Monthly Archive February 2020

BySubham Paul

The Perils of Swarm Technology – Are you ready for a Swarm Attack?

Have you ever imagined your organization’s network getting infiltrated by a bot swarm that eventually steals data and leaves you spellbound? If you haven’t, it is time to beware of such a possibility. Advances in Artificial Intelligence have made intelligence sharing and correlation a possible approach for specialized bots to interact amongst themselves in real-time and improvise an attack in perfect synchronization. We have entered the age of swarm technology and it is only apt to brace ourselves for an impending attack from the new miscreants.

Understanding Swarm Attacks

When we talk about swarm technology, we usually refer to the mechanism that drives intelligent and autonomous bots (also called Swarmbots) to collaborate in large swarms. For solving certain problems, we require clusters of devices that can work as a unit. When these Swarmbots are compromised, the problem-solvers turn into potential problem creators that can discover loopholes in the hardware, software, and networks and expose them to disastrous proportions. This is made possible by a process of training the bots to hunt for such vulnerabilities and leverage those, a process infamously known as Machine Learning Poisoning.

What are Swarmbots capable of doing?

Does reading this remind you of specific movie scenes involving bot clusters wreaking systematic havoc? That’s precisely the way we want you to imagine! In real technology, such swarms witness dynamic allocation and reallocation of bots that can be used to orchestrate customized attacks, a few of the features of which are mentioned below:

  • AI fuzzing in detecting points for Zero-Day exploitation.
  • Lateral movement across a network for expanding the surface of the attack.
  • Apply real-time data to evade barriers (or detection)
  • Collaborative efforts to infiltrate near-perfect robust networks
  • Taking full control of the resources of the target

SADDD – The strategy basket to evade Swarm Attacks

A popular belief guides us to fight fire with fire. Hence, potential targets of swarm attacks must replicate the collaboration and automation to build the defensive wall of protection. Here are some strategies (nicknamed as SADDD) which can boost the security of your systems and help you evade attacks by Swarmbots:

  • Standardized Security Architecture – this integrates centralized orchestration, specialized components, and best practices to add teeth to the scalability, intelligence, and speed to secure vulnerable systems.
  • Automated Security Systems – this shall help compromised systems respond to attacks dynamically with the help of systematic coordination, real-time analysis, and fool-proof integration.
  • Dynamic Network Segmentation – this shall make sure that only the compromised devices or network nodes get affected and the rest of the resources are safe.
  • Disciplined Patching Exercises – this shall continuously cover the areas of your systems that are exposed to swarm attacks with the help of sandboxes, intrusion-prevention mechanisms, and other advanced security tools.
  • Deeply Integrated Security – this shall integrate security processes and protocols with the extended technology landscape to increase the control and visibility in detecting threats in complex networks.

The pace at which malware evolution is progressing calls for an ever proactive approach to beef up cybersecurity systems across enterprises. As risk mitigation strategies keep getting obsolete, it is highly necessary to digitally transform the overall security strategy for the organization. This shall lend the required flexibility to adapt to any unforeseen threat. Using this approach shall certainly help your organization enhance its threat intelligence and build the defensive wall to keep swarm attacks at bay.

BySubham Paul

CF BYTES – Issue #3

It is just the second month of the new year and we have already been fed with a huge array of developments in the cybersecurity industry. At the same time, the incidents of cyberattacks have been on the rise, continuing to affect organizations and society at large. With this, CF Bytes is back with the latest issue about the major global cybersecurity developments and cyberattacks in the last fortnight.

Top 5 cyberattacks

  1. A hacker named Phineas Fisher published more than 2TB of data from the Cayman National Bank. This data includes more than 640,000 emails and the data related to more than 1400 customers. (read more…)
  2. EKANS, a mysterious ransomware has set industrial control systems as its targets. This is apparently the work of cybercriminals, rather than nation-state hackers. (read more…)
  3. The computer network of Lawrence County, Indiana government was breached by hackers, damaging multiple critical systems. Fortunately, the county’s 911 system was spared. (read more…)
  4. East Bay biotech company suffered losses of $20 million post a ransomware attack. (read more…)
  5. Red Kite Community Housing has been robbed off more than £932,000 after its domain and email details of known suppliers were mimicked by cybercriminals. (read more…)

Top 5 cybersecurity developments

  1. IT admins patched 80 percent of public-facing boxes of Citrix to close the now-infamous hijack hole. Around 20% of the devices vulnerable to the CVE-2019-19781 flaw (also called Shitrix), which allowed remote hijacking, remain unpatched and vulnerable to remote attacks. (read more…)
  2. The World Economic Forum developed a Cybersecurity Due Diligence Assessment Framework that consists of two parts, namely organizational security and product security. Investors can use this framework to evaluate an organization’s cybersecurity along with the security of technological or product innovation. (read more…)
  3. Deep Instinct, an Israeli cybersecurity company that employs machine learning in predicting, identifying, and preventing cyberattacks, raised $43 million in a Series C funding round. Nvidia, Millennium New Horizons, and LG join Samsung and HP as the firm’s investors. (read more…)
  4. Researchers from Cardiff have recently written software that can detect and classify cyberattacks on smart home devices such as speakers, security cameras and thermostats. In tests, it identified attacks on such devices (e.g.: Amazon Echo Dot and Apple TV set-top box) with around 90 percent accuracy. (read more…)
  5. Accenture recently introduced a new Cyber Incident Response Service for AXA XL clients. This service can help the business in responding to a cyberattack and in initiating an immediate recovery protocol. (read more…)

Stay tuned to CF Bytes for more periodical updates on cyberattacks and developments in the ever-evolving world of cybersecurity.

References

  1. https://neoslab.com/2019/11/18/hacker-publishes-2tb-of-data-from-cayman-national-bank-aUdjeU9uNEx1SXNxUkE5VHEwOTJIUT09
  2. https://www.wired.com/story/ekans-ransomware-industrial-control-systems/
  3. https://www.wdrb.com/news/cyberattack-on-lawrence-county-indiana-compromised-multiple-critical-systems-officials/article_3c1d3996-4a23-11ea-a037-73fd3991f81b.html
  4. https://www.bizjournals.com/sanfrancisco/news/2020/02/14/cyberattack-costs-east-bay-biotech-company-20.html
  5. https://www.todaysconveyancer.co.uk/main-news/successful-cyber-attack-almost-nets-1m/
  6. https://www.cyberreport.io/news/good-it-admins-scrambled-to-patch-80-per-cent-of-public-facing-citrix-boxes-to-close-nightmare-hijack-hole?article=15101
  7. https://www.weforum.org/agenda/2019/07/why-cybersecurity-should-be-standard-due-diligence-for-investors/
  8. https://www.timesofisrael.com/cybersecurity-startup-deep-instinct-raises-43-million-in-funding-round/
  9. https://www.dailymail.co.uk/sciencetech/article-7987369/New-software-detect-cyber-attacks-smart-home-devices.html
  10. http://business-newsupdate.com/accenture-unveils-new-cyberattack-response-service-for-axa-xl-clients
BySubham Paul

Safeguarding against E-skimming – The silent troublemaker in online payments

Sticking to the concept of evolution, bad actors on the web have come up with yet another channel to get their work done. This new threat has grabbed eyeballs after affecting global retailers such as Puma, Macy’s, Target and British Airways and helping hackers steal millions of credit card numbers over the past 2 years. Termed E-skimming, this is one of the latest threats to the cyber community, especially when it comes to making online payments. This article aims at throwing some light on it and the ways for the average internet user to safeguard himself/herself.

What is E-skimming all about?

Similar to its offline counterpart (skimming of credit cards at POS terminals), E-skimming, also called Formjacking, is a mechanism by which a hacker inserts special JavaScript code into the retailer’s website. This piece of code copies the information which the user enters and passes it on to the hacker. This information can be very sensitive, with high chances of including critical financial data such as credit/debit card details. This information is then either used by the hacker directly or sold on the dark web.

Ways to safeguard yourself against E-skimming

  • Avoid providing sensitive information such as date of birth, bank account details, social security number, etc. at places where it is not required.
  • Avoid making payments on websites not having an https protocol.
  • Use reliable payment platforms such as PayPal and Google Pay which fully encrypt credit card information.
  • Disable scripts of your web browser while using the webpage where you shall need to enter credit card information.
  • Try to use browsers that put additional focus on security and privacy. Brave is one such browser.
  • Try to adopt virtual credit cards in making online payments for specific merchants and specific transactions. This is a safer alternative than using debit cards.
  • Watch out for customer reviews suggesting that the website is prone to E-skimming. If you find any such review, make sure you avoid making online payments on that platform until it is officially confirmed to be safe.
  • Keep a periodic check on your bank statements and credit score so that any suspicious activity is detected early.
  • Record the reference/acknowledgment numbers of all order confirmation, payment completion and similar stages for a smoother recovery procedure.
  • In case of any suspicious activity, contact your credit card provider at the earliest.

The above measures can significantly reduce the risk of your joining the already huge list of innocent victims. Stay tuned to our blog for more reads on relevant cybersecurity topics and emerging threats.

BySubham Paul

CF BYTES – Issue #2

A cyberattack is always a piece of bad news for every concerned stakeholder of the victim. Similarly, any new development in cybersecurity needs to reach to every modern-day user, either as a part of an organization or the public in general. In this regard, we bring to you the top 5 cyberattacks and developments in cybersecurity that were observed in the last fortnight in this latest edition of CF Bytes.

Top 5 cyberattacks

  1. The iPhone of Amazon’s Chief Executive Jeff Bezos was hacked after he received a WhatsApp video containing spyware. (read more…)
  2. A leaked report shows that a major cyberattack of last year compromised 42 servers of the United Nations. (read more…)
  3. SpiceJet suffers a massive data breach that exposed the data of over 1.2 million passengers along with internal data regarding flights. (read more…)
  4. Greenville Water, a South Carolina water company faced a cyberattack on its phone and online payment systems. This affected 500,000 customers and the company has been taking steps to recover from the attack. (read more…)
  5. Electronic Warfare Associates (EWA), a US government technology contractor faced a Ryuk ransomware attack. Most likely, the entry medium was a phishing email. (read more…)

Top 5 cybersecurity developments

  1. The Cybersecurity Maturity Model Certification version 1.0 was unveiled by the Pentagon which has multiple cybersecurity standards across 5 levels that its associated companies have to follow. (read more…)
  2. ImmuniWeb‘s research on 100 of the world’s largest airports for web and app security showed that 97% of airports showed weak signs of security, including outdated software and non-compliance of GDPR. (read more…)
  3. It was found that most financial institutions are exposed to a dangerous vulnerability involving GPS systems that can put connected machines, especially ATMs, at a huge cybersecurity risk. (read more…)
  4. The US Securities and Exchange Commission laid out new cybersecurity practices to be observed in the financial industry which include patch management, incident response plan, and employee training. (read more…)
  5. Meditology Services LLC, a healthcare cybersecurity and privacy consulting company, has been ranked as the ‘Best in KLAS’ firm for Cybersecurity Advisory Services. (read more…)

Stay tuned to CF Bytes for more periodical updates on cyberattacks and developments in the ever-evolving world of cybersecurity.

References

  1. http://www.startribune.com/attack-on-bezos-phone-shows-spyware-becoming-more-powerful/567369012/?refresh=true
  2. https://www.forbes.com/sites/daveywinder/2020/01/30/united-nations-confirms-serious-cyberattack-with-42-core-servers-compromised/#7f23fc17633d
  3. https://techviral.news/a-massive-data-breach-at-spicejet-exposed-data-of-1-2-million-passengers/
  4. https://www.infosecurity-magazine.com/news/cyber-attack-on-greenvillewater/
  5. https://www.infosecurity-magazine.com/news/us-defense-contractor-hit-by-ryuk/
  6. https://www.nationaldefensemagazine.org/articles/2020/1/31/pentagon-rolling-out-new-cybersecurity-standards-for-industry
  7. https://www.grahamcluley.com/airport-cybersecurity-study/
  8. https://www.americanbanker.com/news/the-cybersecurity-threat-lurking-in-the-gps-systems-banks-count-on
  9. https://www.infosecurity-magazine.com/news/sec-cybersecurity-practices-of/
  10. https://www.streetinsider.com/Business+Wire/Meditology+Services+Ranked+%231+for+Cybersecurity+Advisory+Services+in+2020+Best+in+KLAS+Report/16397873.html
Social media & sharing icons powered by UltimatelySocial