Tag Archive for: reality

A ransomware reality check as US is a top target of attacks

/in


While you might think, as many people do, that ransomware attacks are a worldwide problem, a new report reveals hackers are targeting specific countries, and the United States is one of the top targets.

According to critical infrastructure security company Dragos, 44% of ransomware attacks last year targeted North American industrial organizations. Europe was also a top threat, with 32% of attacks targeting organizations there. Industrial ransomware attacks spiked nearly 50% on a global scale, growing to 905 last year compared to 600 in 2022.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

A ransomware reality check as US is a top target of attacks

Illustration of ransomware attacker (Kurt “CyberGuy” Knutsson)

What is ransomware?

In a ransomware attack, hackers will encrypt data on a system and demand a ransom to restore access to the owners. They may also threaten to delete or leak the data if you don’t pay. While these attacks tend to target large organizations, some hacker groups will also target individuals.

In fact, anyone who uses a computer or a device connected to the internet can be a potential victim of ransomware. This means that your personal files, such as your photos, videos, documents and emails, could be locked by hackers who demand a ransom for their release.

MORE: RANSOMWARE RAMPAGE HITS RECORD HIGH WITH US ITS TOP TARGET

A ransomware reality check as US is a top target of attacks

Person conducting ransomware attack (Kurt “CyberGuy” Knutsson)

What can I do to protect myself from ransomware?

Ransomware criminals will try to get you to pay money to them to get your files back. However, paying the ransom does not guarantee that you will regain access to anything a criminal takes from you and will only permit them to do it more.

Your best bet is to prevent an attacker from gaining access to your files altogether so that you don’t have to try to fight to get them back. Here are some of my tips for avoiding having your data stolen in a ransomware attack.

MORE: TIPS TO FOLLOW FROM ONE INCREDIBLY COSTLY CONVERSATION WITH CYBERCROOKS

1) Be careful about opening suspicious links or attachments

If you receive an email from an address you do not recognize, don’t open it. If you open it by mistake, avoid…

Source…

Virtual reality headsets are vulnerable to hackers, demonstrate studies

/in


virtual reality
Credit: CC0 Public Domain

While augmented reality (AR) and virtual reality (VR) are envisioned as the next iteration of the internet immersing us in new digital worlds, the associated headset hardware and virtual keyboard interfaces create new opportunities for hackers.

Such are the findings of computer scientists at the University of California, Riverside, which are detailed in two papers to be presented this week at the annual Usenix Security Symposium in Anaheim, a leading international conference on cyber security.

The emerging metaverse technology, now under intensive development by Facebook’s Mark Zuckerberg and other tech titans, relies on headsets that interpret our bodily motions— reaches, nods, steps, and blinks—to navigate new worlds of AR and VR to play games, socialize, meet co-workers, and perhaps shop or conduct other forms of business.

A computer science team at UCR’s Bourns College of Engineering led by professors Jiasi Chen and Nael Abu-Ghazaleh, however, has demonstrated that spyware can watch and record our every motion and then use artificial intelligence to translate those movements into words with 90% or better accuracy.

“Basically, we show that if you run multiple applications, and one of them is malicious, it can spy on the other applications,” Abu-Ghazaleh said. “It can spy on the environment around you, for example showing people are around you and how far they are. And it can also expose to the attacker your interactions with the headset.”

For instance, if you take a break from a virtual game to check your Facebook messages by air typing the password on a virtual keyboard generated by the headset, the spyware could capture your password. Similarly, spies could potentially interpret your body movements to gain access to your actions during a virtual meeting in which confidential information is disclosed and discussed.

The two papers to be presented at the cybersecurity conference are co-authored Abu-Ghazaleh and Chen toether with Yicheng Zhang, a UCR computer…

Source…

SASE Reality Check: Security and SD-WAN Integration Journey

/in


By: Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing at Aruba, a Hewlett Packard Enterprise company.

Today, enterprise IT leaders are facing the reality that a hybrid work environment is the new normal as we transition from a post-pandemic world. This has meant updating cloud, networking, and security infrastructure to adapt to the new realities of hybrid work and a world where employees will need to connect to and access business applications from anywhere and from any device, in a secure manner. In fact, most applications are now cloud-hosted, presenting additional IT challenges to ensure a high-quality end-user experience for the remote worker, home office worker, or branch office.

Network security policies that are based on the legacy data-center environment where applications are backhauled to the data center affect application performance and user experience negatively within a cloud-first environment. These policies also don’t function end-to-end in an environment where there are BYOD or IoT devices. When networking and network security requirements are managed by separate IT teams independently and in parallel, do you achieve the best architecture for digital transformation?

So, does implementing a SASE architecture based on a single vendor solve all of these challenges?

SASE, in itself, is not its own technology or service: the term describes a suite of services that combine advanced SD-WAN with Security Service Edge (SSE) to connect and protect the company from web-based attacks and unauthorized access to the network and applications. By integrating SD-WAN and cloud security into a common framework, SASE implementations can both improve network performance and reduce security risks. But, because SASE is a collection of capabilities, organizations need to have a good understanding of which components they require to best fit their needs.

A key component of a SASE framework is SD-WAN. Because of SD-WAN’s rapid adoption to support direct internet access, organizations can leverage existing products to serve as a foundation for their SASE implementations. This would be true for both do-it-yourself as well as managed services…

Source…

Major Hack On Ukraine Infrastructure Highlights The Reality Of Modern Warfare

/in


The websites of the Ukrainian army, the defense ministry and major banks were knocked offline after a series of cyberattacks highlighting the nature of modern-day warfare.    

At least a dozen Ukrainian websites were unreachable for a few hours due to the attacks, including the defense, foreign and culture ministries and Ukraine’s two largest state banks. 

Customers of Privatbank and Oschadbank reported problems with online payments, ATM withdrawals and mobile apps.

Even though Ukraine officials didn’t rush to blame Russia for the attack, like they did with a previous cyber attack,  a Ukrainian Information Ministry statement suggests Russian involvement.

“It is possible that the aggressor resorted to tactics of petty mischief, because his aggressive plans aren’t working overall,” the Ukrainian statement said. 

This is the second cyberattack on Ukrainian infrastructure this year. Last month, a massive cyber-attack knocked out key government websites, the foreign ministry, the cabinet of ministers and the security and defense council, among others.

The hackers left a message on the Ukrainian Foreign Ministry website saying: “Ukrainians! … All information about you has become public. Be afraid and expect worse. It’s your past, present and future.”

Authorities in Kyiv said they had uncovered clues that Russian security services could have been behind the cyber-attack.

Unless some third party is trying to take advantage of openings amid an intensifying crisis between Ukraine and Russia, Russian hackers, either acting privately or state-sponsored, are likely behind this week’s attack.

There is certainly a recent precedent: In 2014, when it seized and annexed Crimea from Ukraine, Russia was accused of launching a series of cyber-attacks to destabilize communications and spread disinformation. Cyberattacks are strategically advantageous to create a destabilizing atmosphere ahead or instead of a physical invasion. 

Since then, Russian hackers have attacked Ukraine’s power grid and caused several blackouts in the capital city of Kyiv. 

The Russian track record of unleashing destructive “hybrid warfare” cyber attacks has many nations, the U.S. included,…

Source…