Tag Archives: malware

Save the date! Timing the hack for the biggest impact.

Save the date: Timing the hack for the biggest impact

Published:

There are now three certainties in life – there’s death, there’s taxes and there’s a foreign intelligence service on your system’ – Head of Cyber at MI5 (2013)

Over the last two decades, the scale and severity of cyber attacks has been very variable. It  is probably safe to suggest that the secret sabotage of a nuclear facility by the Stuxnet worm is in a slightly different league to the theft of payment card data held by a commercial brand like Chipotle. Nonetheless, there are several underlying attributes that provide a common framework to compare unconnected incidents. The Diamond Model of Intrusion Analysis indicates that for every incident, there is:

  • An Adversary
  • The Capabilities of the Adversary
  • A Victim
  • Infrastructure over which the attack occurs
Continue reading

Cybercrime in the Retail and Hospitality Industries

Published:

Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.

Continue reading
The role of propaganda and branding in the ransomware “industry”

The Art of ‘Ware’ – The role of propaganda and branding in the ransomware ‘industry’

Published:

As of the time of writing, the three bitcoin wallets associated with the WannaCry ransomware have received a combined total of about 53.8 BTC – just shy of USD 500,000 at current conversion rates . This is despite the “kill switch” and other implementation flaws that impeded its early propagation. It also flies in the face of the numerous articles circulating in the security community that cast doubt on whether it is even possible for WannaCry victims to consistently get their files back.

Continue reading

Regional Conflict and the Establishment of Cyber Warfare Testing Grounds

Published:

Regional conflict almost invariably brings with it consequences beyond its initial cause. The surrounding countries and regions suffer in a multitude of ways – from the massive and immediate human misery to ongoing political, economic and civil instability, and more long term diplomatic tensions and wounds that take time to heal.

Continue reading

West African Threat Actors

Published:

Last year saw a plethora of sophisticated cyber attacks including the infiltration of Oracle’s MICROS point of sale customer portal, the string of multi-million dollar thefts that leveraged the SWIFT banking network, and the US election hacks

Meanwhile in West Africa, cyber criminals continue their ongoing operations.

Continue reading

The Rise of Mobile Malware

Published:

The threat associated with mobile malware is expanding. In 2015 alone, Kaspersky uncovered 884,774 new malicious mobile programs, and 7,030 new mobile banking Trojans. Mobile malware is growing in sophistication, borrowing deployment and obfuscation techniques from conventional PC malware, reflecting the continuous evolution of the cyber threat landscape. It is almost certain that in some cases this is a result of funding and development support from advanced threat actors.

Continue reading
The Market of Malware

The Market of Malware: Buying, Selling and Collaborating in the Criminal Underground

Published:

The Dark Web is a fascinating, confusing and for some, a shocking place. Amongst the plethora of forums discussing, selling and sharing drugs, guns, pornography, credit cards (the list goes on), cybercriminals of all levels of sophistication also seek to acquire, enhance, and profit from a variety of hacking tools. This post provides examples of trading and collaboration that lie behind development of malicious software (malware), as well as providing examples of how it can be rapidly upgraded and changed.

Continue reading
Hello! My name is Delilah.

Hello! My name is Delilah.

Published:

Earlier this year it was reported that security researchers at an Israeli-based security firm had identified the first insider threat Trojan. The malware is considered a game changer, allowing cyber criminals to recruit insiders using the concepts of cyber extortion and social engineering. The backdoor Trojan, which was given the name Delilah, is believed to be in its development stage with cyber-criminals working on enhancing its features and capabilities.

Continue reading