Tag Archives: cyber threats

Beyond compliance: How GDPR can give hackers the upper hand

Published:

Since the implementation of the EU’s General Data Protection Regulation (GDPR) in May, media reports of data breaches have skyrocketed. British Airways, Facebook, Ticketmaster, and Cathay Pacific are all organisations that have made headlines over the last months showing the breadth of sectors affected worldwide by data compromises.

Compliance-driven pieces have been a relatively common occurrence in the media since the application of GDPR. We however aim to look in this blog post at GDPR from a threat actors’ perspective. With GDPR bringing in major changes on the management and transfer of data, threat actors are likely to find innovative ways to exploit and benefit from these changes.

Continue reading
Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Bank Reconnaissance, A Hacker’s Guide

Published:

For much of the time, cybersecurity researchers can find themselves limited to informed speculation and assessment about the sort of activity that cybercriminals perform, prior to launching a large cyber-theft operation. We believe that they will be performing reconnaissance on employees at the bank, particularly those in privileged positions linked to the payment and IT platforms, but some of the more precise details are limited. However, every now and again, information will be leaked which can provide some unique insight into the activities of cybercriminal groups and what they look for in a victim.

Continue reading

Cybercrime in the Retail and Hospitality Industries

Published:

Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.

Continue reading
Digital sovereignty in the age of connectivity: RuNet 2020

Digital sovereignty in the age of connectivity: RuNet 2020

Published:

The Russian Federation is currently pursuing a radical transformation to internet connectivity within the country. RuNet 2020 is an ambitious project to establish a national government-controlled network which is intended to function in an insulated environment from the broader internet in the event of a crisis.

Continue reading
The role of propaganda and branding in the ransomware “industry”

The Art of ‘Ware’ – The role of propaganda and branding in the ransomware ‘industry’

Published:

As of the time of writing, the three bitcoin wallets associated with the WannaCry ransomware have received a combined total of about 53.8 BTC – just shy of USD 500,000 at current conversion rates . This is despite the “kill switch” and other implementation flaws that impeded its early propagation. It also flies in the face of the numerous articles circulating in the security community that cast doubt on whether it is even possible for WannaCry victims to consistently get their files back.

Continue reading

Securing the Securer: Cyber Threats to the Insurance Sector

Published:

“Amazing”, “extreme”, “one of the coolest things I’ve ever seen.” These were the words of a cyber forensics expert who was tasked with investigating the biggest breach of an insurance company in history. Respectively, these words describe the operational security, stealth tactics, and malware engineering of the group that stole the personal information of almost 79 million policyholders in the US in 2015. The forensic team claim that 1000 boxes were infected, and roughly 7000 MD5 hashes (distinct file identifying numbers) were assigned to the ever-changing malware used to conduct the breach. What the details of this breach show is that the insurance sector has become a particularly attractive target for well-resourced and highly skilled cybercriminals.

Continue reading

Exploring the Cyber Threats to Healthcare

Published:

In October 2016, computer systems in Northern Lincolnshire and Goole NHS Trust had to be shut down following a suspected ransomware attack.  The Trust cancelled numerous operations, outpatient appointments and diagnostic procedures as a result.   This incident is far from being an isolated case; an NCC Group Freedom of Information request revealed that almost half of NHS trusts have been subjected to a ransomware attack in the past year. 

Continue reading

The Usual Suspects: Faith-based attribution and its effects on the security community

Published:

The “problem of attribution” in the context of Cyber is not a new one, but it receives a relatively small share of coverage. When a high-profile breach is attributed to nation-state actors, the focus is often on the potential motivations and implications of the attack.

Continue reading