Tag Archives: Cryptojacking

Microsoft : Cybersecurity Trends + How To Stay Safe In 2020!

Microsoft : Cybersecurity Trends + How To Stay Safe In 2020!

As part of Safer Internet Day (SID), Antony Cook from Microsoft shared the key cybersecurity trends in 2020, and how we can stay safe against those dangers.

Even if we are experienced techies, it is enlightening to find out what Microsoft believes are the cybersecurity threats that we should be looking out for in 2020.

 

Microsoft : Key Cybersecurity Trends In 2020!

Cybersecurity Trend #1 : Less Ransomware But More Attacks

Ransomware has declined in recent years, dropping more than 60% from its peak. But Microsoft sees a rise in other types of cyberattacks.

Attackers have learned that ransomware attracts too much attention from law enforcement, and organisations have gotten better at backing up their data.

So hackers are moving onto other activities like cryptocurrency malware and phishing, where they can more easily profit with less attention.

Cybersecurity Trend #2 : Mining Malware Will Be Big!

Attackers are often acting for financial benefit, so they will make big bets on cryptocurrency, especially in Bitcoin.

They will focus more on mining malware that lets them use your computer to mine cryptocurrency coins without being detected.

Coin mining software is easily available, and cybercriminals have put malware into many widely-shared and used software. They are also trying to inject these malware through websites illegally streaming copyrighted content like the latest movies.

Cybersecurity Trend #3 : Embedded Threats

Attackers are now more sophisticated, targeting legitimate and trusted software supply points to deliver malware. There have been many examples of this attack vector :

  • a routine update for a tax accounting application,
  • popular freeware tools which have backdoors forcibly installed,
  • a server management software package,
  • an internet browser extension or site plugin,
  • malicious images which active scripts when clicked,
  • peer-to-peer applications

In those cases, attackers were able to change the code of legitimate software that people trust and install without hesitation, allowing them to “hitch a ride”.

This attack vector is very dangerous and frustrating, because it takes advantage of the trust that consumers and IT departments already have for legitimate software.

Cybersecurity Trend #4 : Phishing Scams

Phishing continues to be one of the most effective ways to compromise systems, because it targets human decisions and judgment.

Microsoft noted that the percentage of inbound emails that were detected as phishing messages increased 250% throughout 2018, and they expect the final figures for 2019 to show the same trend.

 

Microsoft : How To Stay Safe In 2020!

Here is a summary of what Microsoft believes we should do to stay safe online against cybersecurity threats in 2020 :

Cybersecurity Tip #1 : Practice Good Security Hygiene

  1. Keep your operating system and software updated.
  2. Turn on email and browser protections.
  3. Apply the cybersecurity configurations that your hardware and software vendors recommend.
  4. Stay away from any unfamiliar software or websites.
  5. Use only legitimate software, and not just your key applications.

Cybersecurity Tip #2 : Implement More Access Controls

System administrators should implement more access controls, using Zero Trust or at least privilege models.

This will limit hackers that successfully break into your network from accessing more than a segment.

Cybersecurity Tip #3 : 3-2-1 Backup!

Make sure you create and keep backups, and the cloud is a great tool for this.

Microsoft recommends adhering to the 3-2-1 rule – keep three backups of your data on two different storage types, with at least one backup offsite.

Cybersecurity Tip #4 : Keep Vigilant!

Even if we implement strong cybersecurity measures, we must remain vigilant, and keep an eye out for suspicious activity.

Not just system administrators, but users as well. If you see anything suspicious – report it to your IT department immediately.

It can be anything from a sudden slowdown in your computer’s performance, to strange web pages and images appearing.

 

Recommended Reading

Go Back To > Computer SystemsHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Operation Goldfish Alpha : INTERPOL Tackles Cryptojacking!

INTERPOL just announced that their Operation Goldfish Alpha has greatly reduced cryptojacking in Southeast Asia.

Find out how INTERPOL and their partner countries cracked down on cryptojacking through Operation Goldfish Alpha!

 

Cryptojacking : What Is It?

Cryptojacking is a new way for cybercriminals to hijack our computer’s processing power to mine cryptocurrency.

Cryptojackers snare their victims by getting them to unwittingly install a malware in their computers. This can happen by tricking the victim into clicking on malicious links, or visiting infected websites.

Once installed, the malware gives them access to the computer or other Internet-connected devices. They can then install programmes called “coin miners” to hijack the processing power of infected devices to mine cryptocurrency.

 

Operation Goldfish Alpha : How INTERPOL Tackled Cryptojacking

Earlier last year, INTERPOL identified a global cryptojacking operation based on a vulnerability in MikroTik routers. The intelligence was disseminated to the affected countries.

INTERPOL’s ASEAN Cyber Capability Desk took it one step further, launching Operation Goldfish Alpha in June 2019.

They identified more than 20,000 hacked routers in the ASEAN region, which accounted for 18% of the infected global total.

Over five months, cybercrime investigators and experts from Computer Emergency Response Teams (CERTs) from across 10 ASEAN countries (Brunei, Cambodia, Indonesia, Laos, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam) worked together to :

  • locate the infected routers and alert the victims,
  • patch the infected devices, so they are no longer under the cryptojacker’s control

When Operation Goldfish Alpha concluded in late November 2019, they successfully reduced the number of infected devices by 78%. But while the operation has come to an end, efforts to clean the remaining infected devices continue.

Operation Goldfish Alpha also served to increase awareness of cryptojacking, how to identify it and how to mitigate the threat.

 

Recommended Reading

Go Back To > CybersecurityEnterprise + Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Top Three 2019 Cybersecurity Predictions By Dimension Data

Mark Thomas, VP of Cybersecurity at Dimension Data, recently shared with us his top three cybersecurity predictions for 2019.

  • Increased Benchmarks Will Improve Standards
  • A Strong Future For Predictive Threat Intelligence
  • Cybersecurity Investments Become More Strategic

 

The 2019 Cybersecurity Landscape

Cybercrime currently represents one of the top 10 biggest threats to our globe during 2019 – and it’s showing no sign of ebbing away. The approaches of hackers are increasing in sophistication, the volume of their attacks is intensifying, and successful breaches are causing more damage than ever before.

But as threats and attack types evolve, so too do our methods of defending against them, sparking levels of innovation previously unseen.

And despite the fact that 2018 represented a record year for the number of new business vulnerabilities discovered (a 12.5% upsurge from 2017), the most commonly attacked industries across the globe are also those best-equipped to guard against the latest criminal advances.

But what lessons can we learn from their success? Here are three ways the cybersecurity landscape is going to change over the coming years.

2019 Cybersecurity Prediction #1 : Increased Benchmarks Will Improve Standards

According to NTT Security’s 2019 Global Threat Intelligence Report, the average global cybersecurity maturity rating languishes at 1.45 out of 5 – a score determined by an organisation’s holistic approach to cybersecurity from a strategy, process, metrics and tools perspective.

At first glance, this rating makes for grim reading, but encouragingly, this increase in ‘cybermaturity’ benchmarking is galvanising many forward-thinking companies to make considerable changes in order to ramp up their security posture.

Among those are the two most ‘cybermature’ industries: finance and technology. It should come as no surprise that two such dominant sectors bear the brunt of the cybercrime offensive, each experiencing 17% of all attacks recorded in 2018.

Yet despite enduring this barrage, the finance and tech industries also boast the highest ‘cybermaturity’ rating of any industry, with 1.71 and 1.66 respectively.

It’s from these heightened levels of ‘cyberpreparedness’ that the majority of businesses – regardless of size, sector, or market – can draw some vital lessons from. By benchmarking their maturity, companies are showing a real willingness to inspire positive change; with a greater focus on predictive threat intelligence, more considered and strategic investments, and higher levels of internal and external collaboration representing some of the most critical approaches separating the best-fortified organisations.

Indeed, the finance and technology sectors are the industries most keen to team up with external partners to evolve their long-term strategies and next-generation architectures, unlocking access to trillions of logs and billions of attack records that can be used to shape a more predictive approach to cybersecurity defence.

2019 Cybersecurity Prediction #2 : A Strong Future For Predictive Threat Intelligence

With business vulnerabilities at a record high, the rise of predictive threat intelligence represents one of the most tangible and accessible ways that organisations can immediately bolster their security programmes.

The concept of cybersecurity defence evolving from a reactive to a more predictive model isn’t going to cause shockwaves among IT teams, but with our understanding of AI and machine learning technologies increasing – and attackers’ methods becoming more sophisticated in tandem – its application has never been more pertinent.

In fact, the market for threat intelligence tools is now expected to surge to USD 12.9 billion by 2023, at a growth rate of 19.7% each year.

This prediction, along with news that venture capital firm Insight Partners has splashed out USD 780 million on threat intelligence company Recorded Future, indicates this field is about to go through a sustained period of unprecedented innovation.

One of the secrets to unlocking the potential to predictive threat intelligence lies in the amount of threat information you are able to collect. Security teams need to start digging deeper into the murkier and harder to reach corners of the internet – such as the dark web – to outsmart the bad guys.

With machine learning potentially monitoring billions of logs, patterns can be identified and automated safeguards established so that attacks can be deflected instantly.

And the more granular you can go, the better – it affords security and IT teams with that much-needed structure and context to turn raw data into actionable intelligence.

2019 Cybersecurity Prediction #3 : Cybersecurity Investments Become More Strategic

With almost two-thirds of companies citing a poor understanding of their current risk profile as the primary inhibitor to a better cybersecurity posture, it’s clear that in order to better bolster their barricades, organisations must exercise a more strategic and calculated approach to cybersecurity investment.

The good news is that senior executives are finally prioritising cybersecurity as a critical boardroom concern – but from the lowly 1.45 out of 5 average cybermaturity rating, it’s painfully clear that ambitions are outpacing preparedness. This benchmark needs to change – but where should organisations channel their investment in order to best fortify their defences?

With the cryptocurrency market surging by 51% since the start of 2019, illicit cryptojacking techniques have followed suit, skyrocketing by a staggering 459% last year.

To best prevent, detect, and recover from cryptojacking, organisations should consider introducing egress and ingress filtering restrictions to moderate outbound traffic, denying stratum protocol usage, or segmenting your network environments to make it more difficult for an attacker to penetrate an attack through your entire network.

Segmenting your network environments is a method that can also be applied when defending against web-based attacks, which doubled during 2018 and now account for almost a third of all hostile traffic.

Performing regular vulnerability scans will help you identify issues earlier on during the development cycle, while enforcing secure coding practices will ensure applications remain solid from the moment throughout their design and launch.

Of course, the level of investment in these areas depends on your market and sector, where frequency and volume of attack types can vary greatly – but regardless of industry or location, one key focus cannot be ignored – compliance.

Embedding compliance requirements into your strategy is essential, and with such a wealth of information-sharing and collaborative tools available, there’s no excuse for not keeping pace with the latest regulatory requirements.

Success is achieved when organisations invest proportionately in people, processes, and tools to provide a solid foundation of security and data privacy expertise, across all technology stacks. Benchmarking yourself against industry best practices and control frameworks provides an easy way to measure the return on an organisation’s security investment.

Simply put, you cannot manage what you cannot measure, so it’s critical companies understand their compliance posture and plan ahead so they can achieve their security ambitions.

 

More On The 2019 Cybersecurity Landscape

We had the opportunity to sit down with Mark Thomas, VP of Cybersecurity and other members of Dimension Data (now part of NTT Limited) for a Q&A session on the 2019 NTT Security GTIR and cybersecurity landscape.

You can download the executive guide to the 2019 NTT Security Global Threat Intelligence Report here.

 

Recommended Reading

Go Back To > CybersecurityEnterprise + Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The 2019 NTT Security GTIR : Top 4 Cybersecurity Highlights!

Here are the top 4 highlights of the newly-released 2019 NTT Security GTIR (Global Threat Intelligence Report)!

Find out what NTT Security discovered in their research on the current state of cybersecurity across the world!

 

The 2019 NTT Security GTIR : Top 4 Cybersecurity Highlights!

2019 NTT GTIR Highlight #1 : Cybersecurity Vulnerabilities

2018 set a new record – over 16,500 new vulnerabilities identified and reported in a single year!

Many of those vulnerabilities, like GNU Bash (also known as Shellshock), were discovered in older software that have been present for years.

Other vulnerabilities were, ironically, introduced through patches meant to fix other vulnerabilities.

NTT Security’s research also showed that the time-to-fix increased for all risk levels, except for medium risks. In addition, the window of exposure across all industries remains too long.

2019 NTT GTIR Highlight #2 : Cybersecurity Maturity

Globally, the average cybersecurity maturity rating stands at 1.45 out of 5 – a score which NTT Security considers to be extremely worrying, especially when security vulnerabilities are surging to a record high (up 12.5% from 2017).

The finance (1.71) and technology (1.66) sectors boast the highest maturity ratings, and continue to ramp up their security posture.

This is most likely prompted by their positions as the most commonly targeted industries, each accounting for 17% of all attacks recorded in 2018.

Interestingly, NTT Security noted that the attack volume correlated with the organisation’s willingness to improve their cybersecurity defences.

Regionally, MEA and Australia are the most prepared, and have the highest cybersecurity maturity ambitions.

But ambitions outpaced preparedness most noticeably in the Americas and Europe – they both fall behind the global benchmark.

2019 NTT GTIR Highlight #3 : Attack Types

After scouring trillions of logs and billions of attacks, NTT Security reported the most common attack types, with web attacks the most prevalent threat. They have doubled in frequency since 2017, and accounted for 32% of all attacks detected last year.

Reconnaissance (16%) was the next most common hostile activity, closely followed by service-specific attacks (13%) and brute-force attacks (12%).

Interestingly, cryptojacking sometimes accounted for more detections than all other malware combined!

2019 NTT GTIR Highlight #4 : Attack Locations

Globally, 35% of attacks originate from IP addresses within the US and China, followed by EMEA and APAC.

NTT Security points out that attackers are leveraging the infrastructure in the US and China to launch attacks. And remember – the attack source IP address does not always reflect the attacker’s true location.

 

More On The 2019 NTT Security GTIR

We had the opportunity to sit down with Mark Thomas, VP of Cybersecurity and other members of Dimension Data (now part of NTT Limited) for a Q&A session on the 2019 NTT Security GTIR and cybersecurity landscape.

You can download the executive guide to the 2019 NTT Security Global Threat Intelligence Report here.

 

Recommended Reading

Go Back To > CybersecurityEnterprise + Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!