Tag Archives: cyber security

Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Bank Reconnaissance, A Hacker’s Guide

Published:

For much of the time, cybersecurity researchers can find themselves limited to informed speculation and assessment about the sort of activity that cybercriminals perform, prior to launching a large cyber-theft operation. We believe that they will be performing reconnaissance on employees at the bank, particularly those in privileged positions linked to the payment and IT platforms, but some of the more precise details are limited. However, every now and again, information will be leaked which can provide some unique insight into the activities of cybercriminal groups and what they look for in a victim.

Continue reading

Politics aside, what we can learn from the DOJ’s indictment of 12 Russian officers

Published:

On the 16th July, the Department of Justice indicted 12 Russian nationals for their role in the cyber operations against the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC). It was the latest in a series of private sector and government publications that provide proof tying Russian hackers to the breaches of Democrat Party institutions and the theft of confidential information.

Continue reading

Cybercrime in the Retail and Hospitality Industries

Published:

Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.

Continue reading
Digital sovereignty in the age of connectivity: RuNet 2020

Digital sovereignty in the age of connectivity: RuNet 2020

Published:

The Russian Federation is currently pursuing a radical transformation to internet connectivity within the country. RuNet 2020 is an ambitious project to establish a national government-controlled network which is intended to function in an insulated environment from the broader internet in the event of a crisis.

Continue reading

Spies in the Middle East: Israeli Cyber Operations

Published:

The State of Israel has developed exceptional cyber capabilities that surpass all other nations within the MENA region. In January 2017, Prime Minister Benjamin Netanyahu declared that Israel had become one of the top five global cyber powers. Israel conducts covert cyber operations that are strictly classified and rarely formally acknowledged. So, beyond the infamous Stuxnet virus, what do publicly available sources reveal about state-sponsored hackers within Israel?

Continue reading

Security Alliance expands threat intelligence service provision in Asia

Published:

Today, Security Alliance announces its growing commitment to the provision of cyber threat intelligence services in the Asia region by extending its current Europe, Middle East and Africa membership of CREST (www.crest-approved.org) to include Asia coverage.

Continue reading

Press release: Security Alliance launch cyber threat intelligence platform ThreatMatch at the official opening of the UK Cyber Demonstration Centre

Published:

ThreatMatch launch

 

 

 

 

 

 

 

ThreatMatch is a cyber threat intelligence platform that provides users with relevant, actionable and timely threat intelligence that can be tailored to their unique environments. Using a diverse and extensive range of sources, ThreatMatch provides continuous alerts on how an organisation’s attack surface correlates with the threat posed by the malicious actors targeting it.

John Beale, founder of Security Alliance comments: “We were delighted to be invited to launch ThreatMatch at the official opening of the UK Cyber Demonstration Centre.

Continue reading

Event: Banking & Payments Federation Ireland – Cyber Conference

Published:

Register for the event

Securty Alliance is attending and presenting at Cyber Conference. Cyber Conference is a half-day event held by the Banking & Payments Federation Ireland (BPFI) in association with Deloitte.

This half day conference will cover various aspects of cybercrime and cybersecurity plus touching on existing legislative measures e.g. NIS Directive, GDPR and PSD 2, providing members with valuable global insights, including strategic approaches from key decision makers, cyber security experts, law enforcement and academia in order to try to better secure the digital assets and infrastructure of the entity, its customer base, stakeholders and staff.

Continue reading

Event: UK-NL Cyber Security Showcase 2017

Published:

Reserve your complimentary seat

Securty Alliance is exhibiting and presenting at the second edition of the annual UK-NL Cyber Security Showcase.

The event has been organised by a partnership between the British Embassy, the Department for International Trade, and The Hague Cyber Security Week. It will bring together 45 of the most innovative UK & NL-based cyber security companies to showcase their knowledge, products and services.

Continue reading