Tag Archives: cyber security

Only Human: Protecting Against Unwitting Insider Threats

Published:

Within the corporate world, the spectre of insider threat is one that is difficult to come to terms with. A malicious insider in an organisation has, by virtue of their position, access to privileged information and functionality that an outside attacker would be able to leverage only with great difficulty.

Continue reading

The Weakest Link: The Supply Chain as an Intrusion Vector

Published:

In April 2017, PwC and BAE Systems released a report that investigated the activities of a Chinese advanced persistent threat (APT) actor, known as APT10 or Stone Panda (amongst other things).

The report assesses that this group’s primary technique is to target managed service providers (MSPs) as a pivot point to gain a foothold into the network of their clients. In other words, this threat actor is using the supply chain as the infection vector into their target’s environment.

Continue reading
The corporation as a threat actor

The Corporation as a Threat Actor

Published:

Generally when conducting threat assessments, a tried and tested method is to assess the threat from four categories of threat actor:

  • Nation state / Nation state proxies / Intelligence services
  • Organised criminal gangs
  • Hacktivists and hackers
  • Malicious and unintentional insider
Continue reading

Securing the Securer: Cyber Threats to the Insurance Sector

Published:

“Amazing”, “extreme”, “one of the coolest things I’ve ever seen.” These were the words of a cyber forensics expert who was tasked with investigating the biggest breach of an insurance company in history. Respectively, these words describe the operational security, stealth tactics, and malware engineering of the group that stole the personal information of almost 79 million policyholders in the US in 2015. The forensic team claim that 1000 boxes were infected, and roughly 7000 MD5 hashes (distinct file identifying numbers) were assigned to the ever-changing malware used to conduct the breach. What the details of this breach show is that the insurance sector has become a particularly attractive target for well-resourced and highly skilled cybercriminals.

Continue reading

West African Threat Actors

Published:

Last year saw a plethora of sophisticated cyber attacks including the infiltration of Oracle’s MICROS point of sale customer portal, the string of multi-million dollar thefts that leveraged the SWIFT banking network, and the US election hacks

Meanwhile in West Africa, cyber criminals continue their ongoing operations.

Continue reading

The Rise of Mobile Malware

Published:

The threat associated with mobile malware is expanding. In 2015 alone, Kaspersky uncovered 884,774 new malicious mobile programs, and 7,030 new mobile banking Trojans. Mobile malware is growing in sophistication, borrowing deployment and obfuscation techniques from conventional PC malware, reflecting the continuous evolution of the cyber threat landscape. It is almost certain that in some cases this is a result of funding and development support from advanced threat actors.

Continue reading

Exploring the Cyber Threats to Healthcare

Published:

In October 2016, computer systems in Northern Lincolnshire and Goole NHS Trust had to be shut down following a suspected ransomware attack.  The Trust cancelled numerous operations, outpatient appointments and diagnostic procedures as a result.   This incident is far from being an isolated case; an NCC Group Freedom of Information request revealed that almost half of NHS trusts have been subjected to a ransomware attack in the past year. 

Continue reading
IOT Zombie Apocalypse

The IoT Zombie Apocalypse

Published:

This blog post will look at the security issues surrounding so-called “smart devices”, and the distributed denial of service (DDoS) attacks that have occurred in recent months. It will attempt to address some of the burning questions that have been asked since, such as how on earth can a zombie army of video recorders and cameras deny access to a large chunk of the internet? Who would do such a thing and why? And, how vulnerable is the Internet’s infrastructure to these monster botnets?

Continue reading

The Immutability of Cryptocurrency: Part 2 – Concerning Fragility

Published:

In part 1 of this blog, we examined some of the underlying concepts that make cryptocurrencies work. Specifically, we explored the premise of immutability, which is a requirement for a decentralised currency that users can trust. We saw how immutability is guaranteed by a shared consensus between users and developers – trying to change the specification to undermine the rules that govern a currency will inevitably split the user base. Splitting the user base effectively splits the currency, resulting in what is known as a fork.

Continue reading