Expert(s):
Director UK & Irelandfeature_status*/ ?>
Securonix

Comments Dotted : 8
November 12, 2020

Ransomware Gang Hacks Facebook Account To Run Extortion Ads – Expert Comments
As we move in to 2021 we will continue to see ‘big game’ ransomware attacks continue.
As we move into 2021 we will continue to see ‘big game’ ransomware attacks continue. Often the actual ransomware attack isn’t the primary infection, generally there is an initial campaign and infection followed by a stealth period while the attacker probes and looks for vulnerabilities to exploit. This can be weeks, sometimes months before an exploit is found or an escalation of privileges can happen. This gives an organisation a ‘window’ of opportunity to be able to spot an.....Read More
As we move into 2021 we will continue to see ‘big game’ ransomware attacks continue. Often the actual ransomware attack isn’t the primary infection, generally there is an initial campaign and infection followed by a stealth period while the attacker probes and looks for vulnerabilities to exploit. This can be weeks, sometimes months before an exploit is found or an escalation of privileges can happen. This gives an organisation a ‘window’ of opportunity to be able to spot an attacker before they reach the final stages of the attack. One clear way to do this is by deploying behavioural analytics to spot abnormal user behaviour before it causes real problems. Security teams need to spend less time managing the systems and more time addressing the threats. Additionally, utilising automation to allow the security team to focus only on the severe or real threats can further strengthen security posture. These can both help reduce the burden on security teams, bring better visibility and allow them to respond and react faster to all types of attacks.  Read Less
September 08, 2020

Experts On News State Bank Of Chile Shuts All Branches After REvil Ransomware Attack
Cyber criminals will continue to target banks as they simply follow the money, with most of the attacks financially motivated.
Ransomware is particularly devastating as it’s easy to deploy and can be very effective. Cyber criminals will continue to target banks as they simply follow the money, with most of the attacks financially motivated. Unfortunately there is no easy answer when it comes to stopping this type of attack. In today's security landscape, even financial organisations and their security teams are outgunned by the attackers in terms of resources and skills. Security teams need to spend less time.....Read More
Ransomware is particularly devastating as it’s easy to deploy and can be very effective. Cyber criminals will continue to target banks as they simply follow the money, with most of the attacks financially motivated. Unfortunately there is no easy answer when it comes to stopping this type of attack. In today's security landscape, even financial organisations and their security teams are outgunned by the attackers in terms of resources and skills. Security teams need to spend less time managing the systems, and more time addressing the threats posed by these sorts of attacks. One clear way to do this is by using user behavioural analytics to spot abnormal behaviour before it causes real problems, as in the Banco Estado case where an employee has unknowingly acted as the way in for the attackers. Secondly, using automation to allow the security team to focus only on the severe or real threats can further strengthen security posture. These can both help reduce the burden on security teams, bring better visibility and allow them to respond and react faster to attacks.  Read Less
August 18, 2020

Security Experts On Carnival Hit With Ransomware Attack Exposing Data
Security teams need to spend less time managing the systems and more time addressing the threats.
The Carnival data breach is particularly nasty as the hackers have gained access and stolen the ‘holy grail’ of information, including personal details, credit cards and social security numbers; all the essentials to perform some pretty nasty identity fraud on its customers. It appears the attackers have used the classic diversion of a ransomware attack to divert attention to the real focus of the attack, which was to steal valuable and sensitive data. In today's security landscape,.....Read More
The Carnival data breach is particularly nasty as the hackers have gained access and stolen the ‘holy grail’ of information, including personal details, credit cards and social security numbers; all the essentials to perform some pretty nasty identity fraud on its customers. It appears the attackers have used the classic diversion of a ransomware attack to divert attention to the real focus of the attack, which was to steal valuable and sensitive data. In today's security landscape, organisations and their security teams are out gunned by the attackers in terms of resources and skills. Security teams need to spend less time managing the systems and more time addressing the threats. One clear way to do this is using behavioural analytics to spot abnormal behaviour before it causes real problems. Secondly, using automation to allow the security team to focus only on the severe or real threats can further strengthen security posture. These can both help reduce the burden on security teams, bring better visibility and allow them to respond and react faster to attacks.  Read Less
August 17, 2020

Experts comments on Ritz hotel targeted by scammers
Although no credit card details seem to be included in the stolen data, hackers still have huge amounts of personal details.
The Ritz Hotel is notifying customers that it’s food and beverage booking system has been compromised. Such a highly prestigious hotel will likely have some high profile clients information stored on this system. It’s not known how the data was accessed and details are still emerging. Although no credit card details seem to be included in the stolen data, hackers still have huge amounts of personal details, contact details, and of course the details of reservations. Fears must be that.....Read More
The Ritz Hotel is notifying customers that it’s food and beverage booking system has been compromised. Such a highly prestigious hotel will likely have some high profile clients information stored on this system. It’s not known how the data was accessed and details are still emerging. Although no credit card details seem to be included in the stolen data, hackers still have huge amounts of personal details, contact details, and of course the details of reservations. Fears must be that unsuspecting customers will be contacted by the hackers to “confirm” bookings and try to tempt customers to give over credit card details. Using this data in further cyberattacks is, unfortunately, becoming a reality as has been seen in a spate of recent spearphishing attacks. Spearphishing is the evolved concept of phishing campaigns (mass spam emails or phone calls ) that are tailored towards individuals. It uses personal information, or imitates somebody the individual trusts like someone claiming to be from the Ritz Hotel, for example.  Read Less
July 29, 2020

Expert Commentary: Drizly Breach And Its Implications
Organisations and their security teams are out gunned by today's attackers in terms of resources and skills.
The reported Drizly data breach is interesting as it shows clearly just how long the attacker was able to have access to Drizly’s internal systems without being noticed. We call this the 'detection gap' — the time between an initial breach and the victim noticing it. The stolen data appears to have been available since February, but the breach was only identified by Drizly on July 13 and reported to customers earlier this week That is a two-week delay between identifying the breach and.....Read More
The reported Drizly data breach is interesting as it shows clearly just how long the attacker was able to have access to Drizly’s internal systems without being noticed. We call this the 'detection gap' — the time between an initial breach and the victim noticing it. The stolen data appears to have been available since February, but the breach was only identified by Drizly on July 13 and reported to customers earlier this week That is a two-week delay between identifying the breach and informing any affected customers. The ‘detection gap’ has been going down for the last few years but, as this attack shows, it is still far too high. There are solutions that can reduce mean time to detection substantially. Organisations and their security teams are out gunned by today's attackers in terms of resources and skills. Security teams often have to spend huge amounts of time managing the security systems, which means less time focusing in on the threats. One clear way to reverse this challenge is using analytics and automation. These can help reduce the burden on security teams, bring better visibility to the threats they are facing and allow them to respond and react faster to attacks.  Read Less
July 16, 2020

Experts Insight On Major US Twitter Accounts Hacked in Bitcoin Scam
The complexity of internal systems within organisations presents a vastly increased attack surface.
The Twitter hack looks a classic case of insider threat. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn amplifies the impact to the organisation resulting in monetary and reputation loss. Using traditional technologies – such as data loss prevention( DLP) tools, privileged access management (PAM) solutions, and other point solutions – is not sufficient to detect insider threat behaviour today. The complexity of internal systems within organisations.....Read More
The Twitter hack looks a classic case of insider threat. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn amplifies the impact to the organisation resulting in monetary and reputation loss. Using traditional technologies – such as data loss prevention( DLP) tools, privileged access management (PAM) solutions, and other point solutions – is not sufficient to detect insider threat behaviour today. The complexity of internal systems within organisations presents a vastly increased attack surface, which requires advanced security analytics that utilise purpose-built algorithms to detect specific user behaviour anomalies. Why do we need to look at the connected behaviours of users? Well, typically, an exfiltration attempt like this is preceded by a data snooping activity, so being able to spot these ‘abnormal' behaviours in advance greatly reduces the likelihood of the actual data theft being successful. In order to detect this type of abuse, which is an important insider threat for companies to combat, organisations like Twitter need to deploy multi-stage detection, which combines a rare occurrence of an event in conjunction with anomalies that indicate suspicious or abnormal behaviour. This approach will prove to be way more effective since it combines all the deviations from what is deemed as “normal” behaviour for accounts, users, and systems.  Read Less
July 15, 2020

Expert On Phorpiex Botnet Spreading A New Ransomware Campaign Via Phishing Emails
it is critical to give security teams the visibility into the user behaviour to quickly spot what isn’t 'normal’ and take steps to remediate
Educating users is one way to help stop these types of attacks but, as we too often see, users will always be the weakest link in any organisation's security posture. Too often these type of malware and phishing attacks breach defences, so what organisations really need is the ability to proactively detect and respond to abnormal user behaviour in a fast and scalable way, thus removing the human element completely. Furthermore, as we see more advanced malware, it is critical to give security.....Read More
Educating users is one way to help stop these types of attacks but, as we too often see, users will always be the weakest link in any organisation's security posture. Too often these type of malware and phishing attacks breach defences, so what organisations really need is the ability to proactively detect and respond to abnormal user behaviour in a fast and scalable way, thus removing the human element completely. Furthermore, as we see more advanced malware, it is critical to give security teams the visibility into the user behaviour to quickly spot what isn’t 'normal’ and take steps to remediate this type of attack before it causes real harm to the organisation.  Read Less
July 07, 2020

Expert Insight: US Secret Service reports an Increase in Hacked MSPs
It is important to remember that even though you rely on an MSP or MSSP, you are still culpable for the information that you own.
Enterprises have been hard at work modernizing their infrastructure and transitioning to the digital world to provide better, faster, and economically more efficient services to their constituents. As a result of this transformation, they become increasingly vulnerable to cybercriminals looking for softer targets to attack; and unfortunately, they often are softer. Transitioning to cloud services and utilizing MSSP (Managed Security Service Provider) with vertical-specific expertise is.....Read More
Enterprises have been hard at work modernizing their infrastructure and transitioning to the digital world to provide better, faster, and economically more efficient services to their constituents. As a result of this transformation, they become increasingly vulnerable to cybercriminals looking for softer targets to attack; and unfortunately, they often are softer. Transitioning to cloud services and utilizing MSSP (Managed Security Service Provider) with vertical-specific expertise is probably one of the most cost-efficient solutions. Sharing resources and cybersecurity products across a large number of small, but similar in function organisations can achieve economies of scale, by partnering with managed service providers (MSPs) to achieve the best-of-breed technologies and experienced cybersecurity professionals that they couldn\'t afford otherwise. Reports that managed service providers are increasingly targeted by ransomware attacks and other exploits prove that security is not understood to the extent that it should be. Organisations that process sensitive information should prioritize security; this means increasing the budget for cybersecurity and conducting courses to educate employees about how to best protect delicate information. Even though it may seem expensive, it will be significantly cheaper than a data breach. It is important to remember that even though you rely on an MSP or MSSP, you are still culpable for the information that you own.  Read Less