Tag: Cybersecurity
GoldenJackal targets top-secret installations
An as-yet-unidentified group, known only as GoldenJackal with suspected links to the Russian state, is targeting high-security networks that are intentionally isolated from the internet. Confidential data is frequently stored in “air-gapped” computers that do not have an online connection and were, until now, virtually impossible to hack. But cybersecurity firm ESET now reports that GoldenJackal was deploying “a highly modular toolset” against a government organization in a European Union (EU) country between May 2022 and March 2024. This follows similar ongoing attacks on air-gapped systems in Belarus that began in August 2019.
Insider attacks rise by over 50 percent
Insider attacks, where staff either deliberately or accidently compromise an organization’s security, are rising steeply. According to Cybersecurity firm, Gurucul, almost half of organizations, 48 percent, report that insider attacks have become increasingly common over the last 12 months. Just over half, 51 percent, experienced six or more such attacks in the past year. Gurucul’s 2024 Insider Threat report identifies the major causes for the sudden spike in insider attacks: “The top three drivers behind the surge in insider attacks are complex IT environments (39 percent), the adoption of new technologies (37 percent), and inadequate security measures (33 percent).”
Cybercriminals ramp up AI-driven deepfake scams
Cyber toolkits for threat actors are now harnessing the latest deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’ According to cloud cybersecurity firm Egress, a staggering 82 percent of phishing toolkits mentioned deepfakes, and 75 percent referenced AI. The growing threat presented by the use of deepfakes by cybercriminals was highlighted earlier this year at InfoSecurity Europe in London. Widely available toolkits now enable even relatively unskilled hackers to create highly convincing video and audio clips of chief executives (CEOs) and other senior staff members in any specific organization. All the threat actor needs is a short video clip of the person they wish to impersonate. This can easily be copied from a corporate seminar or from a video podcast.
Cybercrime gets physical
Cyber-physical systems (CPS), such as operational technology (OT), the Internet of Things (IoT), building management systems (BMS) and connected media devices have now become a prime target for ransomware attacks. According to security firm, Claroty, cyber-physical attacks are now placing significant financial strain across organizations in several key sectors. Almost half of the respondents, 45 percent, to an independent survey commissioned by Claroty report financial losses of $500,000 or more over the last 12 months from cyber-attacks affecting CPS. Over a quarter, 27 percent, report losses of $1 million or more. “The most financially impacted sectors are chemical manufacturing, power and energy, and mining and materials, with 54-55 percent of respondents in each sector reporting more than $500,000 in losses from incidents in the last 12 months,” says the report, The Global State of CPS Security 2024.
Companies worldwide continue to sideline CISOs
Organizations worldwide are continuing to put cybersecurity on the back burner, with only two percent having implemented cyber-resilience in all areas surveyed, says business consulting giant PwC. According to the latest PwC report, Bridging the gaps to cyber resilience: The C-suite playbook: “Fewer than half of the executives say their CISOs are involved to a large extent in strategic planning, board reporting, and overseeing tech deployments.” C-suite executives and their CEOs are currently paying growing lip-service to cybersecurity in an effort ensure their compliance with the growing body of cyber legislation on both sides of the Atlantic. But, according to PwC, only 15 percent are actually measuring the potential financial impact of cyber risks to a significant extent.
Cybercriminals are now grooming US and UK teens
By adopting such Nineteenth-Century criminal grooming methods to the online world of the Twenty-First Century, today’s threat actors are effectively criminalizing an entire generation not to pick pockets but to rifle fat online crypto wallets instead. When the media reports that a nineteen-year-old hacker has been arrested at his parent’s house for a major hack, such as the one that recently occurred at Transport for London (TfL), the sinister cybercriminals who may have orchestrated the cyber-attack doubtless breathe a sigh of relief. “What the police should be asking in a case like is who has been grooming the teenage hacker and for how many years?” says Fraser Hay, CEO and co-founder of one-year-old UK start-up The Hacking Games, whose aim is to use online gaming, TV and other media to encourage teenagers away from a life of online crime and towards careers in ethical hacking.
Security threat from the skies
Martin Broomhead AFC MRAeS, UK managing director of multinational drone security company D-Fend Solutions, gave an exclusive interview to Cyber Intelligence from the showground floor in London’s Olympia conference centre. He outlines the increasingly blurred line between physical security and cybersecurity, the main theme of this year’s International Cyber Expo, which combined with this year’s International Security Expo on the Olympia showground.
Cyber gets physical at Expo ‘24
Chief executives frequently vie with one another for the spotlight when delivering key speeches at major conferences. But the most-talked-about address of the day, given to a packed auditorium at the International Cyber Expo in London’s Olympia showground, forbade any recording or photographing of his talk. He also insisted he be referred to only as “Paul F”. “Paul F”’s bashfulness became understandable when he explained that the UK’s National Protective Security Authority (NPSA), where he is head of physical security, is now part of Britain’s secret intelligence service MI5. His talk neatly summed up the central theme of the show by providing evidence that the difference between cybercrime and physical crime has become blurred to the point of invisibility. He asked the very relevant question of whether a small drone spying into a City office using a telescopic lens and an 8k camera to read the staff’s log-in details through the window is a physical or a cyber-crime.
A Deluge of Powerful Fraud Tactics Are Giving Businesses Trust Issues
It feels like fraudsters are consistently staying one step ahead of us. Back in early 2022, a study found that one out of every four accounts made online was fake—and that number has only gotten worse. The auto lending industry, for example, saw a staggering $7.9 billion in losses due to a 98% spike in synthetic fraud in 2023. They’re not alone in fending off more fraud attempts than ever as malicious actors turn to generative artificial intelligence to increase both the sophistication and the sheer number of fake accounts trying to bypass verification steps and swindle businesses. The increase we’ve seen in synthetic identities is causing a new host of problems. Not only are more businesses finding themselves with fake customers in their systems—financial institutions mistakenly giving credit to synthetic identities, colleges and universities grappling with applications from fake students, and more—but some of the measures being taken to tamp down on fraudsters’ relentless advances have had the unfortunate side effect of pushing away legitimate customers.
Chinese phisher steals top US military secrets
This week, the US Department of Justice (DOJ) announced criminal charges against a Chinese national, Song Wu, accused of wire fraud and aggravated identity theft in an effort to obtain National Aeronautics and Space Administration (NASA) computer software and source code. The DOJ has now revealed that the specialized software allegedly stolen by Song could be used by potentially hostile enemies to attack the US. According to the DOJ, the stolen software could be used for “industrial and military applications, such as development of advanced tactical missiles and aerodynamic design and assessment of weapons.”
Lebanon pager attack signals new era in cyber warfare
As the whole world is now aware, Beirut was thrown into chaos yesterday by 5,000 exploding weaponized pagers, leaving 900 people dead and a further 300 in critical condition. Iran’s ambassador to Lebanon, Mojtaba Amani, sustained injuries to his face and hand. Lebanon-based Islamist and paramilitary group Hezbollah claims that Israel was responsible. If so, then yesterday afternoon’s event in Beirut will have global repercussions for cyber warfare and targeted cyber-attacks. The idea of weaponizing communications devices is hardly new. Over a decade ago, for example, former US Vice President Dick Cheney disabled a function that allowed the pacemaker regulating his heart to be administered wirelessly. Because he believed terrorists might hack the device to deliver a fatal shock. Israel has also been previously accused of killing Hamas terrorists with booby-trapped cellphones.
Musk rattles skeletons in Brussels’ cupboard
The European Union (EU) suffered a major setback this week in its drive to recreate cyberspace in its own image. In a surprising turnaround, the EU appears to have caved into threats by X (formerly Twitter) owner Elon Musk to reveal “secret deals” offered by the EU to himself and other US-based global social network platforms. Until Monday, EU Commissioner Thierry Breton appeared to be preparing for a legal cage fight with Musk, a man who is tipped to become the world’s first trillionaire, over the issue of free speech and Musk’s refusal to censor political debate on X in line with Brussels’ wishes. Breton’s shock resignation yesterday is now being seen by many as evidence of the truth behind Musk’s allegations. X CEO Linda Yaccarino immediately referred to the resignation of European Union commissioner Thierry Breton as "a good day for free speech."