Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Bindu Sundaresan
Director feature_status*/ ?>
AT&T Cybersecurity

Comments Dotted : 6
January 13, 2021

Expert Insight On New Ransomware Blackmail Technique

C-level executives similar to the Business Email Compromise type of an attack.

Cybercriminals are more sophisticated than ever, and while the primary purpose of ransomware groups is to make money, there is always a high risk of collateral damage, since attacks stop systems from working. Ransomware groups design their cyberattacks to cause enough disruption and financial distress to not just disrupt file access, but also to reach critical business operations, where harm will be immediately and acutely felt, to justify their plea for quick and high payment. This new tactic

.....Read More

Cybercriminals are more sophisticated than ever, and while the primary purpose of ransomware groups is to make money, there is always a high risk of collateral damage, since attacks stop systems from working. Ransomware groups design their cyberattacks to cause enough disruption and financial distress to not just disrupt file access, but also to reach critical business operations, where harm will be immediately and acutely felt, to justify their plea for quick and high payment. This new tactic of going after the machines of top executives shows the evolution of how ransomware has moved from just volume-based targeting of individuals to enterprises, and now within the enterprise to model the targeting of C-level executives similar to the Business Email Compromise type of an attack. This tactic is preying on the fear of exposure but may not always result in getting paid.

  Read Less
Like(0)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"C-level executives similar to the Business Email Compromise type of an attack...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-on-new-ransomware-blackmail-technique

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"C-level executives similar to the Business Email Compromise type of an attack...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-on-new-ransomware-blackmail-technique

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
October 29, 2020

Enel Group Hit Again By Ransomware And Netwalker Demands $14 Million

These attacks are essentially a combination of a ransomware attack and a data breach.
Ransomware attack patterns have evolved significantly. Traditionally, ransomware was deployed to encrypt the victim’s data and lock them out of their own files. Had the victim refused to pay the ransom, their files would be destroyed. Ransomware attacks today have evolved to double extortion. Usually, the attacker would exfiltrate a copy of the data before encrypting them. This way, the attacker not only prevents the victim from accessing their data but also keeps a copy of the data for.....Read More
Ransomware attack patterns have evolved significantly. Traditionally, ransomware was deployed to encrypt the victim’s data and lock them out of their own files. Had the victim refused to pay the ransom, their files would be destroyed. Ransomware attacks today have evolved to double extortion. Usually, the attacker would exfiltrate a copy of the data before encrypting them. This way, the attacker not only prevents the victim from accessing their data but also keeps a copy of the data for themselves. In order to claim responsibility and pressure the victim during the negotiation process, the attacker would often release small portions of the data online. If the negotiation turns out badly, the attacker would then either publish all of the exfiltrated data or sell them to third parties. These attacks are essentially a combination of a ransomware attack and a data breach. Organizations that are victims of this attack feel extremely helpless when hit by double extortion attacks because their compromised databases likely contain proprietary or secretive information that they would instead have destroyed then published or sold. So, it’s a double threat. It’s easy for the attacker to say they have it. Easy for them to imply they do by releasing a small sample and very difficult to prove forensically because most places don’t have that layer of visibility. This puts another pressure point, and it can be easily validated by the victim that indeed the hackers also downloaded the entire database if the organization has a DLP solution that has been implemented. Since the tactic is relatively new, there are any no real data points for either the attacker or the defender that says it increases the pay-out potential of the victim. More practical advice is to know your data. If you have been compromised assume the data has left your possession. Root cause analysis should be able to help determine if indeed it was done, but that is concluded after the incident is wrapped up and has no bearing on the decision to pay. This tactic is more effective on data that is meant to cause widespread as well as a quick impact. Controversial and sensitive data is usually the target for these types of ransomware attacks. A typical PII or credit card data is not going to be the motive and not going to have the same leverage.  Read Less
Like(2)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"These attacks are essentially a combination of a ransomware attack and a data breach. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/enel-group-hit-again-by-ransomware-and-netwalker-demands-14-million

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"These attacks are essentially a combination of a ransomware attack and a data breach. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/enel-group-hit-again-by-ransomware-and-netwalker-demands-14-million

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
September 30, 2020

Insight into Universal Health Services cyberattack

These attacks are essentially a combination of a ransomware attack and a data breach.
If Universal Health Services has been targeted by Ryuk ransomware, it is worth noting how this ransomware has crippled both the public and private sectors. It is known for targeting enterprise organizations with the intention of demanding higher payments for the decryption key. Code comparison between versions of Ryuk and Hermes ransomware indicates that Ryuk was derived from the Hermes source code and has been under steady development since its release. A commodity malware, Hermes has been.....Read More
If Universal Health Services has been targeted by Ryuk ransomware, it is worth noting how this ransomware has crippled both the public and private sectors. It is known for targeting enterprise organizations with the intention of demanding higher payments for the decryption key. Code comparison between versions of Ryuk and Hermes ransomware indicates that Ryuk was derived from the Hermes source code and has been under steady development since its release. A commodity malware, Hermes has been observed for sale on forums and used by multiple threat actors. The ransomware will typically be dropped by an already compromised system that has been infected by Trickbot or Emotet through a phishing email. Once the Ryuk payload has been successfully dropped and executed, it will encrypt the system’s files and then demand a ransom fee in order to decrypt the victim’s data. Many ransomware attacks today have evolved to double extortion. Usually, the attacker would exfiltrate a copy of the data before encrypting them. This way, the attacker not only prevents the victim from accessing their data, but also keeps a copy of the data for themselves. In order to claim responsibility and pressure the victim during the negotiation process, the attacker will often release small portions of the data online. If the negotiation turns out badly, the attacker then publishes all of the exfiltrated data or sells them to third parties. These attacks are essentially a combination of a ransomware attack and a data breach. Organizations that are victims of this attack feel extremely helpless when hit by double extortion attacks because their compromised databases likely contain proprietary or secretive information that they would instead have destroyed then published or sold. So, it's a double threat. By releasing a small sample, it is easy for an attacker to imply they have your data, though very difficult to prove forensically because most organizations don’t have that layer of visibility. This puts on another pressure point, and if the impacted organization has implemented a Data Loss Prevention (DLP) solution, it can be easily validated that hackers have also downloaded the entire database. With that said, since this tactic is relatively new, there are no real data points for either the attacker or the defender that says it increases the payout potential of the victim.  Read Less
Like(1)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"These attacks are essentially a combination of a ransomware attack and a data breach...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/insight-into-universal-health-services-cyberattack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"These attacks are essentially a combination of a ransomware attack and a data breach...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/insight-into-universal-health-services-cyberattack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
March 27, 2020

AT&T Cybersecurity’s Bindu Sundaresan On The Emerging Threats Targeting Telemedicine And Healthcare

Cybersecurity threats to these organisations are real, especially in the wake of a global pandemic.
We think the Covid-19 dynamics are creating more opportunity for malicious actors to target telemedicine and healthcare organisations as a whole. Cybersecurity threats to these organisations are real, especially in the wake of a global pandemic. Healthcare organisations are scrambling to expand their remote system access and management while adequately protecting sensitive information from malicious actors. It is expected that we will see more highly publicised ransomware attacks on hospitals,.....Read More
We think the Covid-19 dynamics are creating more opportunity for malicious actors to target telemedicine and healthcare organisations as a whole. Cybersecurity threats to these organisations are real, especially in the wake of a global pandemic. Healthcare organisations are scrambling to expand their remote system access and management while adequately protecting sensitive information from malicious actors. It is expected that we will see more highly publicised ransomware attacks on hospitals, for example, with patients being diverted to other hospitals and an inability to access patient records to continue care delivery. From small, independent practitioners to large, university hospital environments, cyber-attacks on health care records, IT systems, and medical devices have previously infected many systems. Given this current threat landscape amidst COVID, as healthcare organisations and consumers lean on telemedicine, it’s important to educate people broadly about the risks that come with it. Patients need to understand that their data belongs to them and that no provider safeguards can replace their own responsibility to make smart decisions about how and where they use virtual health services. Communicating that principle is one responsibility of a provider organisation that offers virtual services. So is the parallel responsibility to make sure physicians who use the system approach it with the same understanding. Although telehealth is going to be a sought-after platform given the current situation, practitioners will have to take certain precautions to prevent cyber-attacks. To address this challenge, an organisation needs a robust authentication process before giving access to data externally and offer educational and training programs internally. Specific to telemedicine, we expect threat actors will focus on device security, patient and provider identification as well as access system-level security vulnerabilities.  Read Less
Like(0)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Cybersecurity threats to these organisations are real, especially in the wake of a global pandemic. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/att-cybersecuritys-bindu-sundaresan-on-the-emerging-threats-targeting-telemedicine-and-healthcare

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Cybersecurity threats to these organisations are real, especially in the wake of a global pandemic. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/att-cybersecuritys-bindu-sundaresan-on-the-emerging-threats-targeting-telemedicine-and-healthcare

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
September 25, 2019

Dubai Company Loses $53,000 In Targeted Cyber Attack

Two-way verification helps companies to solve the problem of this type of financial fraud by implementing a company-wide policy.
We continue to see such attacks against businesses whereby emails are sent to trick recipients into sending money or other details. This is a prevalent form of Business Email Compromise and these threats are highly targeted and rely on social engineering rather than malware, meaning that such “Imposter Emails” often evade security solutions that look only for malicious content or behavior. Technology alone cannot offer effective protection. One of the key measures is raising security.....Read More
We continue to see such attacks against businesses whereby emails are sent to trick recipients into sending money or other details. This is a prevalent form of Business Email Compromise and these threats are highly targeted and rely on social engineering rather than malware, meaning that such “Imposter Emails” often evade security solutions that look only for malicious content or behavior. Technology alone cannot offer effective protection. One of the key measures is raising security awareness across the users on how to spot spoofed emails and phishing attempts should be part of EVERY company’s security program. In addition to investing in an advanced email filtering system, organizations should also bolster the process steps. Use Two-Step Verification: Two-way verification helps companies to solve the problem of this type of financial fraud by implementing a company-wide policy of approving transactions before the funds’ transfer. Also, companies should have a two-person check process in place so that one person can't make a new payment without a colleague verifying the authenticity of the payment.  Read Less
Like(0)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Two-way verification helps companies to solve the problem of this type of financial fraud by implementing a company-wide policy...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/dubai-company-loses-53000-in-targeted-cyber-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Two-way verification helps companies to solve the problem of this type of financial fraud by implementing a company-wide policy...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/dubai-company-loses-53000-in-targeted-cyber-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
September 04, 2019

Fraudsters Exploit New Online Security Checks With Phishing Attacks

Over recent years, hackers have evolved phishing attacks to mimic original brands.
Over recent years, hackers have evolved phishing attacks to mimic original brands or reputable websites to evade detection and, unfortunately, they are proving successful. Ultimately, they are targeted at an individual user so appropriate training and awareness is vital to remind users to remain vigilant to unsolicited or unexpected emails which ask for credentials, payment, or any other action that seems out of the ordinary.
Like(8)  (0)

Linkedin Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Over recent years, hackers have evolved phishing attacks to mimic original brands...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/fraudsters-exploit-new-online-security-checks-with-phishing-attacks

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Bindu Sundaresan, Director , provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Over recent years, hackers have evolved phishing attacks to mimic original brands...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/fraudsters-exploit-new-online-security-checks-with-phishing-attacks

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel