The “problem of attribution” in the context of Cyber is not a new one, but it receives a relatively small share of coverage. When a high-profile breach is attributed to nation-state actors, the focus is often on the potential motivations and implications of the attack.Continue reading
Earlier this year it was reported that security researchers at an Israeli-based security firm had identified the first insider threat Trojan. The malware is considered a game changer, allowing cyber criminals to recruit insiders using the concepts of cyber extortion and social engineering. The backdoor Trojan, which was given the name Delilah, is believed to be in its development stage with cyber-criminals working on enhancing its features and capabilities.Continue reading
The following is a guest post from business continuity specialists, Databarracks.
Ransomware has become the biggest cause of major recovery for organisations in the UK. Over 50 new variants have emerged since the start of 2016 and outright prevention is practically impossible. Attacks are evolving too quickly and software-based anti-virus solutions simply can’t keep pace.Continue reading
“Not everything that can be counted counts, and not everything that counts can be counted.”
The application of traditional threat intelligence to the field of information security is a relatively young one. As the ability of the community to collect and share intelligence grows, the techniques we use to analyse it become more sophisticated. Assuming we have access to a “firehose” of big data, how can we model and analyse security threats most effectively? This question has led to many organisations attempting to standardise the process and provide a consistent way of distributing threat data. How effective are they at doing this, and how could they be better? How can we better use these imperfect sources of intelligence to inform our analyses?Continue reading
Ransomware is shaping up to be the stand-out cyber threat of the decade. Victims now number in their millions, and the average loss per incident has risen from $294 to $679 as of the end of 2015, according to Symantec.
So why has it become the preferred method of attack for so many criminals? And why is the success rate so high?Continue reading
According to industry reports and surveys, cyber-criminals are systematically targeting the legal sector: it was reported to be the third most targeted sector in February 2016. Yet, there seems to be a lack of a single point of reference when it comes to community sharing platforms designed to raise cyber situational awareness between firms. This lack of information and intelligence sharing across the wider industry is assessed as a being inadequate, considering the severity of the threat law firms face globally.Continue reading
In today’s geopolitical arena, battles are increasingly fought with bits instead of bullets, and bots instead of soldiers. While these covert operations largely remain behind the scenes, the result is often felt as an aftershock by the public. The list of casualties, which includes some of the biggest names in financial services, technology, defence and government, is growing exponentially. And to further blur the already murky waters surrounding the issue of attribution in cyber warfare, nation state actors aiming to achieve a degree of deniability now often employ proxies to engage in cyber espionage campaigns.
Security incidents in the civil aviation industry are a concern to many. Cyber security breaches are no exception. Airlines – as an industry that operates with slim profit margins – are all too aware of this. To make matters worse, the cyber threat to the aviation industry is increasing.