Beyond compliance: How GDPR can give hackers the upper hand

Published:

Since the implementation of the EU’s General Data Protection Regulation (GDPR) in May, media reports of data breaches have skyrocketed. British Airways, Facebook, Ticketmaster, and Cathay Pacific are all organisations that have made headlines over the last months showing the breadth of sectors affected worldwide by data compromises.

Compliance-driven pieces have been a relatively common occurrence in the media since the application of GDPR. We however aim to look in this blog post at GDPR from a threat actors’ perspective. With GDPR bringing in major changes on the management and transfer of data, threat actors are likely to find innovative ways to exploit and benefit from these changes.

Continue reading
Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Bank Reconnaissance, A Hacker’s Guide

Published:

For much of the time, cybersecurity researchers can find themselves limited to informed speculation and assessment about the sort of activity that cybercriminals perform, prior to launching a large cyber-theft operation. We believe that they will be performing reconnaissance on employees at the bank, particularly those in privileged positions linked to the payment and IT platforms, but some of the more precise details are limited. However, every now and again, information will be leaked which can provide some unique insight into the activities of cybercriminal groups and what they look for in a victim.

Continue reading

Politics aside, what we can learn from the DOJ’s indictment of 12 Russian officers

Published:

On the 16th July, the Department of Justice indicted 12 Russian nationals for their role in the cyber operations against the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC). It was the latest in a series of private sector and government publications that provide proof tying Russian hackers to the breaches of Democrat Party institutions and the theft of confidential information.

Continue reading

Cybercrime in the Retail and Hospitality Industries

Published:

Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.

Continue reading
Digital sovereignty in the age of connectivity: RuNet 2020

Digital sovereignty in the age of connectivity: RuNet 2020

Published:

The Russian Federation is currently pursuing a radical transformation to internet connectivity within the country. RuNet 2020 is an ambitious project to establish a national government-controlled network which is intended to function in an insulated environment from the broader internet in the event of a crisis.

Continue reading
The role of propaganda and branding in the ransomware “industry”

The Art of ‘Ware’ – The role of propaganda and branding in the ransomware ‘industry’

Published:

As of the time of writing, the three bitcoin wallets associated with the WannaCry ransomware have received a combined total of about 53.8 BTC – just shy of USD 500,000 at current conversion rates . This is despite the “kill switch” and other implementation flaws that impeded its early propagation. It also flies in the face of the numerous articles circulating in the security community that cast doubt on whether it is even possible for WannaCry victims to consistently get their files back.

Continue reading

Spies in the Middle East: Israeli Cyber Operations

Published:

The State of Israel has developed exceptional cyber capabilities that surpass all other nations within the MENA region. In January 2017, Prime Minister Benjamin Netanyahu declared that Israel had become one of the top five global cyber powers. Israel conducts covert cyber operations that are strictly classified and rarely formally acknowledged. So, beyond the infamous Stuxnet virus, what do publicly available sources reveal about state-sponsored hackers within Israel?

Continue reading
everyone hacks everyone

Everyone Hacks Everyone

Published:

If you examine the history of cyber breaches, you will find that the most newsworthy are usually attributed to Russia, China, Iran, and more recently North Korea. This may, or may not be true, but to echo the words of Eugene Kaspersky: the reality is that everyone hacks everyone. Friends attack foes, but friends also attack friends… secretly of course.

Continue reading
Cyber Pearl Harbor

Cyber Pearl Harbor: Fiction or Threat?

Published:

On 7th December 1941, a surprise raid was launched by the Imperial Japanese naval air force against the United States Pacific fleet while at anchor in Pearl Harbor, Hawaii. This devastating attack formally precipitated the entry of the United States into World War Two, shaping the course of history. A cataclysmic event of comparable magnitude has been anticipated within the cyber domain for more than two decades, encapsulated by the analogy: “Cyber Pearl Harbor”.

Continue reading