Category: Malware, Phishing and Ransomware

International Cyber Expo today announced the speaker line-up for its annual Global Cyber Summit sponsored this year by Snyk, and hosted at Olympia London on the 27th and 28th of September 2022. Introduced by former CEO of NCSC, Professor Ciaran Martin CB, the Summit endeavours to be an educational platform for IT professionals, C-Level executives and board members on the issues impacting the industry; both current and emerging.  

In a combination of roundtable discussions, fireside chats and presentations, sessions will explore a variety of themes; from cyber warfare, ransomware, and the legal landscape as it relates to data privacy, to building diversity into one’s business culture, and the questions raised by emerging technologies like the metaverse, blockchain and quantum computing.   

Having introduced the summit, Professor Ciaran Martin CB will hand over to an exciting mix of globally-recognised experts, exploring the state of cybersecurity from an unconventional approach; this will be continued on the second day. 

On Day 1, Professor Ciaran Martin CB will be accompanied on stage by: 

  • Dr. Victoria Baines, British Computer Society Fellow and former Trust and Safety Manager for Facebook EMEA, will speak about online trust and safety in the age of surveillance as well as touch upon the politics of security, more generally.
  • Charlie Morrison, Head of the Cyber Griffin team – a programme which makes up one arm of the City of London Police’s Cyber Crime Unit – will delve into the current intelligence and trends observed within the nation’s centre of business, otherwise known as the ‘Square Mile’. 
  • Christine Bejerasco, Chief Technology Officer at With Secure and a globally sought-after keynote speaker, will explore the agility of threat actors and the width of the attack surface before diving into an outcome-based approach to cybersecurity. 
  • Lisa Forte’s Respect in Security Team will be taking to the stage for a panel discussion with TEDx speaker, Marilise de Villiers, Founder & CEO – ROAR, amongst others, and will be exploring how far the industry has come in embracing diversity, but within the context of the Respect in Security campaign. Jitender Arora, CISO at Deloitte, will be joining in the conversation. 

 

On Day 2, some highlights include:

  • Titled ‘How to Steal a Vaccine’, Rob Shapland, ethical hacker and head of Cyber Innovation at Falanx Cyber, demonstrates how cybercriminals design, plan and maximise the success of their attacks in an effort to steal Covid vaccines.
  • Like all government agencies and in particular, with the National Cyber Security Centre being part of Government Communications HQ (GCHQ), anonymity is part of the game. However, the NCSC has confirmed a senior director to give real insights as to how they are keeping industry and the public safe from growing cyber threats and will be answering questions as to how to best use their services.
  • With the Summit’s international focus, Scott Wilcox, CEO of Sicuro will be giving insights from a Dubai and Middle East perspective where he is based, examining why security departments are unprepared for persistent threats and more. What will be clear are the similarities that transcend international borders.

“We are honoured to welcome a myriad of esteemed industry experts to speak at this year’s Global Cyber Summit; all of whom share in our mission to empower the community with knowledge and drive collaboration to tackle our ever-growing list of challenges,” said Philip Ingram MBE, former senior British Military Intelligence Officer and Content Lead for the International Cyber Expo. “The last thing we want to do is sit an audience in front of another sales pitch, so we have made a point not to accept paid speaking opportunities. We are committed to producing a show that brings value to our attendees, and I believe we will have accomplished that, thanks to our guest speakers.” 

All sessions will be ranked according to technicality, allowing attendees – be they non-technical or highly-technical – to find discussions best suited to them.  

For the full Global Cyber Summit programme, visit: https://www.internationalcyberexpo.com/global-cyber-summit  

 To register for FREE as a visitor: https://ice-2022.reg.buzz/e1

The post Industry All-Stars Take Stage at International Cyber Expo’s Global Cyber Summit appeared first on IT Security Guru.

The pandemic tested the business resilience of every organisation. Small and medium sized enterprises (SMEs) had to maximise their digital footprint to keep operational, service their customers and survive. Just as companies are starting to return to some semblance of new normal, another threat is on the horizon. The pandemic has fuelled an increase in cybercrime that shows no signs of abating.

Small and medium sized enterprises caught in the cross hairs

The speed with which companies had to digitally transform their businesses during the pandemic has increased their cyber vulnerabilities. More companies are conducting their business online and cybercriminals are rubbing their hands in glee at the opportunity this presents.

Many SMEs underestimate the threat, believing they are too small to be a target. Attacks on big brands make the headlines and the jargon used to describe vulnerabilities and malware is complex, making it appear to be a big enterprise issue. It’s easy to see why smaller companies shy away from tackling an issue they hope will never happen.

The reality is that cybercriminals are organised and operate like a business with shop fronts on the dark web. They even have interactive customer support services to make it easier for victims to pay their ransom demands. Cybercrime operators know that going after large companies is risky and carries greater repercussions from law enforcement. All they want are quick and easy paydays and SMEs represent a fertile training ground for new operators to build up experience, tools and reputation. Attacking SMEs might be less lucrative, but there are more of them, and they are an easier target to hit. The devastation to livelihoods and human misery caused has no bearing on a hacker’s thinking, it’s business, not personal.

The anatomy of a simple attack

The majority of cyberattacks are not complex, they don’t need to be. The CEOs of big brands may speak of the ‘sophisticated and complex attacks’ on their systems when trying to justify to customers and suppliers why their data was breached. However, post-attack analysis doesn’t back this up.

The WannaCry attack that caused mayhem across the world in 2017 exploited a known software vulnerability that should have been patched years earlier. Companies that patched the software bug at the time it was issued remained unscathed. For the ones that didn’t, it was a tough year with costly remediation work to systems and significant brand damage.

To add insult to injury, WannaCry was initially spread through a phishing campaign. Spam emails containing infected links or attachments were sent to employees. The unknowing recipient, who probably had never received any training on how to spot a spam email, clicked the link. It only took one employee, clicking on one infected link and an entire company was infected. Who needs sophisticated attack methods when an email will do?

Cybersecurity is necessary but it doesn’t need to be complex

Cybersecurity is not a luxury, it’s a business necessity and it’s also a business enabler. If your company is secure, you can get on with the day job knowing you have done all you can to safeguard your business.

As the WannaCry attack showed, cybersecurity needs to become a habit within a company, or something will get missed. Having IT systems but no strategy to protect them is like going out and leaving your front door and all your windows wide open. You may get away with it once or twice but is it really a risk you want to take?

Keeping cybersecurity simple – where to start?

Starting on the path to securing your organisation can be hugely daunting. There are so many solutions on the market, with different features, benefits and price points that it can be difficult to know where to begin.

The National Cyber Security Centre, the technical authority in the UK, has created Cyber Essentials (CE), a simple but effective scheme to protect companies against a whole range of the most common cyberattacks.

Cyber Security Policy Manager (CSPM) helps you implement CE, delivering a clear path for SMEs to create a security strategy in easy-to-manage steps. The five fundamental controls are embedded within CSPM, providing you with a simple step-by-step process to developing security policies and procedures. Companies are given prompts and guidance at every stage, in jargon-free language. CSPM has been designed so that companies can guard against cyberattacks, without needing expensive security consultants. CSPM also provides educational videos so employees are made aware of how to defend themselves from cyber-attacks.

Companies can work their way to certification by evidencing they have implemented five fundamental controls. These controls can mitigate 80% of common cyber risks such as hacking, phishing, malware infections and social engineering attacks. The benefit of certification is it sends a clear message that cybersecurity is something your business takes seriously.

Certification can reassure customers and suppliers that you are working to secure your IT systems and safeguard their data against cyberattacks. It is a great way to demonstrate that cybersecurity is more than a tick box exercise to your existing customer and suppliers. It also opens the door to attracting new business and building your reputation as a trusted supply chain partner.

You don’t have to go it alone

There is no secret to mitigating a cyberattack, it’s the same process as protecting a house. Make yourself a harder target by blocking the obvious entry points and unless the attacker is very determined, they will move on to a softer target. If you don’t know where to start, Policy Monitor can help. We are attending International Cyber Expo at Olympia in September; you will find us on Stand B40 in the IASME Pavilion. Register for FREE tickets here: https://ice-2022.reg.buzz/website-header 

Written by: Nick Denning, CEO at Policy Monitor

The post Cybersecurity is complex – but it doesn’t need to be costly or complicated appeared first on IT Security Guru.

On 16 April 2022, the ContiNews ransomware PR site posted the gang’s newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million.

On April 21, the post was updated to include the URLs of two more compromised government departments – the Ministry of Labour and Social Security and the Fund for Social Development and Family Allowances – shortly followed by an invite to Costa Rican hackers to monetize the growing tranche of published data. A freshly inaugurated government led by Rodrigo Chaves has not obliged Conti, instead declaring a State of Emergency in response to the attacks, which the president has compared to terrorism.

But now it’s more bad news for Costa Rica as previous ransomware demands made on the country bringing it to a state of emergency have been raised to $20m, with threat actors threatening to overthrow President Chaves’ government. The Conti ransomware gang has also urged Costa Rican residents to “go to your government and organize rallies so that they would pay us as soon as possible. If your current government cannot stabilize the situation? Maybe its [sic] worth changing it?”

This is something Searchlight Security analysts have recently explored in an in-depth blog on the situation looking at who the threat actor UNC1756 is. Louise Ferrett, a threat analyst with Searchlight Security also said:

“Threat actor UNC1756’s claims that it has insiders in the Costa Rican government should be treated with some scepticism. Dark web records reveal a user by this moniker has only been active on a popular cybercrime forum since March 2022 – around a month before the attacks on Costa Rica started. So, while it’s possible UNC1756 could have bribed or socially engineered insiders within the country’s government, it seems unlikely they would have amassed so much influence so quickly. Even considering the longevity and previous successes of Conti as a whole, it is a known tactic for ransomware gangs to make exaggerated and outlandish threats in order to instil a sense of urgency in the victim and obtain a ransom payment. Costa Rica’s government should continue with its recovery plan as laid out by experts, while remaining vigilant for any evidence of malicious insiders.”

 

 

The post Who is UNC1756 – the hacker threatening Costa Rica? appeared first on IT Security Guru.