Deloitte Cyber Attack – How many time does it need to be said

September 25, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on Deloitte Cyber Attack – How many time does it need to be said
Tags: , , , ,

Install Two Factor Authentication.

How often does it need to be said?

This afternoon it was announced that Deloitte has suffered a Cyber Attack earlier this year. Where a malicious attacker gained access to Deloitte’s infrastructure, and was able to read and access significant amounts of data of Deloittes data.

Specifically they gained access to the email systems/archive and were able to gain access to files and information that was sent to clients.

The investigation however, revealed that the way that the attacker gained access to the network was via an administration account into their Microsoft Azure Service. That was only protected by username and password.

There was no multi or two-factor authentication on this particular service.

This is a major lapse as multifactor authentication just makes it so much more challenging to gain access to a service or account if it is more than username and password.

Multifactor authentication should always be activated on any service/account you own.

Advertisements

CCleaner – Trusted Application Compromised

September 18, 2017 at 4:16 pm | Posted in Cyber Security | Comments Off on CCleaner – Trusted Application Compromised
Tags: , , , , , ,

Cisco’s cyber threat intelligence division TALOS released details today of a major exploit that it has discovered within popular PC clean up program CCleaner.

TALOS’s investigation began last week when they noticed that the latest installation of CCleaner was triggering Cisco’s Advanced Malware Protection systems indicating that the software was malicious.
Further investigations indicated that within the download for CCleaner there was a hardcoded commander and control request to download malicious software through a Backdoor.

Cisco immediately informed the manufacturers of CCleaner of the exploit and a fresh version has been released.

If you have CCLeaner 5.33 please do download the latest version immediately as this has fixed the potential issue.

The bigger concern is that millions of people could have downloaded this application from a trusted supplier since the exploit was installed by the attacker and shows the importance of cyber security in order to maintain brand reputation as like Neytra attack earlier this year this is a trusted application.

for further reading check out TALOS’ blog
http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

Equifax Compromised – Potential cost of $72 Billion

September 8, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on Equifax Compromised – Potential cost of $72 Billion
Tags: , , , , ,

Equifax, one of the big three Credit checking agencies announced last night that cyber criminals had gained access to its customer database and potentially about 143 Million of its customers have been compromised.

This is particularly concerning as the attackers had access to Equifax’s systems for almost two months and the level of information that was access, social security numbers, addresses, dates of birth, credit card numbers.

This is one of the worst data breaches I have seen in years and the response from Equifax has been poor.

For starters, they registered a new domain in order to respond to queries from 45% of the US adult population if they have been compromised in the breach. The Security companies promptly blocked it as potential phishing website as several have sprung up since.

Most damning of all, executives were allowed to sell millions in stock options after the breach was detected internally.

I cannot see this not going down the legal route.

However, this particular Data Breach allows us to put a potential cost of the Breach to it excluding the brand damage and any law suits.

Equifax is offering its Identity protection and credit monitoring services to all US residents who could have been affected by this breach.

That is around 300 million people, and the service costs $240 a year ($20 a month)

That is a potential cost of $72 Billion Dollars.

A good cyber security solution doesn’t cost that much.

The First Hack – 1903

September 5, 2017 at 4:15 pm | Posted in Cyber Security, Musings | Comments Off on The First Hack – 1903
Tags: , , ,

A Bit of a History lesson today, following a conversation with some of the recent graduates receiving a briefing on cyber security and hacking of communications in general. One of them asked a fateful question.

What was the first recorded hacking? Communications deception goes back millennia to the era and writings of Sun Tzu. In the modern parlance, however we need to go back to the dawn of Wireless communication in 1903 with John Fleming and Guglielmo Marconi and the rival to Marconi’s company Nevil Maskelyne.

Now Maskelyne’s company was struggling with the upstart Marconi company threatening market share and beginning to take the market in wireless communications with them able to demonstrate trans-atlantic wireless communication earlier in 1903. It in June 1903 that Fleming and Marconi set up a demonstration at the Royal Institution theatre in London of their secure wireless communication over long distance.

Fleming was presenting the lecture and Marconi was three hundred miles away in Cornwall getting ready to send the message.

Maskelyne however, learned that the demonstration would not be using specific tuned equipment and so he enacted his plan.

By setting up his on transmitter, a short distance from the Theatre he was able to overpower the communications from Cornwall and the printer in the Theatre began to print insults and limericks that had been sent by Maskelyne.

The First hack of radio communications has been completed.

The incident did little to harm Marconi and Fleming however, with Radio communication evolving to the modern internet of today.

August 2017 White Board Update

September 4, 2017 at 5:00 pm | Posted in Cyber Security | Comments Off on August 2017 White Board Update
Tags: , , , ,

So the White board has been wiped for the new financial month at work and now I can reveal the statistics behind the last financial month of the incidents recorded in August.

As a reminder the criteria to get on this list is that the Breach/Attack needs to be reported in major media outlet and be over 5000 records in size.

•             Average Time between Attack/Breach 2.25 Days.
•             Over a Million Records Compromised
•             7 Cyber Attacks & 12 Data Breaches.
•             Two Large Scale DDoS Attacks this month
•             One Data breach was undiscovered for 14 years.

Some of the more interesting cyber security incidents of the last month has been the attempted attack of the Scottish Parliament and the news that due to an insider threat a hospital in the United States suffered a data breach that went undetected for fourteen years.

There was also the HBO Data breach where a Cyber Criminal attempted to blackmail HBO in order not to leak the data of the latest Game of thrones series.

However, even though the UK has been on holiday for much of the month of August the Cyber security incidents have now slowed down or eased off and have remained consistent with July.

US Navy Collisions – Was it a Cyber Attack that caused it?

August 31, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on US Navy Collisions – Was it a Cyber Attack that caused it?
Tags: , , ,

Short answer No.

The longer answer is more complicated as it goes back to what communications technology that warships use when on deployment. When a Warship is on an active deployment communications between the ship and the shore are on encrypted high band traffic.

This is a completely different system from the conventional communications used by Merchant ships and the public as a whole, which means that it is not a Hack in the traditional sense.
In order to compromise a warships system you would need to gain access to the communication systems themselves that are generally hardened technology not connected to the outside internet, which means that a physical connection is required.

As such, it is considerably more challenging and unlikely that a warship is hacked as unless someone physically got on-board or compromised the hardened communications and information then these ships were not subject to a cyber-attack.

More likely, these were accidents because of a lack of physical on the water training as opposed to anything malicious.

White Board update 19th July

July 19, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on White Board update 19th July
Tags: , , ,

My white board at the office has gained a lot of respect and traction not only from the team but from those outside the team as well as due to its prominent place in the office it causes people to stop and look at it when walking by.

This afternoon I did a quick calculation and research into the costs and scale of the data breaches recorded on my white board. The Criteria for reaching the whiteboard is that it must be published in a large media outlet (The Times, BBC, CNN, Chicago Tribune, ABC etc) and be over a scale size of over 5000 records.

The numbers are quite astounding,

  • The Estimated cost of the Attacks and Breaches on my board is around $1 Billion Dollars.
  • Over 135 Million records have been compromised.
  • There have been six major Cyber Attacks and nine large Data Breaches.
  • Seven caused by Insider threats of some description.
  • 5 days between recorded events on Average

There are scores of other data breaches and attacks that did not meet the criteria of my white board and even more that do not go reported.

Blog at WordPress.com.
Entries and comments feeds.