Expert(s):
Chief Security Officerfeature_status*/ ?>
Cybereason

Comments Dotted : 83
January 22, 2021

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling
The National Cyber Security Centre offer free advice on secure home working.

There are many local and national schemes which have been implemented to try and provide devices for school children in an attempt to keep as many as possible engaged in some form of education during school closures and lockdown measures. Whilst it is unclear where these particular laptops were sourced, it is absolutely vital that anyone seeking to source devices, whether they are bought using sponsorship or donated directly, be fully aware of the risk that they may contain dormant or

.....Read More

There are many local and national schemes which have been implemented to try and provide devices for school children in an attempt to keep as many as possible engaged in some form of education during school closures and lockdown measures. Whilst it is unclear where these particular laptops were sourced, it is absolutely vital that anyone seeking to source devices, whether they are bought using sponsorship or donated directly, be fully aware of the risk that they may contain dormant or active malicious software and research appropriate methods to make them safe before they are distributed to homes and families. The potential for malicious software to be used against recipients is not limited to the children for which the devices are intended, as access to the internet will no doubt be useful for other family and friends outside of school hours. I would highly recommend that anyone distributing devices include some information about online safety. The National Cyber Security Centre offer free advice on secure home working and the use of online conferencing services such as Zoom and Teams. 

 

If anyone is in doubt about the safety and security of devices provided for educational purposes they should contact the Department for Education IT team for advice before distribution.

  Read Less
January 21, 2021

A Chinese Hacking Group Is Stealing Airline Passenger Details
Operation-centric security enables security analysts to string together disparate pieces of information involved in malicious cyber activity.

The Chinese government will deny any involvement in the hacking of the airlines, as they will roll out familiar talking points about not being involved in this sort of activity, when in fact it is likely they are hacking many other industries. Cybereason's groundbreaking 2019 investigation - 'Operation Soft Cell' into global espionage against telcos by Chinese cyber threat actors - opened the world to the techniques, tactics, and procedures being used to spy on individuals through their mobile

.....Read More

The Chinese government will deny any involvement in the hacking of the airlines, as they will roll out familiar talking points about not being involved in this sort of activity, when in fact it is likely they are hacking many other industries. Cybereason's groundbreaking 2019 investigation - 'Operation Soft Cell' into global espionage against telcos by Chinese cyber threat actors - opened the world to the techniques, tactics, and procedures being used to spy on individuals through their mobile phones. Individuals in prominent positions in government and business were being spied on around the clock for years without any knowledge and the operation was so deep into the telcos that the intrusion went undetected for more than seven years.

 

This airline industry threat is a reminder that nation-states will stop at nothing to steal personal information, conduct espionage and look to gain an upper hand on the world stage. The airline industry, its suppliers, enterprises, and all defenders, need to be deploying threat hunting services and need to think about cybersecurity from an operation-centric and alert-centric standpoint. Operation-centric security enables security analysts to string together disparate pieces of information involved in malicious cyber activity, greatly increasing the likelihood of stopping cybercrime before material damage is done.

  Read Less
January 08, 2021

Experts Reacted On Hackney Council Leaked Documents
Companies shouldn't lapse into a sense of normalcy by any stretch of the imagination.

Ransomware attacks will continue to be a serious threat to the public and private sector in 2021. Companies shouldn't lapse into a sense of normalcy by any stretch of the imagination because even though the worldwide number of new ransomware strains continues to shrink, many cyber criminals have perfected their tactics and are reaping the benefits with massive ransoms being paid out. For the Hackney Council and other organizations in the UK, a proactive security approach needs to be the

.....Read More

Ransomware attacks will continue to be a serious threat to the public and private sector in 2021. Companies shouldn't lapse into a sense of normalcy by any stretch of the imagination because even though the worldwide number of new ransomware strains continues to shrink, many cyber criminals have perfected their tactics and are reaping the benefits with massive ransoms being paid out. For the Hackney Council and other organizations in the UK, a proactive security approach needs to be the priority in 2021. What I mean is that security teams and IT professionals responsible for security need to be actively hunting in their own networks for malicious activity. Taking the first punch in the battle with threat hunting that can root out suspicious behaviour is paramount in turning the tables on cybercrime. In addition, Hackney Council employees and anyone associated with the organization should never click on attachments in emails unless the source can be verified. Also, never download content from dubious websites. And implement security awareness training to yield meaningful results, when included with other cyber awareness training that becomes part of a company's security culture.

  Read Less
December 15, 2020

DHS Hacked As Part Of Massive Cyberattack On Federal Agencies
The sooner you do these things the sooner you can assume no one is lurking in your network in silent mode.
While the news of the massive global Solar Winds breach is an all-too-painful reminder of the WannaCry attack in 2017 that crippled NHS and dozens of other UK healthcare organisations, today is not the time to panic. If 2020 has taught us anything, it is that the COVID-19 pandemic has improved the resiliency of security professionals and reinforced how determined defenders are to rid networks of cyber espionage adversaries. In fact, all UK companies should respond with a cold, logical, rational .....Read More
While the news of the massive global Solar Winds breach is an all-too-painful reminder of the WannaCry attack in 2017 that crippled NHS and dozens of other UK healthcare organisations, today is not the time to panic. If 2020 has taught us anything, it is that the COVID-19 pandemic has improved the resiliency of security professionals and reinforced how determined defenders are to rid networks of cyber espionage adversaries. In fact, all UK companies should respond with a cold, logical, rational response. As far back as March, Russian hackers affiliated with the Cozy Bear group slipped malware into Solar Winds’ IT management platform and waited for months to detonate it. Thus far, we know that the Department of Homeland Security, U.S. Treasury, and U.S. Commerce Department were hacked. And so were many of the world’s Fortune 500 companies, including many UK companies. What’s next as the world’s largest forensics investigation continues and upwards of 20,000 companies have been breached? In general, now is not the time for security experts to panic. A practical and measured response is advised. If Solar Winds is being used in your organization, strengthen your security posture as follows: ● Isolate machines running SolarWinds until further information is available as the investigation unfolds ● Reimage impacted machines ● Reset credentials for accounts that have access to SolarWinds machines ● Upgrade to Orion Platform version 2020.2.1 HF1 as soon as possible. Solar Winds has also provided further mitigation steps In addition, set up a task force to look through all data logs, check the hygiene of systems and make sure everyone is generally on high alert for future attacks. Ensure your company is always on the hunt for adversaries. The sooner you do these things the sooner you can assume no one is lurking in your network in silent mode.  Read Less
December 14, 2020

Expert Reacted On US Treasury And Commerce Departments Targeted In Cyber-attack
The good news is that the infrequency of these types of directives will catch everyone’s eye and reinforce the seriousness of this latest breach.
News of a breach with the potential size of the one carried out on the U.S. Treasury and Commerce Departments is eye opening and of big concern. In addition, the directive from the Cybersecurity and Infrastructure Security Agency (CISA) urging all public and private sector companies to assess their exposure to the massive hack and plea to disconnect or power down Solar Winds products is exceedingly infrequent. Quite frankly, I am shocked. People need to pay attention to this directive and.....Read More
News of a breach with the potential size of the one carried out on the U.S. Treasury and Commerce Departments is eye opening and of big concern. In addition, the directive from the Cybersecurity and Infrastructure Security Agency (CISA) urging all public and private sector companies to assess their exposure to the massive hack and plea to disconnect or power down Solar Winds products is exceedingly infrequent. Quite frankly, I am shocked. People need to pay attention to this directive and respond. Not later today or tomorrow, but now. The good news is that the infrequency of these types of directives will catch everyone’s eye and reinforce the seriousness of this latest breach. In other words, this warning should not go unnoticed. Since Solar Winds has tens of thousands of customers and more than 400 out of the world’s Fortune 500, a bold action like this was needed and required across the public and private sector. Amazingly, this directive is the first of this scale that we have seen in 2020. Now we all want to know what the private sector companies protected in part by Solar Winds will do. We should all be listening carefully to Solar Winds as well. As defenders, their first job is protecting their clients, but they hold vital pieces of information as well. Their transparency and openness is extremely important. Playing the victim card in these instances is unacceptable. In the short term for any customers of Solar Winds it is time to create a task force or war room to hunt adversaries and deal with the specific TTPs, vulnerabilities and exploits in question. Let us all remember the fog of cyber way makes things in the moment very hard to tell and difficult to assess, but over time, whether its days, weeks or months it will become clear. Today, this is a security drill that no one wants as 2020 gets in its parting shots. As public and private sector companies share common tools, practices and managed services, it is important to remember that homogeneity makes can make us vulnerable and these threats can spread like wildfire if not dealt with immediately. The good news is that a lot of companies are an IT freeze due to end-of-year shopping and slowdowns for Winter holidays. The bad news any organisations and companies are looking to go into the black on the books since they have been in the red most of the year due to COVID. Any type of breach that slows down businesses the remaining few weeks of 2020 will only provide with another reminder of how difficult a year it has been. With the U.S. government looking to transition between administrations, and cyber activity that leads to lockdowns and freezes has the potential to slow or damage government transition work. With the inauguration in January, it is important that first we do not allow any damage, but also after that the government can proceed in its normal transition of administrations. Now is the time to listen to CISA and the government and to carefully manage the need to stay open and servicing the public for the private sector as well as the need to continue government operations and transition while minimising complexity and risk to security and privacy.  Read Less
December 11, 2020

Experts Reacted On Hackers Steal Pfizer/BioNTech COVID-19 Vaccine Data
A COVID-19 vaccine is a strategically valuable asset to nation-states.
Cyber attacks on the global COVID-19 vaccine distribution network from nation-states China, Russia and North Korea are diabolical in nature and acts of war. The leaders of these countries should immediately denounce this behaviour and put an end to it because they are also harming their own citizens. These governments have an ability to stop this behaviour and bring those responsible to a courtroom to face a jury of peers. I can guarantee if found guilty these hackers will spend a long time in.....Read More
Cyber attacks on the global COVID-19 vaccine distribution network from nation-states China, Russia and North Korea are diabolical in nature and acts of war. The leaders of these countries should immediately denounce this behaviour and put an end to it because they are also harming their own citizens. These governments have an ability to stop this behaviour and bring those responsible to a courtroom to face a jury of peers. I can guarantee if found guilty these hackers will spend a long time in jail. The average person might be asking themselves why nation-state actors seem to have no conscience and are deliberately sowing doubt and confusion around the world at the worst possible time? To nation-state sponsored cyber espionage actors, they have a stone-cold approach to cybercrime and there is tremendous value in interfering with the distribution of COVID-19 vaccines. In the hackers’ mind, interrupting the global COVID-19 is just a means to an end, so long as they are padding their pockets with money. A COVID-19 vaccine is a strategically valuable asset to nation-states; whoever gets a vaccine distributed first has an economic advantage. It is the ultimate IP with immediate value. It is like having an oil rush, a data advantage or territorial gain in older real political terms. Word to the wise, denying anyone access to the vaccine will be remembered and you will end up losing this fight."  Read Less
November 25, 2020

Expert Advise In Relation To CISA Warns Of Holiday Online Shopping Scams
Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases.
The holidays are a time of great joy and reflection for many people on their accomplishments and achievements throughout the year. It is a time of joy and love and appreciation for family and friends. Unfortunately, the holiday joy can soon become misery because of the growing risk cyber thieves pose to shoppers and holiday revellers. Be safe and be on the lookout for cybercrime attempts that might just come across your personal devices through phishing emails and other scams. Diligence will.....Read More
The holidays are a time of great joy and reflection for many people on their accomplishments and achievements throughout the year. It is a time of joy and love and appreciation for family and friends. Unfortunately, the holiday joy can soon become misery because of the growing risk cyber thieves pose to shoppers and holiday revellers. Be safe and be on the lookout for cybercrime attempts that might just come across your personal devices through phishing emails and other scams. Diligence will reduce the holiday shopping risks facing every shopper around the world this year. Never click on the links you receive in emails as they could be phishing scams. One of the most popular scams run by hackers is a phishing email purporting to be from a retailer with a great holiday offer of 25% or 50% in total savings. Be suspicious and instead, cut-and-paste the promo codes in the emails and go directly to the retailer's websites for more information. Never visit dubious websites and do not download anything. Keep your mobile devices up to date with the latest software updates. Never download mobile shopping apps from unofficial or unauthorized sources. Most legitimate apps are available from Apple's App Store or Google Play Store. Hackers prey on consumers and dupe them into downloading fraudulent apps laced with malware. Don't fall for smishing (SMS phishing) attacks where hackers infiltrate mobile devices through social engineering, where consumers knowingly or unknowingly divulge personal information. Hackers will send consumers fake text messages to lure victims to click on malicious links, which directs them to malicious web pages. Consumers should monitor their credit cards daily during the holiday season for suspicious and unauthorized charges. Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases to more easily manage and monitor transactions. Consumers should consider putting a temporary hold on all but one or two credit accounts during the holiday season. Because data breaches lead to password theft, consumers need to regularly update their passwords. Do not use the same passwords repeatedly. Surprisingly, consumers still use passwords such as 'password' or ‘1234567.’ Consumers should also consider using a password manager because they are easy to use and are safe. Reputable products include, NordPass, LastPass and 1Password. Some companies are offering FREE 30-day trials on their services. Jonathan Knudsen, senior security strategist at Synopsys, added "Online holiday shopping this year will be more popular than ever, as the global pandemic encourages shoppers to stay home. Consequently, we can expect to see an increase in cybercrime and scams. The best way to make better software is by incorporating security at every phase of the development process. When designing software, vendors should use threat modeling to incorporate features that thwart attacks. Defense in depth and other secure design principles should be used. When building and testing software, vendors need to integrate automated security testing to find and fix more vulnerabilities before release. Unfortunately, consumers don’t have visibility into how apps and web sites are built, so it is nearly impossible to assess the risk of using a particular piece of software. However, consumers can take proactive steps to protect themselves. Keep system software and applications up to date to guard against known vulnerabilities. Protect accounts with multifactor authentication whenever possible; strong, hard-to-guess passwords are recommended. As always, be wary of anything that seems too good to be true, particularly unsolicited emails or texts offering free gift cards. Research unfamiliar web sites to determine legitimacy. When application developers build security in, and consumers follow best practices, we will have a safe and enjoyable online holiday shopping season.  Read Less
November 25, 2020

Expert Advise On Black Friday And Cyber Monday
Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases.
Consumers should monitor their credit cards daily during the holiday season for suspicious and unauthorized charges. Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases to more easily manage and monitor transactions. Consumers should consider putting a temporary hold on all but one or two credit accounts during the holiday season. Because data breaches lead to password theft, consumers need to regularly update their passwords. Do not use the.....Read More
Consumers should monitor their credit cards daily during the holiday season for suspicious and unauthorized charges. Consumers should pick one of their credit cards or debit cards for their holiday shopping purchases to more easily manage and monitor transactions. Consumers should consider putting a temporary hold on all but one or two credit accounts during the holiday season. Because data breaches lead to password theft, consumers need to regularly update their passwords. Do not use the same passwords repeatedly. Surprisingly, consumers still use passwords such as 'password' or ‘1234567.’ Consumers should also consider using a password manager because they are easy to use and are safe. Reputable products include, NordPass, LastPass and 1Password. Some companies are offering FREE 30-day trials on their services. The holidays are a time of great joy and reflection for many people on their accomplishments and achievements throughout the year. It is a time of joy and love and appreciation for family and friends. Unfortunately, the holiday joy can soon become misery because of the growing risk cyber thieves pose to shoppers and holiday revellers. Be safe and be on the lookout for cybercrime attempts that might just come across your personal devices through phishing emails and other scams. Diligence will reduce the holiday shopping risks facing every shopper around the world this year.  Read Less
November 23, 2020

Experts On Manchester United Hit By ‘Sophisticated’ Cyber Attack
Companies need to improve their security hygiene.
Kudos to the cybersecurity experts at Manchester United Football Club for their quick and decisive response to a reportedly sophisticated cyber attack on their network. All companies and organisations in the public and private sector should heed this warning. You will be attacked and suffer material loss from well funded hacking groups and/or motivated individuals looking to profit or make political statements off your brand by stealing data, encrypting your files and demanding ransom and.....Read More
Kudos to the cybersecurity experts at Manchester United Football Club for their quick and decisive response to a reportedly sophisticated cyber attack on their network. All companies and organisations in the public and private sector should heed this warning. You will be attacked and suffer material loss from well funded hacking groups and/or motivated individuals looking to profit or make political statements off your brand by stealing data, encrypting your files and demanding ransom and causing your company to be singled out in the headlines. But there are steps companies can take as defenders to reverse the adversary advantage and to start making cybercrime less profitable. First, companies need to improve their security hygiene and they need all employees adhere to internal security guidelines and protocols. Secondly, companies need to deploy around the clock threat hunting capabilities. They also need to deploy newer anti-ransomware software and advanced detection and response software (XDR) in order to be able to detect in real time when malicious behaviour is occurring inside their network. Too often, cyber criminals penetrate a network and then steal credentials and essentially impersonate employees that have been authorized and unbeknownst to them they are stealing proprietary data for weeks or months completely undetected. To all companies set your 2021 goals now to reduce risk by improving your ability to root out malicious behavior before it is too late and you suffer a material breach.  Read Less
November 13, 2020

Animal Jam Kids’ Virtual World Hit By Data Breach, Impacting 46m Accounts: Expert Commentary
For customers of Animal Jam it is imperative that they all update their passwords immediately.
A breach and exposure of as wide a datasheet as is being reported by Animal Jam is another example of the new norm where breaches have become mundane and the routine. Everyone involved should be concerned when a company announces that nearly one third of their users might have had their records stolen. With more than 130 million registered users this is hardly the time to downplay the significant losses that could occur. I do give credit to Animal Jam's team for disclosing details of how the.....Read More
A breach and exposure of as wide a datasheet as is being reported by Animal Jam is another example of the new norm where breaches have become mundane and the routine. Everyone involved should be concerned when a company announces that nearly one third of their users might have had their records stolen. With more than 130 million registered users this is hardly the time to downplay the significant losses that could occur. I do give credit to Animal Jam's team for disclosing details of how the breach occurred and for reassuring their customers how important data protection and privacy is. For customers of Animal Jam it is imperative that they all update their passwords immediately. Never, ever use a password such as 'password' or '1234567' because you are asking for trouble. You would be surprised how easy some people make it for hackers to be successful. Animal Jam's customers should also consider using a password manager because they are easy to use and safe. There are many reputable products on the market today and many are offering Free trial offers during the holiday shopping season.  Read Less