[Source: This article was published in infosecurity-magazine.com By Liv Rowley - Uploaded by the Association Member: Jasper Solander]

The surface web poses many threats to organizations, but the deep and dark web has gained notoriety over the years as more and more cyber-criminals make use of underground forums and marketplaces to buy and sell goods such as stolen credentials and personally identifiable information (PII).

Various anonymizing features and a lack of state-based governance has allowed cybercrime to flourish in this relatively safe space. 

Stolen information, illegal services and other illicit offerings and activity can be observed with unnerving regularity on the deep and dark web. Goods can be put together or sold as packages alongside other Cybercrime-as-a-Service (CaaS) offerings, thereby lowering the barrier to entry for novice cyber-criminals and allowing veterans to outsource parts of their operations. 

Dare to delve?

Whilst the darknet is complicated to navigate, it is far from impossible to penetrate. There are public Tor indexers available – such as Torch and Grams – though they are often clunky to use and not comprehensive in their reach.

Threat intelligence companies may offer cybersecurity modules that crawl the darknet, indexing content and providing search engine-like capabilities to defenders who purchase these services. Forums, however, may need to be infiltrated first in the same way as you would a real-world criminal organization.

However, organizations must first determine whether the risks associated with this type of hands-on research are worth it. These risks include the possibility of being unwittingly or unintentionally infected with malware or otherwise exposing yourself to those with malicious intentions. A strong understanding of operational security and acceptance of the risks associated with this type of research is key. In many cases, organizations may find it more prudent to enlist the help of threat intelligence vendors, whose professional expertise may come in useful.

Threat actors utilize Tor, I2P and other darknet browsing software to access hidden forums and marketplaces, while others lurk on the deep web behind password-protected or invitation-only closed forums or groups on Telegram, WhatsApp and other chat platforms. Some expect you to prove technical knowledge to gain entrance to a forum or to actively participate in a cyber-criminal community in order to maintain access. In other cases, you may need to be invited or recommended by a trusted relationship to gain access. 

Keep your enemies close

Organizations looking to conduct dark web research are setting out on a challenging task; dark web research can be similar to knowing that a party is taking place, but not knowing the address. Analysts need to be ready to hunt, dig and immerse themselves in the underground in order to find the action. In doing so, analysts are exposed to the myriad products and conversations surrounding cybercrime in these spaces, training their eye to be able to filter and identify the real threat.

This in turn allows organizations to better understand what they need to defend themselves against. In order to assess a threat actor’s credibility and the legitimacy of a particular threat, researchers may look at factors such as a threat actor’s reputation or length of time on the darknet.

Companies should prioritize monitoring for data related to their organization, such as proactively searching the dark web to find stolen credentials. Doing so at an early stage can massively reduce the risk or impact of an attack.

Detecting them using threat intelligence services can not only prevent additional breaches but also force IT security teams to locate the sources of the initial attacks and fix existing problems so attacks cannot occur again through that vector.

Stay alert and keep watch

In addition to looking for stolen credentials, it is also wise to monitor (using defined search terms) for documents or PII which might have been stolen or unintentionally leaked. Stricter data protection regulations mean that data leaks can have an even larger impact on an organization’s bottom line, as well as its reputation. In the event of a GDPR penalty, a company that can demonstrate robust detection capabilities can vastly reduce its liabilities.

A network of crawlers and sensors can alert organizations when their credentials have been offered for sale on the dark web – if you know what’s been stolen, it’s easier to block and mitigate damage. Good cyber threat intelligence is crucial to providing this feedback of information to build stronger defenses around any business.

Tracking for crimeware kits, malware, threat actors and TTPs that could target their sector more generally can also help security teams strengthen their security posture, broaden their situational awareness and put in place appropriate defense measures before adversaries can strike. 

The best way to fight cybercrime on the darknet is to operate in much the same way as the bad guys. If you understand the scope of what’s available to criminals, it’s a lot easier to rationalize how to defend against cyber-attacks and enable others to do the same. Collaboration and intelligence sharing is crucial in the fight against cybercrime.

Categorized in Deep Web

[Source: This article was Published in wired.com BY ANDY GREENBERG - Uploaded by the Association Member: Joshua Simon]

DESPITE ALL THE cybersecurity industry’s talk of preventing “breaches,” a computer network in some ways is less like a fortress and more like a human body. And skillful hackers are like germs: They tend to get in via some orifice or another. Once inside, it’s whether they can thrive and multiply their infections—and what vital organs they can reach—that determines whether the outcome is a sneeze or a full-on catastrophic takeover.

In many modern hacking operations, the difference comes down to a technique known as “credential dumping.” The term refers to any means of extracting, or “dumping,” user authentication credentials like usernames and passwords from a victim computer so that they can be used to reenter that computer at will and reach other computers on the network. Often credential dumping pulls multiple passwords from a single machine, each of which can offer the hacker access to other computers on the network, which in turn contain their own passwords ready to be extracted, turning a single foothold into a branching series of connected intrusions. And that’s made the technique at least as crucial to hackers’ work—and as dangerous for sensitive networks—as whatever phishing email or infected attachment let hackers find entry into the network in the first place.

Credential dumping is largely possible because operating systems have long tried to spare users the inconvenience of repeatedly entering their password. Instead, after a user is prompted to enter it once, their password is stored in memory, where it can be called up by the operating system to seamlessly prove the user’s identity to other services on the network.

But the result is that once a hacker has gained the ability to run code on a victim machine, he or she can often dig up the user’s password from the computer’s memory, along with any other users' passwords that might linger there. In other cases, the hacker can steal a file from the computer's disk called the Security Account Manager, or SAM, which contains a list of the network's hashed passwords. If the passwords are too simple or if the hashing is weak, they can then often be cracked one by one.

Amit Serper, a researcher for security firm Cybereason and a former Israeli intelligence hacker, compares credential dumping to a thief who sneaks through an open window, but once inside finds a spare key to the victim’s house he or she can copy—along with keys to the victim’s car and office. “You got in that one time, but if you want to come back you have to have keys to the house,” Serper says. "Once you have those keys, you can do whatever you want.”

ANDY GREENBERG IS A WIRED SECURITY WRITER AND AUTHOR OF THE FORTHCOMING BOOK, SANDWORM: A NEW ERA OF CYBERWAR AND THE HUNT FOR THE KREMLIN'S MOST DANGEROUS HACKERS.

In some cases, Serper says, he's seen hackers mess with settings on a computer to frustrate the user until he or she calls tech support, which results in an administrator logging into their machine. The hacker can then steal that administrator's much more valuable credentials from memory and use them to wreak havoc elsewhere on the network.

Credential dumping is so crucial to modern hacking operations, Serper says, that he finds in analyses of victim networks that it often precedes even the other basic moves hackers make after gaining access to a single computer, such as installing persistent malware that will survive if the user reboots the machine. “In every large breach you look at today, credentials are being dumped,” Serper says. “It’s the first thing that happens. They just get in, then they dump the passwords.”

By far the most common tool for credential dumping was created in 2012 by a French security researcher named Benjamin Delpy and is known as Mimikatz. Delpy, who worked for a French government agency, wrote it to improve his C++ coding skills and also as a demonstration of what he saw as a security oversight in Windows that he wanted to prove to Microsoft.

Since then, Mimikatz has become the go-to credential dumping tool for any hacker who hopes to expand access across a network. Dmitri Alperovitch, the chief technology officer of security firm Crowdstrike, calls it the “AK-47 of cybersecurity." Some sophisticated hackers also build their own credential dumping tools. More often they modify or customize Mimikatz, which is what happened with the likely Chinese hackers revealed last month to have targeted at least 10 global phone carriers in an espionage campaign.

THE WIRED GUIDE TO DATA BREACHES

Aside from that sort of espionage, credential dumping has become a key tool for hackers who seek to spread their infection to an entire network with the aim of destroying or holding ransom as many computers as possible. Mimikatz, for instance, served as an ingredient in a range of paralyzing incidents, from the LockerGoga ransomware attack on aluminum firm Norsk Hydro to the NotPetya worm, a piece of destructive malware released by Russian state hackers that became the most costly cyberattack in history. "Any time we hear in the news that ransomware has taken out an entire organization, this is what happened," says Rob Graham, the founder of Errata Security. "This is how it spread through the entire domain: It gets credentials and uses this mechanism to spread from one computer to the next."

The danger of credential dumping, Graham warns, is that it can turn even one forgotten computer with unpatched vulnerabilities into that sort of network-wide disaster. "It’s not the systems that everyone knows about that you need to worry about, those are patched. It's the systems you don't know about," he says. "A foothold on these unimportant systems can spread to the rest of your network."

While keeping hackers from ever gaining that foothold is an impossible task, Graham says that system administrators should carefully limit the number of users with administrative privileges to prevent powerful credentials from being accessed by hackers. Administrators should be wary of logging into computers that they suspect might be compromised by hackers. And Cybereason's Amit Serper points out that two-factor authentication can help, limiting the use of stolen passwords since anyone trying to use them would need a second authentication factor, too, like a one-time code or a Yubikey.

"Having that second factor is the best way to battle credential dumping," Serper says. "How else can you protect yourself if someone has the master key to your house?"

Categorized in Internet Privacy

 Source: This article was Published smallbusiness.co.uk By Ben Lobel - Contributed by Member: Clara Johnson

Criminals are looking for small businesses' data to sell on the dark web. Here, we look at how to be vigilant.

Most small businesses don’t give two hoots about the ‘dark web’, the part of the World Wide Web that is only accessible by means of special software, allowing users and website operators to remain anonymous or untraceable.

As far as many are concerned, the dark web is a murky place where dodgy criminals congregate to buy and sell things like weapons and drugs. It feels like a world apart from everyday business.

In today’s world, though, that’s a dangerous mindset to have. The truth is that, while criminals have been using the dark web for years to sell illegal items, they’re also using it more and more these days to sell something more valuable — stolen and leaked corporate data.

Today, every business has a wealth of valuable data, whether it’s employees’ personal details, corporate credit cards or sensitive client information. Criminals want to get their hands on that, so they can then sell it on the dark web to make some easy money. And it’s not just the criminals who want your data.

‘Hacktivists’ will happily steal from you and post your data online for free just to win kudos or because they want to damage your company reputation. Ex-employees can copy data to a USB or email it to themselves at home and then either deliberately leak it or suffer a breach themselves. And ‘script kiddies’ run automated scans to find vulnerable websites and servers for easy pickings.

The easiest victims to pick on are the small ones

And it’s not just the big firms who are targets. Small businesses are equally at risk, if not more so because they often lack the cybersecurity resources to deal with the problem. And every industry is equally at risk. The truth is that passwords, corporate credit cards, employee personal details, client information and so on are equally valuable whether they come from a big company or small, in manufacturing or in retail. The opportunistic nature of cybercrime makes the perpetrators blind to industry or size — and once perpetrators get hold of your data, they can wreak havoc with it. With corporate credit cards, criminals can buy what they want. With employee personal details, they can target victims with phishing attacks and fraud, and with client information, they can blackmail you.

Jeremy Hendy, CEO of cyber intelligence solutions company RepKnight, says he sees thousands upon thousands of dark web dumps every day of client login details (yes, with passwords). And most of the organisations to whom the data belongs have no idea these sales are happening because the dark web is, well, hidden. ‘The relatively low risk of getting caught (because the dark web affords strong anonymity) combined with the chance to make a lot of money (or at least show off) makes the dark web an incredibly attractive place for cybercriminals,’ Hendy says.

So, what can we do about it? First, we need to change the way we think about cybersecurity.

How AI and Big Data Impact the Structure of the Financial Industry

Protecting your network is a poor way to protect your data, Hendy says. ‘Protect your network, and your data’s safe, right? Wrong. Protecting your network is a poor way to protect your data.

‘Consider it from a parenting point of view. To protect your children (your data), you can install video cameras to the outside of your house and build a big fence around the perimeter of your property to deter kidnappers from getting in (expensive and complex).

‘But what about those times when your children need to leave your property, which will happen pretty much every day? Once your children have left the safety of the house, your house’s protection is useless.’

The same goes for data, he adds. The nature of modern business dictates that your data no longer live within the perimeter of your network protection. It has already flown the nest and has scattered into the online stratosphere through email and collaboration with third-party partners and suppliers.

“Even with the strongest network security, you’re still at risk of having a cybercriminal gain access to your network”

Hendy says that RepKnight recently did an audit of its own data and quickly found that there were around 35 partners, systems and places that were storing the data — all outside of its own network. ‘And we’re a small company, so imagine how that’s going to be magnified for larger organisations.’

Once that data leaves your network, its safety is well and truly out of your control. ‘But unlike children, once your data has left your perimeter it is at risk of being duplicated and leaked, so even if your data does return to the safety of your network, a copy will almost certainly exist elsewhere,’ Hendy says.

Even with the strongest network security, you’re still at risk of having a cybercriminal gain access to your network without your knowledge through the use of ‘compromised credentials’.

‘These kinds of attacks are on the rise because so many people use the same password across various accounts like banking, social media, online shopping and much more.

‘If one of those third parties suffers a breach, chances are they’ve unwittingly handed over the login credentials to your company network, giving criminals the chance to snoop around undetected and steal whatever they want. By the time you find out — which is usually after 450 days after the breach first happened — it’s too late to do anything about it.’

How to combat the threat of the dark web and protect your data

  • Change the focus from network protection to data protection — with an acceptance that your data has already ‘left the building’.
  • Weigh up your options. For most companies, combatting the threat of the dark web is not something that you can do manually. Not only is it hidden, it’s dangerous (rife with malware and phishing sites — there’s no honor amongst thieves) and horrifying (you’ll see things you wish you could un-see and perhaps earn yourself a surprise visit from law enforcement agencies). The dark web is definitely ‘not safe for work’.
  • Consider advanced, automated monitoring software that continuously looks for your data in places where it shouldn’t end up — like dark web marketplaces and bin and dump sites. If the monitoring system finds something it believes to be yours, it should tell you immediately, alerting you to a potential breach you might not even know about yet.
  • Be aware that data monitoring is like tracking your children through GPS. If they go missing, you’ll at least be able to see where they end up. So, if you can track your data in this way, you can do something about it when things go wrong. And so, with today’s technology, there’s no reason for the dark web to remain a hidden threat to small businesses.

Categorized in Search Engine

 Source: This article was Published securityintelligence.com By Jasmine Henry - Contributed by Member: Deborah Tannen

The dark component of the deep web is the primary highway for the exchange and commerce among cybercriminal groups. In fact, very few cybercriminals work alone. Eighty percent of cybercrime is linked to criminal collectives, and stolen data-shaped goods surface rapidly on darknet forums and marketplaces following cybersecurity incidents with data loss.

Adapting to these trends is essential. Organizations with the ability to extract threat intelligence from data-mining these elusive online sources can achieve a significant security advantage.

Deep Web and Darknet: What’s the Difference?

The part of the web accessible through search engines and used for everyday activities is known among researchers as the surface web. Anything beyond that is defined as the deep web. While estimates vary, some researchers project there is 90 percent more deep websites than surface ones, according to TechCabal. In the deep web are unindexed websites that are not accessible to everyday Internet users. Some restrict access, others are routed through many layers of anonymity to conceal their operators’ identity.

Darknet websites and technologies are a subset of the deep web classification, which consists of sites intentionally hidden and generally only accessible through technologies like The Onion Router (Tor), a software that facilitates anonymous communication, or peer-to-peer (P2P) browsers. This hidden web is closely associated with anonymity and (in some cases) criminal activity supported by open exchange and collaboration between threat actors.

How to Draw Dark Threat Intelligence

“Dark web intelligence is critical to security decision-making at any level,” said Dave McMillen, senior analyst with X-Force IRIS at IBM X-Force Incident Response and Intelligence Services (IRIS). “It is possible to collect exploits, vulnerabilities and other indicators of compromise, as well as insight into the techniques, tactics, and procedures [TTPs] that criminals use for distinct knowledge about the tools and malware threat actors favor.”

When this real-time threat data is filtered through sufficient context and separated from false positives, it becomes actionable intelligence. McMillen believes there are several ways organizations can benefit from dark-sourced intelligence. These benefits include understanding emerging threat trends to develop mitigation techniques proactively. Dark-source intelligence could also help with identifying criminal motivations and collusion before attacks. It could even aid in attributing risks and attacks to specific criminal groups.

How to Identify Darknet Security Risks

For expert threat researchers like McMillen, patterns of deep web activity can reveal an attack in progress, planned attacks, threat trends or other types of risks. Signs of a threat can emerge quickly, as financially-driven hackers try to turn stolen data into profit within hours or minutes of gaining entry to an organization’s network.

The average time it takes to identify a cybersecurity incident discovery is 197 days, according to the 2018 Cost of a Data Breach Study from the Ponemon Institute, sponsored by IBM. Companies who contain a breach within 30 days have an advantage over their less-responsive peers, saving an average of $1 million in containment costs.

“Employing dark web monitoring solutions that allow the use of focused filters to identify key phrases, such as your brand and product names, that may contain information that can negatively affect your organization is a good start in your effort to glean useful intelligence from the dark web,” McMillen said.

The collected data should then be alerted and routed through a human analysis process to provide actionable insights. Context-rich threat intelligence can reveal many different forms of risk.

1. Organization or Industry Discussion

Among the key risk factors and threats are mentions of an organization’s name in forum posts, paste sites, channels or chatrooms. Contextual analysis can determine whether threat actors are planning an attack or actively possess stolen data. Other high-risk discussions can surround niche industries or verticals, or information on compromising highly-specific technologies employed by an organization.

2. Personally Identifiable Information (PII) Exchange

When a breach has occurred, the sale of PII, personal health data, financial data or other sensitive information can be indicative of the aftermath of an attack. A single data record can sell for up to $20, according to Recorded Future. This data is generally stolen en-masse from large organizations — such as credit agencies and banks — so a few thousand credit card numbers can turn a huge profit.

Unsurprisingly, 76 percent of breaches are financially motivated, according to the 2018 Data Breach Investigations Report from Verizon.

3. Credential Exchange

Lost or stolen credentials were the most common threat action employed in 2017, contributing to 22 percent of data breaches, according to the Verizon report. While the presence of usernames and passwords on paste sites or marketplaces can indicate a data breach, contextual analysis is required to determine whether this is a recent compromise or recycled data from a prior incident.

In May 2018, threat intelligence company 4iQ uncovered a massive floating database of identity information, including over 1.4 billion unencrypted credentials.

“The breach is almost two times larger than the previous largest credential exposure,” Julio Casal, founder of 4iQ, told Information Age.

4. Information Recon

Social engineering tactics are employed in 52 percent of attacks, according to a February 2018 report from security company F-Secure. Collusion around information recon can surface in both open and closed-forum exchanges between individual threat actors and collectives.

5. Phishing Attack Coordination

As phishing and whaling attacks become more sophisticated, deep web threat intelligence can reveal popular TTPs and risks. Coordination around information recon is common. Threat actors can now purchase increasingly complex phishing-as-a-service software kits and if defenders are familiar with them, they can better educate users and put the right controls in place.

dir=”ltr”>Although malicious insiders cause fewer breaches than simple human error, the darknet is an established hub for criminal collectives to recruit employees with network credentials for a sophisticated attack. Dark Reading tracked nearly twice as many references to insider recruitment on darknet forums in 2016 as in 2015.

7. Trade Secrets and Sensitive Asset Discussions

Trade secrets and competitive intelligence are another lucrative aspect of threat actor commerce that can signal risks to researchers. In one recent incident reported by CNBC in July 2018, a likely Russian cybercriminal sold access to a law firm’s network and sensitive assets for $3,500. Having had that information ahead of time could have saved the victim time, money, and reputational damage.

What Are the Challenges to Deriving Value From Dark Sources?

While there is clear strategic and tactical value to darknet threat intelligence, significant challenges can arise on the road to deep web threat hunting and data-mining. For instance, it’s not ideal to equip security operations center (SOC) analysts with a Tor browser. The potential volume of false positives based on the sheer size of the hidden web necessitates a more effective approach.

“The dark web is fragmented and multi-layered,” McMillen said.

When researchers discover a credible source, it generally requires hours to vet intelligence and perform a complete analysis. Darknet commerce has also grown increasingly mercurial and decentralized as law enforcement tracks criminal TTPs as they emerge. Security leaders who can overcome these barriers have the potential to significantly improve security strategy in response to emerging threat trends and risk factors.

The 2018 Artificial Intelligence (AI) in Cyber-Security Study from the Ponemon Institute, sponsored by IBM Security, discovered that artificial intelligence (AI ) could provide deeper security and increased productivity at lower costs. Sixty-nine percent of respondents stated that the most significant benefit of AI was the ability to increase speed in analyzing threats.

As leaders consider how to deepen adoption of dark threat intelligence, it’s valuable to understand that not all intelligence sources can adequately capture the full scope of threat actor exchange on this vast, fast-morphing plane. Relying on stagnant, outdated or fully automated technologies may fail to mitigate important risks. The best mode of protection is one which combines the intelligence of skilled human researchers and AI to turn raw data into actionable intelligence effectively.

Categorized in Deep Web

Source: This article was Published techrepublic.com By Alison DeNisco Rayome - Contributed by Member:James Gill

Worried about cybersecurity? Here are 10 activities that take place on the Dark Web that organizations should watch out for.

In the wake of seemingly constant high profile breaches, organizations are taking precautions to protect against cyber attacks, including raising security budgets and educating employees. However, the cost of a breach can be enough to significantly harm a company's finances and reputation: The average total cost of a data breach is $3.86 million, according to a recent Ponemon Institute report.

The ongoing risk of attack has led some organizations to seek new ways to proactively monitor the Dark Web for lost or stolen data, according to a Wednesday report from Terbium Labs.

1. Doxing of a company VIP

Dark Web and clear websites like Pastebin are a dumping ground for personal, financial, and technical information with malicious intent, the report said. There is often a motivation behind these posts, such as political beliefs, hacktivism, vigilantism, or vandalism. For example, the executive of a wealth management firm was included in a large-scale dox as the result of their political contributions, the report noted.

2. Full PANs, BINs, and payment cards for sale

The economy for payment cards on the Dark Web is strong, with a single card costing between $5 and $20. Sellers update markets with new cards regularly—sometimes even daily, the report said. And business and platinum cards will net criminals a higher price than average cards.

3. Guides for opening fraudulent accounts

On the Dark Web, you can find guides for sale that contain detailed, step-by-step instructions on how to exploit or defraud an organization, the report said. The guide serves two purposes: Criminals learn how to break into a company's systems and processes, and the company's brand name is promoted to criminals as a result of the listing. For example, when a major US bank changed security policies, criminals updated guides with techniques to get around those changes.

4. Proprietary source code

A leak of source code can allow competing companies to steal intellectual property, and also allow hackers to review the code for potential vulnerabilities to be exploited, according to the report. Leaks of source code from tech giants will make the news, but source code from others is regularly leaked on sites like Github and Pastebin, as developers seek advice and input from others, the report noted.

5. Dump of a database

Third-party breaches can put organizations at risk by revealing employee credentials that can unlock other accounts or provide information for phishing attacks. For example, if criminals can post an internal database, it reveals private contracts or partnerships between organizations and employee locations.

6. Template to impersonate a customer account

The Dark Web is full of account templates that allow hackers to pose as customers of financial institutions, telecommunications companies, and other service providers, the report noted. These templates are then used to solicit loans, open accounts, or as part of a broader scheme for identity theft or fraud.

7. Connections between employees and illicit content

Posts doxing individuals who engage in illegal activities on the Dark Web, such as child exploitation, can draw undue negative attention to their employers or affiliated organizations. For example, one post listed the full contact information for a tech company that accidentally provided tech support to a child exploitation site.

8. W2s and tax-fraud documents

Each year before tax season, there is a rush of Dark Web activity to gather compromised identity information and file fraudulent tax returns before the actual taxpayer can do so, the report said. This tax fraud is enabled by the sale of W2s and other tax fraud-specific documents, which can be tied back to the employers where those documents came from originally.

9. Secure access and specialty passes

While most of the materials on the Dark Web are for generalized personal information, vendors sometimes offer special access materials, ranging from amusement park tickets to military IDs. For example, one Dark Web market offered physical press passes designed to help cybercriminals pass as journalists at events, the report found.

10. Inexpert Dark Web searching

Despite the need to keep tabs on Dark Web activity, security vendors can accidentally expose an organization to harm by searching for information related to the company on the Dark Web. For example, one vendor searched for a CISO's name so many times on a now-defunct Dark Web search engine that the name made it to the front page of the site under "trending," the report noted.

Categorized in Deep Web

Cybersecurity Expert. Trusted advisor to board members and stakeholders, to define strategies for managing cybersecurity risks.

The development of the cyber environment is articulated through new digital scenarios -- from the technological development of smartphone apps to the Internet of Things, from the sharing economy to social networks -- the circulation of personal data has expanded extensively and rapidly. In particular, I recognize a slow but decisive transition from a material, utilitarian and free sharing typical of the sharing economy, for which self-regulation was sufficient, to today's atmosphere of social sharing. If the services of the sharing economy technologies seemed to put the privacy of users at risk, the new system seems to be even more saturated with issues. In fact, the social sharing of photographs, thoughts, and confidential information risks endangering the privacy of internet users and, considering that much of this personal data is also transported overseas where the discipline and the protection provided is profoundly different, the question becomes extremely complex.

This shift is characterized by the diffusion and horizontal expansion of increasingly sophisticated and integrated social engineering methods and techniques, and through the release and sharing of technologically persuasive applications. These scenarios are found in the profile of cyber attacks and are significant characterizations in terms of behavioral matrixes and operational creativity.

Inevitably, the concepts of knowledge and information management have been redefined and are now almost completely digitalized, with significant relapses in terms of security. In today's cyber scenario, a new multidimensional concept of security has emerged, deriving from the interpenetration of the paradigms of social change and digital-media convergence -- both understood as multipliers of instances coming in particular from the underground. This underground becomes ever more reticular, competent and cohesive, from a digital point of view, until it's the "cartilage" of the system exoskeleton, not only in infrastructural terms but also in terms of cultural identity.

As a result, open society, right-to-know and digital info sharing become the pillars of contemporary democratic architecture. It is necessary to explore cyberspace in a deep and scientific way -- to understand it as a human space, one which needs to be identified and analyzed dynamically, with scientific rigor, avoiding any reductionist simplicity dictated by the fashions of the moment. The specificities and the socio-cultural differences between activism and hacktivism are also worth examining in the transition process toward fully digital models of politics and diplomacy.

As an example, Bitcoin should not be considered mere virtual currency, but also as an instrument, product, and modality of self-construction. It's an identity-based dissemination of digital exchange communities and an interactive process through which all the subjects involved create information, innovation, and resources.

It is essential to direct operational research into the elaboration and anticipation of scenarios that are no longer futuristic or even too far in the future -- ones in which we imagine the impact and dynamics of the cybercriminals who use distributed denial of service (DDoS) or botnet attacks. These attacks might be a self-legitimized form of cyber-protest or a revisitation, in a cyber environment, of protest sit-ins that animated most of the 20th century and which often caused paralysis not only of viability but also of the vital functions of important institutions.

The unknown journey that leads humanity toward post-globalization is strongly marked by some pieces of evidence including the conflicts arising from the frictions between the development of the metropolitan institutional environment and the organizational dynamics of transnational digital communities and the advent of new sexual-digital identities.

We are witnessing the progressive emergence of organized and globalized criminals, above all at the level of the media. These criminals are born from the necessity of evolution through the web, pre-existing local and internationalized structures, and by long processes of criminal hybridization. This hybridization has connected them through the web. This evolution requires a resetting of operational missions based on full integration between social sciences and computational technologies in order to uncover qualitative and quantitative strategies that can be used to attain a deep understanding of the organized and now digitized criminal complex.

The triangulation of big data, web intelligence, and information assurance turns out to be the key to managing the complexity and the centrality of information, which is now the regulating essence of every aspect of life. Today, it's important to focus not just on the internet of things but also on the sometimes obscure internet of thoughts, which requires equal amounts of analytical attention. This emphasizes that today cyber can no longer be considered an object external to mankind, and should instead be seen as pervasively connected to it. Therefore, in firmly considering cybersecurity as a dynamic process and not a static product, it is evident that it is not possible to guarantee the security of the globalized citizen in relation to the relationship between freedom and democracy, without using appropriate conceptual tools to understand and manage the complexity that turns out to be unquestionably human, cultural and social.

Source: This article was published on forbes.com By John Giordani

Categorized in Internet of Things

As a follow up to our recent article on how to spot and stop phishing attempts, we’re now going to focus on the difficulty of recognising phishing and email spoofing attempts on mobile devices and how to overcome this.

img src="https://www.beaming.co.uk/wp-content/uploads/SamPhone1-370x312.png" alt="Email spoofing: Mobile spoof email can be hard to detect" width="432" height="364" srcset="https://www.beaming.co.uk/wp-content/uploads/SamPhone1-370x312.png 370w, /

Beware the email address

Sometimes a spoof email seems to be from someone famous or well known, to attract the attention of the recipient.  Otherwise, it may be a trusted brand name. More sophisticated scams will appear to be from someone the user knows, usually through work. Email spoofing addresses tend to be a mixture of letters, numbers and meaningless words. Depending on the type of device and app you are using, this may be more difficult to spot on a mobile device as they often just display the sender’s “Friendly name” and the email address itself is more difficult to find.

To display the sender’s email address you’ll need to open the email. At the top, underneath the “From” and “To” lines, you should find a link entitled “Details” or “View detail.

img src="https://www.beaming.co.uk/wp-content/uploads/Samphone2.png" alt="Email spoofing: How to view a sender's email address on mobile" width="236" height="430" srcset="https://www.beaming.co.uk/wp-content/uploads/Samphone2.png 236w, /
Once clicked, this will expand the “From” and “To” details so that you may view the email address of the sender and details as to when the message was received.

Watch what they ask for and how they ask for it

Spoof emails will be asking for something from you, this may include money, passwords or sensitive information. Legitimate banks or companies will never ask for personal credentials over email so don’t give them up.  High-end brands are extremely cautious with their spelling, punctuation, and grammar so if an email has many spelling mistakes, it’s likely that the email is trying to spoof you.

 Treat all links as suspicious

 Malware and ransomware can be spread when victims unwittingly click on an untoward download link. Phishers will also send links that take the user to a convincing looking corporate website where they are encouraged to enter personal information such as credit card details.

If you’re on a PC, you can use your mouse to hover over any link in an email to view the destination web address. As with the email address, if the destination web address is a random mixture of numbers and letters, be wary of it. Likewise, if the website address is mis-spelled this is a red-flag that can be easily missed eg http://www.micorsoft.com. On a mobile device, you won’t have a mouse, but you can still check the link by holding your finger down on it. Unlike a short tap, which would open the link, holding your finger on it will cause a new dialogue window to pop up, showing you what the destination web address is but without actually following the link.

As is always our advice, if you are in any doubt, check! Don’t put your personal details or business in jeopardy. By making sure that everyone is aware of tactics used in email spoofing and know how to verify the original source of an email, you can save wasted time, effort and resources in the future.

Source: This article was published beaming.co.uk By Beaming Support

Categorized in Internet Privacy

Cybersecurity can cause organizational migraines. In 2016, breaches cost businesses nearly $4 billion and exposed an average of 24,000 records per incident. In 2017, the number of breaches is anticipated to rise by 36%. The constant drumbeat of threats and attacks is becoming so mainstream that businesses are expected to invest more than $93 billion in cyber defenses by 2018. Even Congress is acting more quickly to pass laws that will — hopefully — improve the situation.

Despite increased spending and innovation in the cybersecurity market, there is every indication that the situation will only worsen. The number of unmanaged devices being introduced onto networks daily is increasing by orders of magnitude, with Gartner predicting there will be 20 billion in use by 2020. Traditional security solutions will not be effective in addressing these devices or in protecting them from hackers, which should be a red flag, as attacks on IoT devices were up 280% in the first part of 2017. In fact, Gartner anticipates a third of all attacks will target shadow IT and IoT by 2020.

This new threat landscape is changing the security game. Executives who are preparing to handle future cybersecurity challenges with the same mindset and tools that they’ve been using all along are setting themselves up for continued failure.

The False Panacea of Security Training

There is much debate over the effectiveness of security and awareness training, centered on competing beliefs that humans can either be the most effective or weakest links in security chains. It can’t be denied, however, that in the age of increased social-engineering attacks and unmanaged device usage, reliance on a human-based strategy is questionable at best. This assertion is further substantiated when you consider recent reports put out by security providers like PhishMe showing that 80% of employees who’ve completed training are still susceptible to being phished.

It only took one click on a link that led to the download of malware strains like WannaCry and Petya to set off cascading, global cybersecurity events. This alone should be taken as absolute proof that humans will always represent the soft underbelly of corporate defenses.

Connectivity First, Security Second

Today, connected devices are being used by employees to drive bottom-line activity. Their utility and convenience are giving IoT devices a foothold in the enterprise — in corporate offices, hospitals, power plants, manufacturing facilities and more. We recently found that 82 percent of our enterprise customers have Amazon Echos in use, which are almost always in an executive’s office. These devices, designed to listen and transmit information, may lead to increased productivity, but they also introduce unquantifiable risks. Our own research recently demonstrated that the Amazon Echo is susceptible to airborne attacks. Amazon has patched the vulnerabilities, but this finding demonstrates how easily a compromised device can lead to the leak of confidential information.

Connected devices are proliferating at a rate IT departments and security teams can’t keep up with. They are manufactured with little oversight or regulatory control, and are all Wi-Fi- and Bluetooth-enabled; designed to connect immediately. They are introduced into corporate environments by individual users who have no real security knowledge or expertise, which is a risk. Users may have productivity goals in mind, but there is simply no way you can rely on employees to use them within acceptable security guidelines. IoT training and awareness programs certainly will not do anything to help, so what’s the answer?

Reframing the Human-Security Relationship

It is time to relieve your people (employees, partners, customers, etc.) of the cybersecurity burden. It may be prudent, and required, for you to continue with awareness programs, but you will have to rely more on intelligent technologies and automation if you hope to have any chance at success.

Removing the human risk means repositioning the way you think of the relationship between employees, connected devices, and overall corporate cyber defenses. You must accept that IoT and other security issues aren’t user interaction problems; they’re device and system interaction problems. The highly connected nature of IoT devices means that they’re constantly in communication, capable of spreading malware, and capable of leaping from system to system with no human interaction — all beyond the reach of current security solutions. Security threats are stacking up against your people at work: employees are still falling victim to automated phishing emails and organizations with ample security analysts simply can’t manage the volume of vulnerabilities present in new connected devices and software. And, new IoT attack vectors like BlueBorne and KRACK that work around humans to infect devices and networks are popping up faster than they can be addressed.

An Intelligent Cybersecurity System

To manage security today, your systems must be intelligent and able to work without human supervision, knowing when and how to take proactive or defensive action.

When it comes to connected devices, the massive numbers that will be in use in businesses make it impossible for people on their own, or for understaffed IT and security teams, to manually identify and stop risky activity. To identify devices and behavior patterns that represent a threat, your IoT security system must be intelligent enough to spot all connected devices and the vulnerabilities they introduce, approve and deny access to networks, and learn from constantly evolving conditions to become more effective over time.

Intelligent products learn patterns of what secure and insecure activity looks like on connected devices — something impossible to tell just by looking at a phone, speaker, or web camera. I’ve seen compromised tablets streaming video from a boardroom to an undisclosed location. The tablet showed no signs of compromise and this activity was not recognized by the traditional security solutions in place. Only by identifying its behavior and traffic patterns were we able to see the risk. An intelligent system would be able to identify such suspicious traffic behavior immediately.

Lastly, an intelligent system can take action. Once the system has learned how to identify suspicious behavior, it can immediately stop a device from being used for malicious purposes. For example, it could shut down a botnet attack entirely, preventing it from connecting to other devices, or limiting the damage it can do. Being able to control a connected device is the difference between one device being infected and your entire network getting taken over.

The same is true for security technologies designed to defend against other threats. Anti-phishing technologies that can’t identify and block attacks on their own are basically disasters waiting to happen. Manual patching processes are also of little value.

The New Reality

Attacks are coming at businesses from all angles and through all channels, with IoT creating a significantly larger attack surface. Executives are accountable for the performance, or rather, the lack of performance of the security, and businesses will face a range of consequences, from brand damage to recovery costs and loss of customers in the face of breaches. The stakes are higher than ever to secure your systems and networks — and the new IoT reality complicates matters further. Solutions we’ve relied upon in the past, such as training employees, will not mitigate the massive security challenge companies are facing. The scope of IoT is far too complex for traditional security teams to manage with legacy solutions. It’s time to remove people from the discussion and move towards a more intelligent, secure future.

Source: This article was published hbr.org By Yevgeny Dibrov

Categorized in Internet Privacy

News flashes and sound bites are constantly calling our attention to the latest hacks or threats to our cybersecurity that seem to be filling our social media news feeds and television reporting circuits. While there are plenty of bad actors out there hell bent on doing us harm, symbiotically living in the digital ethers and layers that make up the vast web, there are companies and organizations working in the background to protect and remediate any potential disasters.

Some of these online threats pose significant harm to our lives, our businesses and our finances. Some of them are easy to detect, while others have become increasingly challenging and more sophisticated over the years. They sometimes involve massive bot-nets of millions of devices all acting in concert with one another, and sometimes they're far more individualistic in nature, with specific high-value targets that involve social engineering and location tracking to ensure that their cryptic intentions are fulfilled.

If you've ever been the victim of a phishing scam online or you've ever had someone hijack your profile or social engineer you or your employees to gain access to critical corporate information and infrastructure, or to steal any amount of money from you through methods such as Instagram money-flipping, then you know just how painful this process is. Oftentimes, we search for ways to exact our revenge, usually falling flat on its face due to the anonymity of the World Wide Web.

So, how do you go about protecting yourself from these online threats and cyber criminals who are determined to extra money and valuable information from you?

Clearly, there is no full-proof method to protect yourself. As technology evolves, so do our methods for combating these online threats. However, that doesn't mean that the threats stop. They also evolve. They get smarter, more efficient and more scalable as the near-limitless reach of the web gives them unfettered access to potential billions of dollars in crimes against unassuming individuals and businesses from across the planet.

What Are The Top Online Threats In Cyberspace? 

While there are numerous threats that exist at every turn on the internet, there are 10 very significant threats that pose malicious harm to us. Understanding what these threats are that exist on the web and learning how to combat them is integral to conducting any semblance of business or personal activity these days. Falling for these is painful to say the least, but even more so when you didn't even see it coming from miles away.

One of the biggest and most challenging uphill battles here when it comes to online threats to our security is actually determining whether or not a visitor is human. Bots that crawl the web, or that are designed to somehow infiltrate systems and drop malware generally don't behave like humans. However, this isn't always something that's straightforward. How companies go about detecting automated software and threats in cyberspace has a lot to do with their potential to fall victim to these scams.

Not only is it important to institute a good set of habits when it comes to dealing with online threats like this, but it's also important to stay in-the-know. The more informed you are, the better off you and your employees will be. It's important to note that whatever you do, threats are always evolving. Locate reputable companies that you can work with to help alleviate some of the stress that failure might cause in this arena.

#1 -- Ransomware

One of the biggest ongoing concerns and threats to our digital existences has been the proliferation and exponential rise of ransomware. You know, the type of thing that locks you out of your computer with an impending countdown that signals the digital death of your entire virtual existence. As it counts down, threatening to encrypt every last shred of data, you realize the peril that digital criminals can inflict on their unassuming victims.

Your choices? According to Tod Beardsley, Director of Research at Rapid7, a firm dedicated to thwarting these types of attacks through some of their wildly-popular software platforms such as Nexpose and Metasploit, you should never pay the criminals because you don't know the outcome of whether your information will in fact be restored, or simply vanish into thin air.

Redundant backups should be a priority for you. Backup to an external drive somewhere on your network and to the cloud through DropBox or another provider. Rapid7, which oftentimes stress tests other corporations by hacking in an effort to expose security loopholes, working to ensure that networks are safe from potential attacks, knows a thing or two about this. Companies rely on their teams to ensure that they're protected, and they're often the first phone call many make when an attack like this and others do actually happen.

#2 -- Phishing schemes

A large majority of people get caught up in phishing schemes. Phishing schemes are engineered to get you to click on things and oftentimes they seem harmless. Simply click on a link and it will go to some URL. That's it. However, as harmless as they seem, phishing schemes can lead to to a number of major online security breaches if you're not careful. By paying close attention to what you're clicking on, you'll better be able to mitigate these types of attacks.

Once you're ensnared in this type of scheme, it's hard to untangle yourself. There are phishing schemes for bank accounts, email accounts, big e-tailers and other service providers that have massive footprints. The goal? Gain access to the consumer's account to do the most damage. If you think you were the victim of a phishing scheme, and you entered in your username and password somewhere online and things didn't seem right, immediately change all your passwords.

Another important thing to note is that most people use the same (weak) password across a variety of services such as Gmail, Facebook and online banking as one example. Never do that. Always use different passwords and ensure that they're not simple passwords to begin with. If a cybercriminal gains access to one service, you don't want them gaining access to the others. You should also be changing up your passwords every few months or so.

#3 -- Man-in-the-middle (MIIM) attacks

One of the most sophisticated threats that exist online are man-in-the-middle attacks. I've seen these threats firsthand and know just how malicious they can be. Everything seems okay all the way to the final point of entry (even when using 2-factor authentication). This malware sits on your computer and waits until you've entered in all your credentials, then it actually swaps out the server that receives the communication and even communicates back to you.

Throughout all of this, everything seems fine. Nothing seems amiss. That's why it's such a sophisticated online threat. You almost don't know that anything is happening when it actually is happening. You have to be very wary of what you download to your computer and what reputable sources they're coming from. Virus software is not going to help you in most cases here because these threats are always evolving.

Oftentimes, MIIM attacks are a result of phishing schemes that installed latent software on your computer that sits dormant for some time until you begin accessing the proper network or until its recorded the right keystrokes. It then substitutes its own intercepted server right when you submit your credentials to login.

#4 -- Ad fraud

Online ad fraud is far more widespread than anyone could possibly imagine. This is likely one of the biggest cyber-threats that seems to go under the proverbial radar. Few people know that they've been scammed by sophisticated ad fraud systems after it's occurred. Publishers simply see views increasing and most ad platforms don't provide high specifics as far as direct views on every single ad impression or click, leaving most people in the dark.

In a recent conversation with Tamer Hassan, CTO of WhiteOps, a firm deeply entrenched in the fight against automated ad fraud, they've taken this fight to a new level by developing a platform that actively measures 500 to 2000 technical metrics to determine whether the person viewing the ad is in fact a human or a robot. This software analyzes several layers at a time and its the leading platform amidst the largest publishers in the world.

This impressive system developed by Hassan and team runs silently in the background, with no impact on the speed or latency of ad serving or delivery. In fact, most publishers are now building White Ops' software into their contracts, stating that violations in ad clicks and views from bots will result in non-payment of revenues. This human verification on the web is potentially one of the most lucrative types of fraud that so many cybercriminals are working to exploit and companies are working to protect against.

#5 -- Social media schemes 

Instagram (IG) money-flipping schemes and many others social media scams have surfaced in recent years. Considering that IG is one of the most popular social media platforms in the world, it's no wonder that unscrupulous cybercriminals are targeting individuals who are in desperate situations, looking to make a few hundred or a few thousand dollars quickly. These IG money-flipping schemes have become so widespread that the company can only take down 1 money-flipping scam for ever 3 that are being created.

In a recent conversation with Evan Blair, co-founder of ZeroFox, a firm specializing in social media security, he tells me that 70% of companies are using social media for business but that a large majority of those companies are uninformed about potential impersonations of customer service representatives or duplication of accounts and impersonation of profiles, until it's too late. In fact, there's little that many of the most popular platforms like IG can do to safeguard against the windfall of social engineering and phishing that is constantly occurring against companies at any given moment.

However, this isn't just a risk to digital security; cybercriminals are now using IG and other social media sites to physically track and harm well-to-do executives, celebrities and other high-profilers such as athletes and even politicians. Without a good system to thwart such attacks, most businesses and individuals are completely left lost in the dark. That's likely why so many of the world's leading companies and affluent individuals rely on ZeroFox's groundbreaking platform to thwart and mitigate such attacks.

#6 -- Bitcoin scams

Bitcoin scams have been on the rise recently, especially since the cryptocurrency leaves little in the way of traceable information and unlike with the banking sector, the transactions are irreversible. For those particular reasons alone, cybercriminals have been flocking to the Bitcoin platform. In fact, a large part of their criminal activity is dealt with in Bitcoins for a great majority of their malware attacks that include ransomware and other hacking initiatives.

Considering that Bitcoin valuations have been fluctuating and that there is little in the way of current regulations in the marketplace, this will only continue to get worse. Be very wary of paying for things in Bitcoin and in clicking on any URLs that look deceiving. Read the URLs thoroughly enough to ensure that it's not a variation of a popular domain name, something that hackers and cybercriminals tend to do often.

If you feel like you've been the victim of a Bitcoin scam, it's best to contact the FBI or your local law enforcement agency. Bitcoin does have built-in protections such as wallet backups and multi-signatures, but that doesn't mean that scams don't happen. Cybercriminals are getting more sophisticated by the day so be careful and avoid anything that looks suspicious.

#7 -- Social engineering

Social engineering isn't a new threat. In fact, criminals have been using social engineering hacks in person for ages now. However, when it comes to fraud and other crimes occurring online, this threat is certainly on the rise. With the layer of anonymity that the internet affords, it's no wonder that social engineering works so well in this medium. Most aren't that careful about who they interact with or what type of information that they give out or expose online.

It's not inherently difficult for a criminal to Google the web to find information about a person in an effort to social engineer a scam against them. They can discover their occupation on LinkedIn, their family members or children on Facebook, where they are through Instagram or what they're talking about on Twitter. They can then work to infiltrate those profiles and take over a person's entire social media presence, and use that control to take over email accounts and eventually bank accounts and so on.

It's important to be very careful about who you interact with and what information you expose to the general public. Utilize the privacy features on platforms like Facebook or Twitter and be sure not to share too much personal information on platforms like Instagram. If you do, make your profiles private so that not everyone can track your every movement.

#8 -- Targeting employees to compromise corporate networks

Another major online threat involves directly targeting employees to compromise corporate networks. Since some employees act as the gatekeepers into their corporate networks, there's no surprise that this is on the rise. For example, a large part of the wire fraud that occurs happens because cybercriminals successfully target the right employees to compromise the company's corporate network, allowing them almost unfettered access and approval to steal millions of dollars with ease.

Vulnerable employees also act as a gateway into a corporation's email servers, files and databases, where these cybercriminals can do massive amounts of damage. Employees need to be very careful on social media networks about who they interact with or through what phishing schemes that they click on and unknowingly provide credentials to. ZeroFox's game-changing software helps to alleviate a large part of this worry for most large companies, but not everyone is proactive enough to engage in their services.

Without using a company like ZeroFox, most corporations have no idea about what threats exist out there to their employees or their networks, and it really is one of the most revolutionary platforms that exists out there. Either way you cut it, employee education is a must here to ensure any potential attacks are thwarted before they even begin.

#9 -- Tracking movements for physical targeting

One massive online threat that exists, which can also help put your physical safety into peril, is the tracking of movements through social media and other channels. For consumers, this is an enormous risk, especially for those individuals that aptly portray a lavish lifestyle, traveling around the world. When cybercriminals know that you aren't home, it's simple for them to break into your home and steal your belongings.

You don't need to be uber-wealthy in order to be targeted. Criminals will target all types of individuals through social media channels, able to see when they're home and when they aren't. If you go on vacation, be careful of what information you're sharing and whether or not your profile is public or private. If you don't have home security systems installed and don't want to be a victim of a crime, be very wary about what you share.

Much of this remains common sense, but our physical security can also be put at risk if criminals know where we're going and learn what our routines and schedules might be. They can use that information to do all sorts of bad things to us, virtually and physically, so be very careful.

#10 -- Customer service interception

One of the gatekeepers to any company are their customer service representatives. They are one of the most proliferous category of employees who are interfacing with the clients on a daily basis. However, as skilled as they might be at their jobs, they are often unaware of the online threats that most cybercriminals pose when interacting through a number of mediums. In fact, cybercriminals are known to replicate profiles and post throughout social media to draw attention to unassuming individuals.

They do this in an effort to gain access to accounts, alter the awareness of the general public and to funnel or filter payments and other inquiries that might otherwise alert companies to something that's amiss. This is an enormous threat to businesses, and those without a system like ZeroFox or something similar, will most likely be unaware until the very last moment that a crime actually occurs.

Not only is this bad financially speaking, but it's also bad for a company's reputation. When a customer is angry, they often don't care whether they were speaking to an imposter or the actual company's representative themselves. At that point, it's usually too late to put out the fire. If you're a business and you're serious about your company's online security through social media channels, it's important to invest in a platform to help you mitigate such attacks.

 Source: This article was published forbes.com By R.L.Adams,

Categorized in Internet Privacy

Hospitals across the world were forced to pay out $121m (£94m) in 2016 as hackers have started targeting healthcare institutions in ransom attacks.

The figure, revealed by computer security specialist McAfee in a report, shows how cybercriminals are viewing hospitals as one of the most lucrative avenues for generating an income in today's technological environment.

Hackers reportedly view hospitals as a "soft target" because their reluctance to update IT infrastructure makes them vulnerable to attack, while the necessity of saving patients' lives makes them more likely to pay.

Commenting on the £94m figure, Roland Moore-Colyer of IT publication Silicon said: "More organisations like hospitals are being targeted as they are seen by hackers to have legacy IT systems that cannot effectively defend against ransomware attacks.

"As these organisations have not historically been targets of ransomware, they have not had the impetus to have robust cyber security, which now means they are 'soft targets' for hackers and cyber criminals.

"With the need for rapid access to information, hospitals in particular are more likely to pay the hackers to release them from the ransomware, making healthcare organisations a lucrative target."

It comes as the NHS became the biggest victim of a global ransomware attack in which as many as 45 hospitals across England and Scotland were compromised.

Hospital staff were frozen out of their computers and could only regain access if they paid a ransom of $300 worth of Bitcoin. According to images of affected computers, staff have been told that the payment amount will rise on Monday (15 May) and, if payment is not received, all data will be lost by Friday (19 May).

gigi

Prime Minister Theresa May has stressed that the NHS was not directly targeted in this attack, but has instead been swept up in an international effort.

However, it has been revealed that the NHS was more likely to fall prey to such an attempt as up to 90% of hospitals still use Windows XP – an obsolete 16-year-old operating system that is no longer supported by Microsoft.

Labour leader Jeremy Corbyn has questioned why NHS IT systems were not replaced in 2014, when Microsoft officially ended support for XP.

Source: This article was published ibtimes.co.uk By Tareq Haddad

Categorized in News & Politics
Page 1 of 2

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Newsletter Subscription

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media

Book Your Seat for Webinar GET FREE REGISTRATION FOR MEMBERS ONLY      Register Now