It is not a secret that many people nowadays do not pay much attention when they surf the web at home or at work. There are new data breaches and exploits on a daily basis and still avoiding to take any precautions may result in a catastrophic consequences. Even the biggest corporations are paying millions of dollars so they can improve their cybersecurity and remain safe. However, if you still believe in some of the cybersecurity myths you may put your own computer or even your whole organization to a huge risk. We from CyberDB have decided to bust some of the top 5 cyber security myths and make it clear for you.

Continue reading

Iran Cyberspace picture

There has been recent focus on alleged Iran cyber activity the past few weeks, spurned on by the publication of a vendor report on Iranian operations.  Per the vendor’s findings, not only was Iran likely behind the activity that was targeting government and private sector in the Middle East, it was implementing National Security Agency exploits that were stolen and dumped into the public domain by the Shadow Brokers group in April 2017.  As recently as late August 2018, Iran is suspected of trying to launch influence operations ahead of the midterm elections.  The conclusion is that Iran is increasingly using asymmetric attacks, particularly via cyberspace, as part of its tool box to conduct retaliatory attacks.

The new reporting comes at a time when Russia’s cyber malfeasance has largely dominated the press, due to its influence operations efforts and election shenanigans, not just in the United States but in other countries as well.  Prior to the Russia focus, North Korea was the focal point with its suspected cyber activities targeting cryptocurrency, and the SWIFT banking transactions before that.  Iran was propelled onto the scene with Operation Ababil

Continue reading

Baseball player getting to bat

According to 2017 reporting, Major League Baseball believed that the Boston Red Sox, at the time in first place in the American League East, used the Apple Watch to illicitly steal hand signals from opposing teams.  Allegedly, the Apple Watch was used to not only “steal” hand signals from opposing catchers in games using video recording equipment, but transmit the information likely to team trainers.  The theft of such information would help determine the type of pitch that was going to be thrown.  The recording of signals is strictly forbidden by league rules.

When it comes to targeting billion-dollar sports franchises, many would assume that cyber crime would be the foremost cyber actors behind the scenes.  Based on a 2015 report that estimated the professional sports market in North America to have an expected worth of $73.5 billion by 2019, it’s easy to see why.  Indeed, there have been several incidents where cyber crime operations have focused on professional sports teams.  In April 2016, the National Basketball Association Milwaukee Bucks players had their financial documents (player addresses, Social Security Numbers, and compensation) accidentally leaked due to a team employee falling victim to an e-mail scam.  The employee released players’ 2015 IRS W-2 documents to an emailer impersonating the team’s president. Also in 2016, a crippling TeslaCrypt ransomware attack impacted a NASCAR racing team.  An estimated $2 million worth of information was potentially lost prompting payment of the ransom to the criminals.

Continue reading

Cyber threat

Thus far, there has been no confirmed retaliatory cyber strikes conducted by a victimized government against a suspected aggressor state.  There has been some speculation that after the Sony Pictures attack, the United States “knocked” North Korea off the Internet for a brief period of time, although this has never been corroborated.  Despite being a cyber power, the United States has demonstrated restraint in punishing against those transgressor states it believes to have been orchestrators of cyber attacks against its interests, preferring to level sanctions as a punitive alternative.

The question that governments ask is how to deter hostile acts in cyberspace?  And while an important question to raise, perhaps the reality is that there is no viable answer.  There is a reason why international efforts continually fail when trying to gain consensus on cyber norms, Internet governance, and the legalities and criteria of hacking back – there is lack of a fundamental desire to actually find a solution.  Governments willing to agree to the standards and principles of any of these issues are stating their willingness to abide by them, and while that may fit the current situation, the dynamism of cyberspace has proven unpredictable.  Being cuffed to such an agreement that no longer has relevance while other governments operate without constraints is not an ideal situation.  Therefore, without an agreement in place, the status quo remains.

Continue reading

According to recent reporting, a suspected nation state hacker group with alleged ties to the Iranian government issued death threats to researchers that had detected their cyber espionage activity.  The researchers were checking a server that they believed to be associated with a specific data breach when they received the message “Stop!!! I Kill You Researcher.”  According to the same report, the server was apparently attached to the attackers’ command-and-control infrastructure.  Active since 2015, the group known as “MuddyWaters” has been observed targeting organizations in Georgia, India, Iraq, Pakistan, Saudi Arabia, Tajikistan, Turkey, and the United States.  Recently, MuddyWaters has been observed targeting oil and gas entities in the Middle East.  Notably, the group is believed to employ “false flag” operations – similar to what was believed to have been done during the recent Olympics – in which it adopted some of the tactics, techniques, and procedures (TTP) of suspected Chinese hackers to obfuscate the group’s true identity.

 

On the surface, the threat made against the researchers can be viewed as knee-jerk reaction to being tracked by the private sector.  But this does raise the possibility of what hostile actors may resort to in the future.  The private sector computer security has been aggressively investigating the activities of suspected nation states actors since 2004 when the first report published the activities of a Chinese state entity.  Since that time, several subsequent reports have been provided to the public detailing “advanced persistent threat” operations detailing TTPs and targeting that have ultimately been attributed to specific nation state actors.  While the standard public reaction of these governments has been to refute or deny the claims, citing the difficulties in providing adequate evidence that supports attribution, sanctions and alleged retaliatory strikes have been know to occur as a result of these accusations.

Continue reading

UK’s Digital Strategy – Future Model or Another Thought Piece?

First announced in 2015, the United Kingdom (UK) finally published its Digital Strategy that went into effect on March 1, 2017.  Per the government’s website, the goal of this document is to provide a blueprint how the UK will build on its success to date in developing a world-leading digital economy that works for the greater good.  This is particularly important given that the UK is a global capital for financial technology, which generated £6.6bn of revenue in 2015.

Continue reading

Healthcare Data: Everything Has a Price; Everything Has Value

Unsurprisingly, the healthcare sector continues to be an attractive target as data stolen continues to provide value to a diverse threat actor set.  Indeed, criminals and those actors associated with traditional cyber espionage activities have conducted some of the more news garnering incidents over the past few years.  What’s more, depending on the actors’ intent, all types of information have been sought after and stolen by these groups and individuals to include financial and insurance-related information, personal identifiable information, and even the health records of patients.  The targeting of these different types of data should demonstrate to the healthcare industry that there is no seemingly benign data when it comes to healthcare and that strategies must be designed to safeguard any and all types of data that relate to patients and their care treatments.

Continue reading

Should We Just Accept Cyber Breaches as the New Normal?

An August article suggested that the due to the large amounts of cyber breaches that have impacted both public and private sectors that have put millions of individuals personal identifiable information at risk, the general attitude toward breaches is becoming more mainstream and accepted.  This is an unfortunate state of affairs when instead of compelling organizations to aggressively improve their network security practices, the public writ large is willing to accept credit monitoring for a period of time (usually 1-2 years) as a consolation prize.  According to one source, the first half of 2016 has seen 538 breaches identified; 60 percent of businesses losing valuable intellectual property and/or trade secrets; and approximately 13 million records exposed.

Continue reading