Cyber Security Insights
Bryan Altimas
Cyber Security Consultant | Your Cyber Security Partner | Cyber Security | Data Protection | Governance, Risk & Compliance | Mission = Securing your data, securing your future
Where has 2023 gone? The November edition of Cyber Security Insights newsletter already! This month we look at:
Digital Trust
The recent 23andMe DNA and genetics service data breach is being attributed to 23andMe's customers using compromised passwords to secure their accounts. Compromised passwords are passwords that have been stolen in other breaches and are available on the dark web to be tried against your other accounts.
23andMe's reputation has been questioned over this breach, it may cause current and possible future customers to question does the company keep our data secure? Digital trust is not about compliance, it is wider than compliance.
We look at my professional body, ISACA's State of Digital Trust Report 2023 and what digital trust is. Every interaction with a company is unique. It may involve financial, demographic, personal or product information, but all transactions require that the parties establish and maintain trust with each other.
With UK online shopping revenue at £2.22 billion pounds in June 2023 and with 46% of UK workers hybrid working (OwlLabs State of Hybrid Working 2023) digital first work and digital transactions have become the normal way of conducting business.
Digital trust brings together many of the disciplines already critical to an organization, including regulatory compliance, cyber security, data privacy, communications, information technology, marketing and operations. Alignment should exist between these areas because all have a significant, direct impact on how others perceive the organisation—especially its brand and reputation—and are integral to adding value to the organisation itself and its future digital transformation initiatives.
Digital trust can make or break an organisation. It is fundamental to all enterprises and critical in their ability to innovate, expand and be resilient in a turbulent, highly connected global marketplace.
Digital trust is the confidence in the integrity of the relationships, interactions and transactions among providers and consumers within an associated digital ecosystem. This includes the ability of people, organisations, processes, information and technology to create and maintain a trustworthy digital world.
Individuals and organisations cannot secure themselves as islands they have to trust that each person and organisation secures their own cyber security and data privacy and will not compromise each other's reputation and data.
The State of Cyber Crime (Microsoft Digital Defence Report 2023)
Cybercrime-as-a-service
Cyber criminals operate businesses the same as us and Microsoft, Google and other big tech companies. If you know where to go cybercrime-as-a-service is available as a product. Cybercrime-as-a-service is being used to launch phishing, identity and distributed denial of service (DDOS) attacks at scale.
Simultaneously, they are attempting to bypass multi-factor authorisation and other security measures through user fatigue, such as making multiple and repeated requests for the MFA token saying they are the IT department. Eventually the user gives in and allows access to their account.
Ransomware
Ransomware operators are using what are known as living off the land techniques (the attacker uses legitimate tools within the victim organisation environment to carry out the attack, such as, PowerShell, Windows Management Interface (WMI) or remote execution tools to launch their attack). Security tools often have difficulty identifying whether the traffic is legitimate or malicious.
领英推荐
80-90% of successful ransomware attacks originate through unmanaged devices, these are devices that can access the organisation's data but are not managed by IT (think bring your own device for example).
70% of organisations encountering human operated ransomware attacks had less than 500 employees. Human operated attacks are where the threat actor uses their knowledge and insight of the organisation to launch the attack. It probably means the threat actors have been performing reconnaissance having gained access to the organisation through another attack.
Distributed Denial of Service Attacks
Last year marked a significant shift in cybercriminal tactics with threat actors exploiting cloud computing resources, such as virtual machines or discounted Azure subscriptions, to launch DDOS attacks. When hundreds of millions of requests per second originate from tens of thousands of devices form an attack, the cloud is our best defence. As the size of DDoS attacks increases, more and more cloud computing power is needed to absorb the leading wave of the attack until patterns can be identified, spurious traffic diverted, and legitimate traffic preserved.
Password Attacks
The first quarter of 2023 saw a dramatic surge in the number of password attacks against cloud identities. The number increased more than tenfold to 4,000 password attacks per second targeting Microsoft cloud identities this year.
Business Email Compromise
Business Email Compromise (BEC) attacks attempting to gain access to business email systems were 156,000 per day from April 2022 to April 2023. These attacks originate from social engineering attacks or computer intrusion techniques to conduct unauthorised funds transfers to accounts under the threat actors own control.
What is going on at Booking.com
Booking.com customers are reporting phishing emails targeting their payment card details. I first became aware of this scam when Cyber Security keynote speaker Graham Cluley admitted he nearly fell for the scam. If Graham could nearly fall for a scam we all could!
He made a legitimate booking for a hotel on booking.com. 2 weeks later he got an app notification from the "hotel" straight after a legitimate notice from the hotel. Going into the website of booking.com also showed the message from the "hotel". Customers also receive an email from a booking.com email address.
The app and website message and email asks the customer to revalidate their payment card by clicking a link.
Booking.com deny they have been hacked and say it is hotels selling their rooms on booking.com have had business email compromised and the threat actors have gained access to the hotel's booking.com account enabling them to send these fraudulent messages. Do not even trust messages received via an app you have performed a valid transaction on.
Clinical Hypnotherapist - Specialising in helping people with irritable bowel syndrome get their life back.
1 年Great photo Bryan. Very photogenic!