Expert(s):
VP of EMEAfeature_status*/ ?>
ThreatConnect

Comments Dotted : 6
February 17, 2021

Expert Advise To Organization On North Korea Hacking Pfizer
Cybercriminals and state-sponsored actors, by their very nature, are opportunistic.

With coronavirus vaccines being rolled out worldwide, there should be a collective sigh of relief among all countries. However, over the last year there has been an evident increase in state actors using cyber attacks for nation state and geopolitical gain, as seen with North Korea attempting to steal vaccine technology from US pharmaceutical company Pfizer.

Cybercriminals and state-sponsored actors, by their very nature, are opportunistic. With healthcare, pharmaceutical, and research sectors

.....Read More

With coronavirus vaccines being rolled out worldwide, there should be a collective sigh of relief among all countries. However, over the last year there has been an evident increase in state actors using cyber attacks for nation state and geopolitical gain, as seen with North Korea attempting to steal vaccine technology from US pharmaceutical company Pfizer.

Cybercriminals and state-sponsored actors, by their very nature, are opportunistic. With healthcare, pharmaceutical, and research sectors working on COVID-19 response now being prime targets, all organisations need to take the necessary steps to protect their systems. Likewise, large scale geopolitical events are also potential targets – such as the Tokyo Olympics and Euro 2020 – so it’s wise for all businesses to be on their guard.

Organisations must now look at their businesses through the eyes of nation-state bad actors and see where they fit into the larger picture. This means assessing weaknesses in cybersecurity and addressing them immediately — specifically, through a prioritised view of old and unpatched weaknesses. A more organised, combined approach among organisations will be key to guaranteeing collective security – one that pools together the resources and knowledge we have at our fingertips to assess the current threat environment.”

  Read Less
February 01, 2021

UK Research And Innovation Suffers Ransomware Attack
It is vital that cybersecurity capabilities don’t become an afterthought.

While we’re unclear on the details of this potential breach, and whether it was a result of a cyber attack, it should be a reminder that the science and research space is considered a high-value target to many threat actors and firms need to redouble their efforts when it comes to threat intelligence and risk management. 

It would come as no surprise if the UK Research and Innovation department (UKRI) had been targeted by cyber criminals, with hackers increasingly targeting companies like this

.....Read More

While we’re unclear on the details of this potential breach, and whether it was a result of a cyber attack, it should be a reminder that the science and research space is considered a high-value target to many threat actors and firms need to redouble their efforts when it comes to threat intelligence and risk management. 

It would come as no surprise if the UK Research and Innovation department (UKRI) had been targeted by cyber criminals, with hackers increasingly targeting companies like this for the sensitive data they hold. Government departments and public sector organisations in particular, are often targeted by both opportunistic and targeted hackers, looking for an easy target or a specific set of intellectual property that they know is of value. 

It is vital that cybersecurity capabilities don’t become an afterthought. Organisations must work together to create information sharing communities so they can better understand the potential financial and operational impact of the risks they face, the vulnerabilities being targeted and the adversaries attacking the sector. If companies share information, while also quantifying the risk they face as a company, they can better prepare themselves, and prevent breaches.

  Read Less
October 13, 2020

Cybersecurity Experts Reacted On Hackney Council Cyber Attack
Scope the “who, what, when and why"
“Flip a coin – that’s basically the odds of any organisation being targeted. Unfortunately, the odds are even greater for government bodies, who are prime targets as they are often underequipped in terms of security protections and are also likely to be forced to pay the ransom to avoid hindering critical services. “Local councils, and other government bodies need to use this attack as stark reminder of the importance of protecting their services. It is vital that organisations with.....Read More
“Flip a coin – that’s basically the odds of any organisation being targeted. Unfortunately, the odds are even greater for government bodies, who are prime targets as they are often underequipped in terms of security protections and are also likely to be forced to pay the ransom to avoid hindering critical services. “Local councils, and other government bodies need to use this attack as stark reminder of the importance of protecting their services. It is vital that organisations with any strategically useful information prepare themselves to deal with highly sophisticated attacks. “Firstly, it is imperative to understand the types of risks that organisations might face and in particular, analysing the scenarios that could lead to significantly impacting their ability to conduct business or serve the public good. Organisations must think like the adversary, scope the “who, what, when and why” and then use this knowledge to drive their response. “The key to delivering reliable services to society and remaining secure is collaboration. We need to break down silos between IT, threat analysis, and incident response personnel from different areas of government so there is greater information sharing. “Ultimately, the more information that councils and government bodies are able to discover, the better their data driven decision making process becomes. By working together as dynamic teams, internal and external threat data and intelligence from multiple sources can be pulled together into one space for correlation so organisations can respond to emerging attacks.”  Read Less
October 09, 2020

Wisepay: School Payments Service Hit By Cyber-Attack
No company is immune from the dangers of being compromised
“The threat landscape for any organisation is massive and finding gaps in security is simply a cat and mouse game for hackers. When it comes to financial organisations, they are seen as a lucrative target as they hold highly sensitive information and have a mandate to protect the personal information of their customers. With WisePay being a financial organisation aimed at the education sector, this proved to be a gold mine for hackers. “No company is immune from the dangers of being.....Read More
“The threat landscape for any organisation is massive and finding gaps in security is simply a cat and mouse game for hackers. When it comes to financial organisations, they are seen as a lucrative target as they hold highly sensitive information and have a mandate to protect the personal information of their customers. With WisePay being a financial organisation aimed at the education sector, this proved to be a gold mine for hackers. “No company is immune from the dangers of being compromised. It’s essential that any potential target understands as much as they can about the threats they face and the tools needed to ensure they remain secure. Organisations must prioritise knowing where adversaries are, the tools and techniques they use, and what information adversaries think are most valuable. “However, while financial organisations tend to operate with security front of mind, there is still an opportunity to collaborate more within the industry and increase intelligence sharing so they understand as much as they can about the threats they are facing. “By having a direct understanding on the threats they face, financial institutions will be able to develop strategies that address attacks and respond quicker to limit the impact of adversaries.”  Read Less
August 27, 2020

Expert Insight On New Zealand’s Stock Exchange Hit By Second Cyber Attack
The threat to critical infrastructure is becoming more severe and sophisticated, so what needs to be done to mitigate incoming cyber attacks?
The threat to critical infrastructure continues to become more severe and sophisticated as the years go on, but the two day distributed denial of service (DDoS) attack on the New Zealand stock exchange proves just how serious the issue is becoming. There are various motivations behind DDoS attacks, including political, ethical or extortion tactics and they have been commonly disregarded as a major cyber security issue within the industry. Due to the fact that DDoS attacks don’t steal.....Read More
The threat to critical infrastructure continues to become more severe and sophisticated as the years go on, but the two day distributed denial of service (DDoS) attack on the New Zealand stock exchange proves just how serious the issue is becoming. There are various motivations behind DDoS attacks, including political, ethical or extortion tactics and they have been commonly disregarded as a major cyber security issue within the industry. Due to the fact that DDoS attacks don’t steal anything, but rather slow down or stop businesses in their tracks – many organisations have turned a blind eye to mitigating them. While DDoS attacks typically last a couple of minutes to hours, we have started to see them stretching to days even weeks, which can have a significant and lasting impact on any business. New Zealand, and other states worldwide need to use this attack as a stark reminder of the importance of protecting their national critical infrastructure. It is paramount that organisations with any strategically useful information prepare themselves to deal with highly sophisticated attacks. To deliver reliable services to society, critical infrastructure providers need to ensure cybersecurity is built into operating models. If done so correctly, they will then be able to ensure their cyber security programmes become more efficient, ultimately making it easier to spot relevant threats and gain more context into attack patterns to inform response strategies.  Read Less
July 23, 2020

ISC Russia Report – CISO Comments On Cyber Attacks Facing Government
An interesting element in the report is that it highlighted the lack of collaboration between the various organisations in the UK
Cyber is a 'complex landscape' in the UK with numerous agencies involved in cyber defence - but it is not immediately clear how they all work together and complement one another, according to the report. The lack of co-ordination and collaboration by organisations across the Intelligence Community is a grave concern and something that nation-state actors look to exploit. As the report indicated, the need for 'greater cohesion' must be addressed in the next iteration of the National.....Read More
Cyber is a 'complex landscape' in the UK with numerous agencies involved in cyber defence - but it is not immediately clear how they all work together and complement one another, according to the report. The lack of co-ordination and collaboration by organisations across the Intelligence Community is a grave concern and something that nation-state actors look to exploit. As the report indicated, the need for 'greater cohesion' must be addressed in the next iteration of the National Cyber Security Strategy. Greater collaboration is needed between UK organisations but there also needs to be closer working relationships with other allied nation-states. Suspicion surrounding the concept of collaborating needs to be surmounted. Nation states need to move towards a unified approach to cybersecurity based on information sharing communities. For any organisation, it's impossible to understand who you adversaries are, what vulnerabilities they are looking to exploit and what methods they are using without a linked-up effort. An ‘all for one, one for all’ approach is the best way forward.”  Read Less