Perspectives

Cyber 101

Develop a view on Cyber

Learn with us as our Cyber Edu-series brings you a snippet about the facets of Cyber. Issues will cover the latest topics and get you acquainted with cyber in an instant.

How can you triumph over cyber challenges today? Cyber attackers are just getting started and no businesses are immune. Keep a lookout on this page for the latest part bi-monthly. 

 

December 2019 Part 10

Understanding phishing techniques

What is phishing?

Phishing is a type of social engineering attack often used to steal user data, including login credentials, bank account numbers and credit card numbers. This occurs when an attacker pretends to be a trusted entity to dupe a victim into clicking a malicious link, which can lead to the installation of malware, freezing of the system as part of a ransomware attack, or revealing of sensitive information.

Phishing is one of the oldest types of cyberattacks, dating back to the 1990s. Despite having been around for decades, it is still one of the most widespread and damaging cyberattacks.
 

What are the consequences of phishing?

Two common consequences of phishing are:

1. Financial loss

Phishing can lead to devastating financial losses for individuals as well as businesses.

For an individual, if a hacker manages to access sensitive bank account information, personal funds and investments are at risk of being stolen.

For businesses, financial losses can extend to regulatory fines and remediation costs. Phishing is the most prevalent and damaging cyber threat facing businesses, as exemplified by the figures below:

-      The average total cost of a data breach is US$3.92 million

-      90% of data breaches are caused by phishing

-      76% of businesses reported being a victim of a phishing attack in 2018

-      30% of phishing messages get opened by targeted users

-      Business email compromise scams account for US$12 billion of losses in 2018


2. Data loss and reputational damage

Phishing attacks often attempt to access more than just money from companies and individuals. Instead, they attempt to steal something much more valuable – data.

When phishing attacks successfully trigger data breaches, phishers can also cause damage to individuals’ reputation by:

•        Using the victim’s credentials for illegal activities or to blackmail the victim’s contacts

•        Publishing the victim’s personal information to embarrass them

•        Impersonating the victim to send out fake emails or malicious posts

For businesses, phishing can also lead to data breaches that will impact consumer trust.

In Deloitte’s GDPR Benchmark Survey, out of 1,650 consumers who were surveyed:

-      25% would trust an organisation less if its data was compromised

-      59% would be less likely to buy from a company involved in a data breach

As phishing attacks get more convincing and sophisticated, it is important to become educated and well-informed in spotting the common techniques employed in such scams.

The Cyber Security Agency of Singapore (CSA) has provided a few tell-tale signs of a phishing email to look out for when encountering a potential phishing scam:

1.   Mismatched and misleading information

Examples include:

-      Misspelled URLs – such as “facebok.com” instead of “facebook.com”

-      Hidden URLs – when a phisher hides the actual URL by displaying plain text like “Click Here”, or even through displaying a legitimate URL

Protect yourself by hovering your mouse cursor over a suspicious link to see the actual URL. If you are using a mobile device, long-press the link to display a window with the actual URL. Be careful not to tap and open the link.

2.   Use of urgent or threatening language

Be wary of phrases such as “urgent action required” or “your account will be terminated”, as phishers often aim to instil panic and fear to trick you into providing confidential information.

3.   Promises of attractive rewards

False offers of amazing deals or unbelievable prizes are commonly used to instil a sense of urgency to provide your confidential information. If it is too good to be true, it probably is.


4.   Requests for confidential information

Most organisations would never ask for your personal information such as your login credentials, credit card details and identification number. When in doubt, contact the company directly to clarify, but do not use the contact information provided in the email.

5.   Unexpected emails

If you receive an email regarding a purchase you did not make, do not open the attachments and links.

6.   Suspicious attachments

Exercise caution and look out for suspicious attachment names and file types. Be extra wary of .exe files, and delete them immediately if they appear unexpectedly in your inbox.

December 2019 Part 10: Understanding phishing techniques

References

Infosec. (n.d.). Phishing Tools & Techniques. Retrieved from: https://resources.infosecinstitute.com/category/enterprise/phishing/phishing-tools-techniques/#gref

Imperva. (n.d.). Phishing attacks. Retrieved from: https://www.imperva.com/learn/application-security/phishing-attack-scam/

IBM. (n.d.). How much would a data breach cost your business?. Retrieved from: https://www.ibm.com/security/data-breach

Retruster. (n.d.). 2019 Phishing Statistics and Email Fraud Statistics. Retrieved from: https://retruster.com/blog/2019-phishing-and-email-fraud-statistics.html

Trend Micro. (18 July 2018). FBI Report: Global BEC Losses Exceeded US$12 Billion in 2018. Retrieved from:https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/fbi-report-global-bec-losses-exceeded-us-12-billion-in-2018

Infosec. (n.d.). Reputational Damages. Retrieved from: https://resources.infosecinstitute.com/category/enterprise/phishing/phishing-as-a-risk-damages-from-phishing/reputational-damages/

Deloitte. (n.d.). A new era for privacy. Retrieved from: https://www2.deloitte.com/uk/en/pages/risk/articles/gdpr-six-months-on.html

Go Safe Online. (4 September 2019). Cyber Tip - Spot Signs Of Phishing. Retrieved from:  https://www.csa.gov.sg/gosafeonline/go-safe-for-me/homeinternetusers/spot-signs-of-phishing

September 2019 Part 9

Understanding threats in social media

With social media so closely interwoven into our everyday lives, it has become a prime target for cybercrimes and exploitations. The more information we share on these public platforms, the more vulnerable we are to targeted attacks.


What are the key risks in using social media?

1)   Data breaches

A data breach is an incident where information is stolen from a system without the knowledge or authorisation of the system’s owner.

According to Gemalto's latest Breach Level Index, a global database of public data breaches, social media has become the largest data breach threat of our time.

With the massive reach of social media, data breaches on these platforms can expose millions of users to getting their personal information or user profiles stolen.


2)   Phishing and malware

Phishing is when cyber criminals employ social engineering techniques to trick users into clicking deceptive links to download malware (short for malicious software).

On social media, these deceptive links often appear as:

  • Unbelievable news
  • Fake giveaways
  • Shocking videos
  • Games and quizzes


3)   Catfishing and deception

A catfish is someone who purposefully deceives others online by impersonating as someone else or creating an identity that does not portray their actual self. Victims of catfishing can be subject to embarrassment, emotional devastation or monetary loss.

Catfishing usually involves some form of emotional motivation, such as personal insecurities, boredom, mental illness, revenge, harassment. Some catfish may also solicit money or gifts from their victims.


4)   Cyberbullying

Cyberbullying is abuse that takes place over digital platforms, especially social media, where people can view, participate and share content. It includes sharing or sending of negative, mean or false content aimed at harming or humiliating another individual.

Cyberbullying affects individuals in the digital space, but can also have a direct impact to the physical, mental and emotional safety of individuals offline. It has become very prevalent amongst the youth, with 3 out of 4 children and teenagers in Singapore having experienced it.
 

How can you protect yourself?

With the proliferation of cybercrimes targeted at social media, it is imperative for users to remain vigilant and take steps to protect themselves.

Some tips include:

  1. Using strong passwords
  2. Being selective with friend requests
  3. Avoiding sharing personal or sensitive information
  4. Avoiding clicking links that look suspicious
  5. Installing a trusted anti-virus software
  6. Changing privacy settings to limit who can see your content
September 2019 Part 9: Understanding threats in social media

References

Norton. (n.d.). 11 social media threats and scams to watch out for. Retrieved from: https://uk.norton.com/internetsecurity-online-scams-11-social-media-threats-and-scams-to-watch-out-for.html

Norton. (n.d.). 5 ways you didn't know you could get a virus, malware, or your social account hacked. Retrieved from: https://us.norton.com/internetsecurity-malware-5-ways-you-didnt-know-you-could-get-a-virus-malware-or-your-social-account-hacked.html

Vanman, E. (26 July 2018). We asked catfish why they trick people online—it's not about money. Retrieved from: https://phys.org/news/2018-07-catfish-people-onlineit-money.html

Cybersmile. (n.d.). Catfishing. Retrieved from: https://www.cybersmile.org/what-we-do/advice-help/catfishing

Stopbullying. (n.d.). What Is Cyberbullying. Retrieved from: https://www.stopbullying.gov/cyberbullying/what-is-it/index.html

Get Cyber Safe. (n.d.). Social Networking. Retrieved from: https://www.getcybersafe.gc.ca/cnt/rsks/nln-ctvts/scl-ntwrkng-en.aspx

June 2019 Part 8

What is Cyber Threat Intelligence (CTI)?

CTI primarily focuses on analysing raw data gathered from recent and past events to monitor, detect and prevent threats to an organisation, shifting the focus from reactive to preventive intelligent security measures. Ideally, CTI should become the foundation on which an organisation builds its secure, vigilant and resilient capabilities.

 

Why is CTI important?

CTI ensures organisations are informed and kept up to date with the volume of threats, including the methods, vulnerability, targets and actors within the space.

The potential benefits of having CTI include:

  1. Prevent data loss
  2. Detect breaches
  3. Understand what defence mechanisms are required
  4. Reveal additional information on threats and motives
  5. Creates awareness about the existence of other threats
  6. Provide guidance in the event of a breach

 

How to build an effective CTI framework for your organisation

  1. Define what is important: Understand what data analytics networks you own is the first step in identifying what CTI solutions your organisation will need.
  2. Set specific goals you want CTI to achieve: Defining clear, specific goals helps your organisation understand the current gap, and the tools needed to bridge that gap.
  3. Continuously refine your CTI feed: Criminals are ever evolving; your organisation need to constantly redefine and evaluate the CTI strategy to provide relevant, up-to-date insights.
  4. Get expert help: Many organisations choose to hire third-party managed security service providers to gain an entire team of cybersecurity experts at a fraction of the cost.
June 2019 Part 8: Cyber Threat Intelligence

References

Ali, S., Padmanabhan, V., & Dixon, J. (2014). Why cybersecurity is a strategic issue. Bain & Company. Retrieved from http://www2.bain.com/Images/BAIN_BRIEF_Why_cybersecurity_is_a_strategic_issue.pdf

Bandura Cyber. (2018). 2018 Threat Intelligence Report. Retrieved from https://banduracyber.com/wp-content/uploads/2018/10/2018_Threat-Intelligence_Report_Bandura-10-26.pdf

Conner, B. (22 May 2018). Forbes. Retrieved from https://www.forbes.com/sites/forbestechcouncil/2018/05/22/real-time-cyber-threat-intelligence-is-more-critical-than-ever/#518403c317fb

Deloitte. (n.d.). Cyber Threat Intelligence: Move to an intelligence-driven cybersecurity model. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/lu/Documents/risk/lu-cyber-threat-intelligence-cybersecurity-29102014.pdf

Dosal, E. (9 Oct 2018). How to Build an Effective Cyber Threat Intelligence Framework.
Compuquip Cybersecurity. Retrieved from https://www.compuquip.com/blog/build-an-effective-cyber-threat-intelligence-framework

Forcepoint. (n.d.). What are Indicators of Compromise? Retrieved from https://www.forcepoint.com/cyber-edu/indicators-compromise-ioc

Guccione, D. (11 Jan 2019). What is the dark web? How to access it and what you'll find. CSO Online. Retrieved from https://www.csoonline.com/article/3249765/what-is-the-dark-web-how-to-access-it-and-what-youll-find.html

Intel & Analysis Working Group. (n.d.). What is Cyber Threat Intelligence? Center for Internet Security. Retrieved from https://www.cisecurity.org/blog/what-is-cyber-threat-intelligence/

Ludlow, P. (13 Jan 2018). What Is a ‘Hacktivist’? The New York Times. Retrieved from https://opinionator.blogs.nytimes.com/2013/01/13/what-is-a-hacktivist/

McGuire, J. (6 May 2017). 5 Ways to Start Using Threat Intelligence Effectively. Crowe. Retrieved from https://www.crowe.com/cybersecurity-watch/using-threat-intelligence-effectively

Salinas, S. (11 Dec 2018). Understanding the Attack Surface and How to Defend It. Cylance: Threat Vector. Retrieved from https://threatvector.cylance.com/en_us/home/understanding-the-attack-surface-and-how-to-defend-it.html

SurfWatch Labs. (29 Jun 2016). New Cyber Threat Intelligence Case Study for Financial Services Released by SurfWatch Labs. Retrieved from https://www.surfwatchlabs.com/releases/2016/06/29/new_cyber_threat_intelligence_case_study_for_financial_services_released_by_surfwatch_labs

Van Impe, K. (18 Sep 2018). Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise. Security Intelligence. Retrieved from https://securityintelligence.com/raise-the-red-flag-guidelines-for-consuming-and-verifying-indicators-of-compromise/

Van Impe, K. (4 Jun 2018). What Are the Different Types of Cyberthreat Intelligence? Security Intelligence. Retrieved from https://securityintelligence.com/what-are-the-different-types-of-cyberthreat-intelligence/

December 2017 Part 7

The digital & cyber trends in 2018

2017 has been an eventful year with some of the largest breaches happening, such as the data breaches of Verizon, Equifax and Uber to list a few of the most recent events. It is also the year when Apple gave us the IPhone X with Face ID and Amazon gave us access to Alexa with its range of Echo devices. Now as 2017 draws to a close, you must wonder what is in store for 2018. Here is what we think you should look out for in the coming year.

  • The EU General Data Protection Regulation (GDPR) will be effective 25 May 2018 and non-compliant organisations will face significant impacts. Learn more about the EU GDRP here.
  • After the WannaCry ransomware disaster, Crime-as-a-Service (CaaS) will mature and flourish with more tools becoming available for non-technical aspiring criminals to purchase and conduct their own attacks. Read here for more details.
  • Data collected from the Internet of Things (IoT) devices such as smart watches will help businesses to develop more intelligent apps and smarter devices by applying Artificial Intelligence (AI) to learn about the human behaviour and identify areas where simple tasks may be replaced or more efficient. Read about each individual trend here.
  • An important development from the exponential growth of data is the use of edge computing together with cloud computing to deliver services. Learn more about this trend here.

In addition to the trends above, we have a Tech Trends report for your holiday reading. Deloitte’s ninth annual Tech Trends report identifies trends that are likely to disrupt businesses in the next 18-24 months, from enterprise data sovereignty to digital reality, API imperative, and more.

The trends reflect the macro forces fuelling growth— cloud, digital, and analytics— as well as the innovations built upon this foundation, such as blockchain and cognitive computing.

This year’s report spotlights ongoing transformations of core systems and, more broadly, of IT’s role within the enterprise. As in previous years, we balance these discussions with perspectives on how such changes are impacting IT operations and how companies respond to cyber risk. The pace of change across industries and the globe is only increasing. When organizations recognize connections between new technologies and bring them into harmony, they create something new and greater: the symphonic enterprise. Read Tech Trends reports here

November 2017 Part 6

Cyber Risks Troubling Organisations


One of the most severe cyber risks that organisations continue to face are data breaches. A data breach is an incident where information is stolen or taken from a system without the knowledge or authorisation of the system’s owner.
 

What are some impacts of a data breach?

  • Loss of sensitive, proprietary, or confidential information
  • Damage to an organisation’s reputation
  • Financial losses
  • Customers loss of trust in the organisation

 

What are some common breach methods?

Insider Leaks

  • A trusted individual or person of authority with access privileges stealing data from an organisation. E.g.  Some employees are willing to sell these data for personal profit

See story: http://www.businessinsider.sg/iphone-8-iphone-x-ios-11-leaks-inside-job-2017-9/?r=US&IR=T

 

Unintended Disclosure

  • Sensitive data is exposed through mistakes or negligence, mostly by insiders. Eg. More than 50% of the security breaches are due to human error because of failure to follow the organisation’s policies

See story: https://www.insuretrust.com/employee-mistakes-a-big-source-of-data-breaches/

 

Payment Card Fraud

  • Payment card information being stolen using physical skimming devices, phishing of personal information. Eg. Cyber thieves can use a stolen credit card to buy items online  

See story: https://pocketsense.com/causes-credit-card-fraud-5798165.html

 

Cyber Espionage

  • Cyber espionage describes the stealing of confidential information stored in digital formats or on computers and IT networks. It is similar to a high tech form of spying

See story: https://medium.com/threat-intel/cyber-espionage-spying-409416c794ec

 

Why data breaches are a significant risk?

  • Data breaches are no longer a binary proposition where an organisation either have or have not been breached
  • They are wildly variable, from breaches compromising entire global networks of highly sensitive data to others having little to no impact
  • According to the Ponemon Institute’s “2017 Cost of Data Breach Study: Global Overview,” the odds are as high as 1 in 4

 

Technology is meant to enhance and improve both business and consumer aspects of our era today. Unfortunately technology carry risks and open us up to vulnerabilities in the cyber world. To combat cyber attacks, a cyber security maturity framework is recommended. This is a set of standards and best practices from an industry, professional or international bodies which encompasses a logical structure for organisations to benchmark their current cyber capabilities.

A cyber security maturity framework is helpful for an organisation looking to strengthen their security, vigilance and resilience against cyber threats depending on their objectives and cyber-related risks.

There are a number of cyber security maturity frameworks available and while the approach may differ for each framework, organisations will be able to achieve its desired maturity level with any framework.

November Part 6: Cyber Risks Troubling Organisations

October 2017 Part 5

Shortage of Cybersecurity Talents


According to the estimates by the Center for Strategic and International Studies, cybercrime costs the global economy US$400 billion per year. With the escalating awareness and prominence of security breaches, securing physical and digital assets for the purpose of confidentiality, integrity and availability are a priority for every organisation. With the vital role cyber security professionals play in the business ecosystem, market demand for cyber security professionals is outpacing supply.

 

What are their roles and responsibilities?

  • Developing and designing enterprise security architecture
  • Monitoring and identifying threats in enterprise architecture
  • Conducting regular security assessment

 

Why are they important to organisations?

  • Most organisations face challenges in interpreting the detection or mitigation of cyber security threats
  • They develop and implement overarching processes

 

Why is there a shortage? 

  • As the skills of cyber attackers advances, cyber security professionals are more equipped than an IT professional to understand the tactics, techniques and procedures
  • Schools are still graduating cybersecurity majors and that means a lack of experience and exposure to realistic cyber attacks

 

What can you do?

  • Re-examine workforce strategies and improve recruitment outreach
  • Have a robust support program for new hires
  • Prioritise skills, knowledge, and willingness to learn when recruiting
  • Build a local cybersecurity ecosystem
  • Develop a strong culture of risk awareness
October 2017 Part 5: Shortage of Cybersecurity Talents

References

Disaster Resource Guide. The importance of cyber security within your organisation. Retrieved from Disaster Resource Guide: http://www.disasterresource.com/index.php?option=com_content&view=article&id=1717:the-importance-of-cyber-security-within-your-organization

Simpli Learn. (2017, August 9) Key roles & responsibilities of IT security professionals. Retrieved from Simpli Learn: https://www.simplilearn.com/it-security-professionals-key-roles-responsibilities-article

Dark Reading. (2017, August 22) Health IT & cybersecurity: 5 hiring misconceptions to avoid. Retrieved from Dark Reading: https://www.darkreading.com/careers-and-people/health-it-and-cybersecurity-5-hiring-misconceptions-to-avoid/a/d-id/1329932?

Dark Reading. (2017, September 12) The ‘team of teams’ model for cybersecurity. Retrieved from Dark Reading: https://www.darkreading.com/application-security/the-team-of-teams-model-for-cybersecurity/a/d-id/1329840?

Monster Cloud. (2017, March 25) Importance of cybersecurity in business. Retrieved from Monster Cloud: https://monstercloud.com/importance-of-cybersecurity/

Threat Analysis Group. Threat, vulnerability, risk – commonly mixed up terms. Retrieved from Threat Analysis Group: https://www.threatanalysis.com/2010/05/03/threat-vulnerability-risk-commonly-mixed-up-terms/

Harvard Business Review. (2017, May 4) Cybersecurity has a serious talent shortage. Here’s how to fix it. Retrieved from Harvard Business Review: https://hbr.org/2017/05/cybersecurity-has-a-serious-talent-shortage-heres-how-to-fix-it

Forbes. (2017, May 31) The top cybersecurity challenges experts are facing today. Retrieved from Forbes: https://www.forbes.com/sites/quora/2017/05/31/the-top-cyber-security-challenges-experts-are-facing-today/#54279fef2238

Forbes. (2017, March 16) The fast-growing job with a huge skills gap: cyber security. Retrieved from Forbes: https://www.forbes.com/sites/jeffkauflin/2017/03/16/the-fast-growing-job-with-a-huge-skills-gap-cyber-security/#407a0a3c5163

August 2017 Part 4

Anatomy of a Cyber Attacker


Cyber criminals are as diverse as their real-world counterparts. In the last five years, there have been cyber attacks targeted at all sorts of organisations. These criminal activities include breaking into private networks, stealing data and installing ransomware, etc. Every individual is responsible for an organisation’s cyber security and it is vital that you know your enemies and implement effective cyber security measures.

3 Types of Cyber Attackers
  1. White Hats

2. Black Hats

  • Black Hats are criminals, who use their ability to plunder individuals or organisations. They explore or develop software deficiencies and attack methods or other malicious tools to break into machines and steal data, such as passwords, email, intellectual property, credit card numbers or bank account credentials.
    Source: http://www.wonderslist.com/top-10-black-hat-hackers/
     

3.  Grey Hats

  • Grey Hats fall into the middle ground between the White and Black Hat categories. Often, Grey Hat hackers look to expose vulnerabilities in a system to inform an organisation of the defect or share it with a group of people. Although, these hackers are not usually motivated by personal gain, their actions may be considered illegal or unethical.
    Source: http://www.bbc.com/news/technology-28524909

 

Key takeaways

Two factors that determine the type of hacker:

  1. What are their intentions?
  2. Are their intentions law-breaking?


Four primary motivators:

  1. Financial Gain
  2. Ideology or Politics
  3. Entertainment
  4. Cyber Protection
     

Not all hackers have malicious intent. Hacking can be used for good and evil, it boils down to the hacker’s intent. In mainstream media, the term “hacker” is usually related to cyber criminals. A hacker could be anyone regardless of intentions or methods. Hacking is not an illegal activity unless their actions compromises a system without an owner’s permission.

August 2017 Part 4: Anatomy of a Cyber Attacker

References

Cross Domain Solutions. Types of Cyber Crimes. Retrieved from Cross Domain Solutions: http://www.crossdomainsolutions.com/cyber-crime/

The Guardian. (2017, August 23). Identity fraud reaching epidemic levels, new figures show. Retrieved from The Guardian: https://www.theguardian.com/money/2017/aug/23/identity-fraud-figures-cifas-theft

Channel News Asia. (2017, 19 March). Ethical hackers on the frontline, keeping your home safe from cyber-attacks. Retrieved from Channel News Asia: http://www.channelnewsasia.com/news/singapore/ethical-hackers-on-the-frontline-keeping-your-home-safe-from-cyb-8577866

Make Use Of. (2012, July 13). 5 of the World’s Most Famous And Most Influential White Hat Hackers. Retrieved from Make Use Of: http://www.makeuseof.com/tag/5-worlds-famous-influential-white-hat-hackers/

Express. (2015, September 1). Lizard Squad: The notorious hacking group who brought down UK government website. Retrieved from Express: http://www.express.co.uk/life-style/science-technology/602157/Lizard-Squad-Hacking-Group-Ddos-Attack-PS4-Xbox-NCA

Technotification.com (2014, December 30). Top 10 Black-Hat Hackers in the World. Retrieved from Technotification.com: https://www.technotification.com/2014/12/top-10-best-black-hat-hackers-in-the-world.html

The Guardian. (2016, August 8). The state of cyber security: we’re all screwed. Retrieved from The Guardian: https://www.theguardian.com/technology/2016/aug/08/cyber-security-black-hat-defcon-hacking

The Mental Club. (2015, April 5). Top 5 Black Hat Hackers of the World. Retrieved from The Mental Club: http://thementalclub.com/top-5-black-hat-hackers-world-572

Toptenz.net. (2010, May 24). Top 10 Infamous Hackers. Retrieved from Toptenz.net: http://www.toptenz.net/top-10-infamous-hackers.php

IT World Canada. (2012, January 3). Experts divided om ‘grey hat’ hackers. Retrieved from IT World Canada: http://www.itworldcanada.com/article/experts-divided-on-grey-hat-hackers/45669

Techopedia. Hactivism. Retrieved from Techopedia: https://www.techopedia.com/definition/2410/hacktivism

Express. (2016, May 11). ‘This is just the beginning’ Anonymous hackers take down nine banks in 30-day cyber attack. Retrieved from Express: http://www.express.co.uk/news/world/669346/Anonymous-hackers-take-down-nine-banks-in-30-day-cyber-attack

Entrepreneur.com. (2017, March 2). 4 Easy Ways to Protect Your Company From a Cyber Attack. Retrieved from Entrepreneur.com: https://www.entrepreneur.com/article/289680

July 2017 Part 3

Anatomy of a Cyber Attack


One of the most important knowledge that a cyber security professional would have to know is the Cyber Kill Chain. The Cyber Kill Chain is a seven-stage model that illustrates how cyber criminals get to their victims and target on the system’s vulnerabilities.

7-Stages of Cyber Kill Chain
  1. Reconnaissance
  • Attacker gathers information on the target before launching attack. They usually look for publicly available information on the Internet.
     

2. Weaponization

  • The attacker uses an exploit and create a malicious payload to send the victim without actual contact with them.
     

3.  Delivery

  • Attacker sends malicious payload to the victim by email or through other means, which is only one of the numerous intrusion methods the attacker can use.
     

4.  Exploitation

  • The actual exploitation only takes place when the attacker uses an exploit.
     

5.  Installation

  • Installing malware on the infected computer is only relevant if the attacker used malware as part of the attack.
     

6.  Command and Control

  • The attacker creates a command and control channel to continue operating his internal assets remotely.
     

7.  Actions

  • Attacker performs these steps to achieve his actual goals inside the victim’s network.

 

Key takeaways

Knowing and understanding the “7 Steps of The Cyber Kill Chain” enable organisations to trace the movements of an attacker and take the necessary security precautions to prevent such attack from happening.

However, over-focus on this area can also be detrimental to network security. A persistent, highly determined and skilled attacker will always find a way into the network. Thus, instead of analysing old malware, organisation should also focus on detecting ongoing attacks before the damage is done.

July 2017 Part 3: 7 Stages of Cyber Kill Chain

References

Deloitte.com. Responding to cyber threats in the new reality.
Retrieved from Deloitte.com: https://www2.deloitte.com/content/dam/Deloitte/sg/Documents/risk/sea-risk-cyber-thought-leadership-noexp.pdf

Alien Vault. Defend like an attacker: Applying the cyber kill chain
Retrieved from Alien Vault: https://www.alienvault.com/blogs/security-essentials/defend-like-an-attacker-applying-the-cyber-kill-chain

Telelink. Access Networking Threats, Corporate WAN Threats, IT Threats
Retrieved from Telelink: http://itsecurity.telelink.com/reconnaissance/

Techopedia. Active Reconnaissance.
Retrieved from Techopedia: https://www.techopedia.com/definition/3650/active-reconnaissance

The Guardian. (2016, October 22). Cyber attack: hackers ‘weaponised’ everyday devices
with malware. Retrieved from The Guardian: https://www.theguardian.com/technology/2016/oct/22/cyber-attack-hackers-weaponised-everyday-devices-with-malware-to-mount-assault

University of Pennsylvania. Cyber Weapons. Retrieved from University of Pennsylvania: https://sites.google.com/site/uscyberwar/cyber-weapons

Alert Logic. (2016, December 30). The Cyber Kill Chain: Understanding Advanced Persistent Threats. Retrieved from Alert Logic: https://www.alertlogic.com/blog/the-cyber-kill-chain-understanding-advanced-persistent-threats/

Dark Reading. (2016, September 9). A Twist On The Cyber Kill Chain: Defending Against A Javascript Malware Attack. Retrieved from Dark Reading: http://www.darkreading.com/attacks-breaches/a-twist-on-the-cyber-kill-chain-defending-against-a-javascript-malware-attack/a/d-id/1326952

CNN. (2017, June 28). Another big malware attach ripples across the world. Retrieved from CNN: http://money.cnn.com/2017/06/27/technology/hacking-petya-europe-ukraine-wpp-rosneft/index.html

Bleeping Computer (2017, July 20). Valve Patches Security Flaw That Allows Installation of Malware via Steam Games. Retrieved from Bleeping Computer: https://www.bleepingcomputer.com/news/security/valve-patches-security-flaw-that-allows-installation-of-malware-via-steam-games/

RSA. (2012, August 16). Stalking The Kill Chain: The Attacker’s Chain. Retrieved from RSA: https://blogs.rsa.com/stalking-the-kill-chain-the-attackers-chain-2/

News. (2017, May 15). Ransomware cyberattack hits Australia as EU warns victims worldwide may grow. Retrieved from News: http://www.abc.net.au/news/2017-05-14/ransomware-cyberattack-threat-lingers-as-people-return-to-work/8525554

Infosec Institute. (2013, May 21). Cyber Kill Chain is a Great Idea, But Is It Something Your Company Can Implement. Retrieved from Infosec Institute: http://resources.infosecinstitute.com/cyber-kill-chain-is-a-great-idea-but-is-it-something-your-company-can-implement/#gref

June 2017 Part 2

What are your risks?

Cyber Theft

  • Online payment systems may not guarantee the safety of your money – $81M stolen from central bank of Bangladesh in 2016 cyber heist
  • Drugs, information and your credit card data – Take your pick in the online black markets
     

Identity Theft

  • Is your child’s identity at risk? – Young mum experiences ‘digital kidnapping’

Cyber Bullying

  • Cyber bullying can kill - How it can lead to suicide
     

Ransomware

  • Your data and devices could be held hostage – Find out the anatomy of a ransomware
     

How is your data retrieved?

Social Engineering Attacks

  • Baiting – Watch what happens when you plug a foreign device into your computer
  • Phishing – Personal details targeted in phishing emails that appears as Google Docs
  • Pretexting – Your board director can be an impersonator to get your phone records (Hewlett-Packard incident)
  • Read more on social engineering fraud


Oversharing

  • Social media alone can help cyber criminals know you better– 30% of internet users vulnerable to attacks
  • Google tracks you by what you share – Here’s how to stop it
  • Think before you post – When it can cost you your job
     

What can you do?

  • Be discreet about your privacy settings and ‘check-in’s.
  • Be sure you know who people are before accepting connections
  • Be wary about messages from unfamiliar emails
June 2017 Part 2: Your Biggest Risk Could Be You

References

Daily Mail. (2016, April 23). Hackers steal $81 million from a Bangladeshi bank with no firewall... and were only caught out when the illiterate fraudsters spelt 'foundation' as 'fandation'. Retrieved from Daily Mail: http://www.dailymail.co.uk/news/article-3555298/Hackers-steal-81-million-Bangladeshi-bank-no-firewall-caught-illiterate-fraudsters-spelt-foundation-fandation.html#ixzz4oaAuU5g3

News. (2016, January 18). Suspicion and mistrust: Total anarchy on the dark web. Retrieved from News: http://www.news.com.au/technology/online/security/suspicion-and-mistrust-total-anarchy-on-the-dark-web/news-story/e9240f00f4a69206e811efc4086b9213

Yahoo. (2015, March 3). The Disturbing Facebook Trend of Stolen Kids Photos. Retrieved from Yahoo: https://www.yahoo.com/news/mom-my-son-was-digitally-kidnapped-what-112545291567.html

CNN. (2016, December 1). Teen who was relentlessly bullied kills herself in front of her family. Retrieved from CNN: http://edition.cnn.com/2016/12/01/health/teen-suicide-cyberbullying-trnd/index.html

Deloitte.com. Ransomware is moving to the next level. Retrieved from Deloitte.com: https://www2.deloitte.com/lu/en/pages/risk/articles/ransomware-moving-next-level.html

Deloitte.com. Cyber video: Companies like yours. Retrieved from: https://www2.deloitte.com/global/en/pages/risk/articles/cybervideo-companies-like-yours.html

NBC News. (2017, May 4). Massive Phishing Attack Targets Gmail Users. Retrieved from NBC News: http://www.nbcnews.com/tech/security/massive-phishing-attack-targets-millions-gmail-users-n754501

The New York Times. (2006, September 8). Hewlett-Packard Spied on Writers in Leaks. Retrieved from The New York Times: http://www.nytimes.com/2006/09/08/technology/08hp.html

Deloitte.com. Safeguarding your enterprise from social engineering fraud risks. Retrieved from Deloitte.com: https://www2.deloitte.com/in/en/pages/finance/articles/social-engineering-fraud-risks.html

ETCIO.com. (2016, January 10). Oversharing on social networking sites leaves 30% internet users vulnerable to cybercrime. Retrieved from ETCIO.com: http://cio.economictimes.indiatimes.com/news/digital-security/oversharing-on-social-networking-sites-leaves-30-internet-users-vulnerable-to-cybercrime/50517472

Wired. (2017, March 20). Google tracks everything you do: here’s how to delete it. Retrieved from Wired: http://www.wired.co.uk/article/google-history-search-tracking-data-how-to-delete

Deloitte.com. Phishing and ransomware can be your worst nightmares, how can you prevent these evolving threats. Retrieved from Deloitte.com: https://www2.deloitte.com/lu/en/pages/risk/articles/phishing-ransomware-how-to-prevent-threats.html

May 2017 Part I

Hunting in the Cyberspace

You may have read the recent news about one of the largest cyber attacks, the WannaCry Ransomware. This incident is a wake-up call to all organisations alike, requiring global responsibility and attention to prevent future episodes. We hope to shed light on the fundamentals of cyber security with this 8 part Edu-series to help you understand and protect your data.

Cyber attacks, unlike physical warfare, transcend national borders by compromising computer systems and networks. In this interconnected digital sphere, they threaten the very infrastructures that nations and corporations depend on. Data theft, manipulation of networks and disabling online platforms have amounted to considerable repercussions.

Undeniably, major cyber infringements demonstrate the vulnerability of all organizations’ systems. The growing trend of political cyber attacks has formed a new field of spying: cyber espionage – superpowers have engaged cyber software such as Stuxnet, Flame and DuQu, in an attempt to monitor, collect and control its target. Subscribe for more information!

References

BBC. (2010, August 25). Secret US military computers 'cyber attacked' in 2008. Retrieved from BBC: http://www.bbc.com/news/world-us-canada-11088658

BBC. (2013, January 31). New York Times 'hit by hackers from China'. Retrieved from BBC: http://www.bbc.com/news/world-asia-china-21271849

Broad, W. J., Markoff, J., & Sanger, D. E. (2011, January 15). Israeli Test on Worm Called Crucial in Iran Nuclear Delay. Retrieved from The New York Times: http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

CNET. (2017, May 15). WannaCry ransomware: Everything you need to know. Retrieved from CNET: https://www.cnet.com/news/wannacry-wannacrypt-uiwix-ransomware-everything-you-need-to-know/

Fiegerman, S. (2016, December 15). Yahoo says data stolen from 1 billion accounts. Retrieved from CNN: http://money.cnn.com/2016/12/14/technology/yahoo-breach-billion-users/index.html?iid=EL

Jones, S. (2014, August 29). Ukraine: Russia’s new art of war. Retrieved from Financial Times: https://www.ft.com/content/ea5e82fa-2e0c-11e4-b760-00144feabdc0

Lee, T. B. (2013, November 1). How a grad student trying to build the first botnet brought the Internet to its knees. Retrieved from Washington Post: https://www.washingtonpost.com/news/the-switch/wp/2013/11/01/how-a-grad-student-trying-to-build-the-first-botnet-brought-the-internet-to-its-knees/?utm_term=.7cf9a699c497

Russell, A. (2004, February 28). CIA plot led to huge blast in Siberian gas pipeline. Retrieved from Telegraph: http://www.telegraph.co.uk/news/worldnews/northamerica/usa/1455559/CIA-plot-led-to-huge-blast-in-Siberian-gas-pipeline.html

Telegraph. (2013, January 14). Red October computer virus found. Retrieved from Telegraph: http://www.telegraph.co.uk/technology/news/9800946/Red-October-computer-virus-found.html

Did you find this useful?