Tag Archive for: Choice

BEC overtakes ransomware as cyber crime of choice

/in


The number of incidents involving business email compromise (BEC) has doubled, replacing ransomware as the most common type of financially motivated cyber threat to organisations, according to new research. 

The growth in BEC was linked to a surge in successful phishing campaigns, accounting for 33% of incidents where the initial access vector (IAV) could be established, a near three-fold increase compared to 2021 (13%). 

With talk of advanced AI-driven threats dominating the cybersecurity industry, new research by the Secureworks Counter Threat Unit has revealed that most real-world security incidents have more humble beginnings highlighting a need for businesses to focus on cyber hygiene to bolster their network defences.

Between January and December 2022, Secureworks helped contain and remediate over 500 real-world security incidents. The data from these incidents was analysed by Secureworks CTU researchers to establish trends and emerging threats. 

An equally popular entry point for attackers both nation state and cybercriminal was to exploit vulnerabilities in internet-facing systems, representing a third of incidents where IAV could be established. Typically, threat actors did not need to use zero-day vulnerabilities, instead relying on publicly disclosed vulnerabilities such as ProxyLogon, ProxyShell and Log4Shell to target unpatched machines. 

The research found ransomware incidents fell by 57%, but remain a core threat. This reduction could be due as much to a change in tactics as it is to a reduction in the level of the threat following increased law enforcement activity around high-profile attacks, like Colonial Pipeline and Kaseya. Equally, gangs may be targeting smaller organisations, which are less likely to engage with incident responders.

“Business email compromise requires little to no technical skill but can be extremely lucrative,” says Mike McLellan, Director of Intelligence at Secureworks.

“Attackers can simultaneously phish multiple organisations looking for potential victims, without needing to employ advanced skills or operate complicated affiliate models,” he says.

“Let’s be clear, cybercriminals are opportunistic not targeted….

Source…

Ransomware Payments Become an Even Riskier Choice Amidst the Ever-Growing Sanctions List | Faegre Drinker Biddle & Reath LLP

/in


In February 2022, Executive Order 14024 highlighted that Russia’s invasion of Ukraine threatened not only Ukraine but also the national security and foreign policy of the United States. Pursuant to this executive order, and in the face of national security concerns, the U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has instituted extensive sanctions, including both economic and trade sanctions. Also, in response to the national security concerns, the Cybersecurity and Infrastructure Security Agency (CISA) issued a Shields Up notice, urging companies to bolster their cybersecurity to protect themselves against the threat of a cyberattack.

As the conflict between Russia and Ukraine continues, the threat of a cyberattack, specifically ransomware and NotPetya-style attacks, remains top of mind. However, as entities continue to bolster their cybersecurity and protect themselves against these attacks, they should be cognizant of the implications that OFAC sanctions may have in connection with such an attack.

All U.S. persons must comply with the sanctions against Russia. U.S. persons are defined as U.S. citizens and permanent residents regardless of location, as well as all persons and entities who are in the U.S. and all entities incorporated in the U.S. and any of their foreign branches.

This analysis becomes complicated during ransomware attacks. When an entity is the victim of a ransomware attack, they typically have to make a decision about whether to pay the attacker a ransom in order to retrieve their data or to get a key to unencrypt their data. Ransom payments — including payments with cryptocurrency or payments facilitated through third parties — to sanctioned persons or entities are in violation of the OFAC regulations. In light of the Russia-Ukraine conflict, the number of sanctioned individuals and entities has increased dramatically, making it more difficult to ensure that an entity requesting a ransom payment is not subject to sanctions.

Making a ransomware payment where it is known that the ransomware attacker originated from a person or group on the OFAC sanctions list is in violation of the OFAC regulations and subjects the payor…

Source…

How People Make Hacking a Legit Career Choice

/in


The media, journalists, and the public are prone to oversimplification. And hackers are no exception. Hackers get a bad rap in movies and TV shows. Their reputation is often that of a shadowy, secretive, or marginal group. Here’s how people make hacking a legit career choice.


Calendar – Calendar

Possibly it’s the evil genius who can quickly break government systems. Why? Maybe it’s political beliefs or just the lols. But, even the introvert, “the basement hacker,” who is untrained and disorganized, can be a dangerous adversary.

As such, your imagination probably doesn’t conjure ethical hackers. In recent years, though, many large companies have hired white hat hackers. Why? They’re hired to prevent attacks, bugs, and threats and test and monitor their systems.

What’s more, ethical hackers are making a solid living. According to ZipRecruitor, the national average is $135,269 a year for an ethical hacking job in the US.

Apart from a high salary, a good hacker can make money in various ways outside of their regular job. For example, if you want to make your own schedule or don’t want to be tied to any one location, that’s appealing.

But how can you make hacking a legit career choice? Well, let’s find out.

Why Are Hackers Hired?

Professional hackers test the security of companies. To verify whether their security controls are effective, they hire hackers. Additionally, they will make security suggestions.

Before releasing a new web application, a company might hire hackers to find weaknesses. The application will be less vulnerable to hackers when it hits the market as a result.

In addition, private companies and governments hire hackers. Competitive intelligence is in the interest of private companies. To force customers to switch to their services by making their competitors unavailable. Isn’t that illegal? I wouldn’t pursue this career path, although it’s 100% illegal.

Hacking other companies is considered espionage. Government information is mainly kept electronically, so accessing government agencies or third-party providers can be beneficial. Some governments also use cybercrime as a revenue source. North Korea is…

Source…

Inside a Ransomware Hit at Nordic Choice Hotels

/in


Nordic Choice Hotels, a chain with more than 200 hotels across Scandinavia and the Baltic countries, is still dealing with technology problems and the fallout from a data leak after a Dec. 1 ransomware attack.

Immediately after the incident, the company shut down corporate computers, check-in desks and machines such as music systems, and disconnected computers from the internet, said Kari Anna Fiskvik, Nordic Choice’s vice president of technology.

Kari Anna Fiskvik, vice president of technology at Nordic Choice Hotels



Photo:

MAIA HANSEN/A-I-AM

Hotel staff recorded check-in details with pens and paper, and escorted guests to their rooms because digital keycards didn’t work, Ms. Fiskvik said. Just as hackers struck, hotel business was booming again after long pandemic-related lockdowns.

“We were a good target because we were tired already,” she said.

More than five weeks after hackers hit, glitches continue in machines that provide heating, music and other services, she said.

Nordic Choice, an independent franchisor of Rockville, Md.-based

Choice Hotels International Inc.,

operates hotels in Norway, Sweden, Denmark, Finland and Lithuania. A spokesperson for Choice Hotels International said there is no indication the attack affected its technology systems.

An investigation found that hackers had infiltrated Nordic Choice’s systems 36 to 48 hours before launching the attack through a phishing email that appeared to be sent by a tour operator in frequent contact with the company, Ms. Fiskvik said.

Ransomware attacks are increasing in frequency, victim losses are skyrocketing, and hackers are shifting their targets. WSJ’s Dustin Volz explains why these attacks are on the rise and what the U.S. can do to fight them. Photo illustration: Laura Kammermann

Source…