkley, CEO at WhiteHat Security, the leading application security provider, has assessed the attack and commented below. Craig Hinkley, CEO at WhiteHat Security: “The alleged Russian cyberattack on the German government is the latest…
ISBuzz Team
New research findings from industrial cybersecurity firm Dragos indicate that in 2017, at least five highly sophisticated threat groups focused on attacking industrial control systems (ICS), and that targeted attacks become more common. Ray DeMeo, Chief Operating Officer at Virsec commented below. Ray DeMeo, Chief Operating Officer at Virsec: “There has been a sharp increase in attacks targeting ICS in the last year. While the most high-profile attacks are often politically motivated, the tools for these advanced attacks are becoming widespread. It’s only a matter of time that we start seeing non-nation-state hackers using these advanced tools to extort ransoms, gain publicity, or just cause mayhem.…
GCHQ has warned that the charity sector is “particularly vulnerable” to cyber attacks, with rogue nations considered a specific threat. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “The threat of cyber-attacks is very real, and no business or individual is immune from online crime. Any organisation in today’s digital world is vulnerable and charities face the same risks as any other sector. Every charity with some form of online presence can be attacked – through a direct hack, ransomware, fraudulent e-mails and phishing attacks – which leaves the charity…
Ilia Kolochenko,CEO at High-Tech Bridge: “If these allegations are true, we are likely dealing with an unprecedented scale of attack that deserves the most rigorous technical investigation and a proportional response. “However, so far we are mainly dealing with a number of isolated, often contradictory facts and testimonies from various conflicting sources. For example, the breach of a state website will unlikely have any direct consequences on the election outcomes. Many adduced facts – are excerpts from secret reports and thus can hardly be used to derive a reliable conclusion without reading the entire report. “For obvious reasons, it may be…
In the latest UK Threat Landscape report, the UK’s emergency services have been found to be at risk of a major cyber-attack. The report by Anomali evaluates the UK’s Critical National Infrastructure (CNI) against threats and possible vulnerabilities and general weak spots which could be exploited by attackers.The emergency services, more specifically the healthcare services, have suffered from well publicised cyber attacks. Paul Norris, Senior Systems Engineer – EMEA at Tripwire commented below. Paul Norris, Senior Systems Engineer – EMEA at Tripwire: “Critical National infrastructures (CNI), whether small or large, need to be aware of the threats they face from a cyber attack.…
Bill Gates, one of the world’s richest men and a pioneer of computing for the masses, has hit out at cryptocurrency, suggesting it has caused deaths ‘in a fairly direct way’, and going on to describe it as ‘not a hood thing’. IT security experts commented below. Andy Norton, Director of Threat Intelligence at Lastline: “KYC in cryptocurrency lingo means Know Your Criminal . The fungible nature of cryptocurrency is attracting any and all bad actors and provides a platform to encourage criminal or terrorist activity. ISIS promoted a bitcoin funding campaign “Equip Us” , and recently a woman was imprisoned for hiring a hitman using…
Github suffered a DDoS barrage the likes of which tower over any such attack previously. About 1.35 terabits per second of traffic hit Github all at once on Wednesday and Akami was called in to give them a hand and reroute traffic until the attack abated. IT security experts commented below. Ashley Stephenson, CEO at Corero Nework Security: “The recent 1.34Terabit attack on GitHub demonstrates how quickly the DDoS landscape can change. It is just a few days since the memcached reflection/amplification vulnerability became widely known. Within a week the largest DDoS ever reported lands on our doorstep, an event that will…
In response the discovery by researchers that DDoS attackers are using the free utility memcached protocol and servers that support the Internet protocol UDP to magnify attacks, a ‘reflection’ technique that sharply expands attack impacts, Ashley Stephenson, CEO at Corero Network Security commented below. Ashley Stephenson, CEO at Corero Network Security: “Time to add “memcached” to the list of useful Internet services that can be turned upon themselves to attack rather than serve. “This free utility has provided more than a decade of useful service helping websites, blogs and databases run faster but is now being leveraged by malicious actors to launch supercharged DDoS attacks. Like several recent DDoS…
News broke that cybercriminals who are directing junk traffic at targets have recently started using an “obscure” trick to supercharge puny bandwidth attacks. Distributed denial of service (DDoS) attackers are abusing “memcached” or memory caching servers to massively amplify attacks on victims. Memcache systems are used by websites for caching memory to optimize performance of sites that rely on external databases. Ashley Stephenson, CEO at Corero Network Security commented below. Ashley Stephenson, CEO at Corero Network Security: “Time to add “memcached” to the list of useful Internet services that can be turned upon themselves to attack rather than serve. “This free…
Trustwave and Osterman Research Survey Reveals IoT Adoption and Security Practices are Misaligned Trustwave today released the “IoT Cybersecurity Readiness Report” which assess the current and future use of Internet of Things (IoT) technologies and corresponding security practices and implementation challenges across organisations in a wide-range of industries. Astonishingly, although most organisations surveyed plan to increase adoption of IoT into operations, only 28 percent consider security strategies specific to IoT as “very important.” Osterman Research conducted the survey on behalf of Trustwave, primarily with midsize and large organisations with a median of 1,000 employees per organisation. Individuals with applied security experience…
