Tag Archive for: Businesses

UK Businesses Urged to Fortify Against Global Cyber Threats


In the shadow of Russia’s invasion of Ukraine, an unprecedented cyber conflict unfolds, sending ripples across the globe and awakening businesses to the stark realities of digital warfare. The National Cyber Security Centre (NCSC), a beacon of guidance in these turbulent times, has stepped forward with critical advice for UK enterprises. Amidst a landscape where cyber-attacks on Ukraine bear international consequences, the NCSC’s counsel serves as both a shield and a strategy, urging businesses to bolster their cyber defenses.

Empowering Businesses Against Invisible Threats

The digital realm, often invisible yet omnipresent, harbors threats that can cripple the unprepared. Recognizing this, the NCSC’s guidance is a clarion call to action for business owners. The advisory emphasizes fundamental cyber security measures such as ensuring software and devices are consistently updated, tightening access controls, and maintaining robust anti-virus and firewall defenses. Moreover, the importance of logging and monitoring systems, reviewing backup processes, and having an up-to-date incident response plan cannot be overstated. In a move to preempt potential cyber onslaughts, the NCSC also advises on the meticulous management of external internet footprints and establishing phishing response processes.

Building a Resilient Digital Ecosystem

Amid the digital cacophony, the recommendation to engage in threat information sharing and educating the organization about cyber threats is a step towards cultivating a culture of cyber resilience. The NCSC’s guidance is not just about defense but about fostering an environment where every member is aware and vigilant. Armstrong Watson’s initiative to host a free webinar further underscores the importance of equipping businesses with the knowledge to protect against cyber threats. This collaborative approach towards cyber security underscores the significance of unity in the face of digital adversaries.

Global Cyber Warfare’s Local Impact

The global cyber conflict, with its epicenter in Ukraine, serves as a stark reminder of the interconnectedness of our digital world. As historical patterns…

Source…

Trickbot malware scumbag gets five years for infecting hospitals, businesses • The Register


A former Trickbot developer has been sent down for five years and four months for his role in infecting American hospitals and businesses with ransomware and other malware, costing victims tens of millions of dollars in losses.

Vladimir Dunaev, of Amur Oblast in Russia, was sentenced in the US yesterday after pleading guilty on November 30 to two counts: conspiracy to commit computer fraud, and conspiracy to commit wire fraud.

Between June 2016 and June 2021, Dunaev worked as a developer for the criminal gang, providing “specialized services and technical abilities,” according to his plea agreement [PDF].

These special skills included recruiting other coders, buying and managing servers used to deploy and operate the Windows nasty Trickbot, encrypting the malware to avoid detection by security software, spamming and phishing potential victims, and then laundering stolen funds. He also added support for stealing information out of victims’ browsers, such as their online account credentials.

“For instance, Dunaev developed browser modifications for several widely used open-source browsers, such as FireFox and Chrome, using open-source codebases for each browser called FireFox Nightly and Chromium,” the court documents say. “These modifications facilitated and enhanced the remote access obtained by Trickbot by allowing actors to steal passwords, credentials, and other stored information.”

Dunaev also confessed to writing code used to steal secrets from infected computers. Between October 2018 and February 2021 alone, the crew defrauded victims out of more than $3.4 million, the court documents claim.  

According to the UK National Crime Agency, the gang has extorted at least $180 million (£145 million) from people and organizations worldwide.

In 2021, Dunaev was extradited to America from South Korea. The original indictment charged Dunaev and six others for their alleged roles in developing, deploying, managing and profiting from Trickbot.

In June, one of the six suspects — Trickbot malware admin Alla Witte — pleaded guilty to conspiracy to commit computer fraud and was sentenced to two years and eight months in prison.

Trickbot, which started as a banking…

Source…

Nigerian Businesses Face Growing Ransomware-as-a-Service Trade


Ransomware-as-a-service looks set to fuel an increase in cyberattacks in Nigeria in the coming year, even as operational disruptions and recovery efforts already cost billions of Nigerian naira, or millions of US dollars, in 2023.

The National Cyber Threat Forecast 2024 from the Cyber Security Experts of Nigeria (CSEAN), a nonprofit championing cybersecurity awareness in Nigeria, reports that ransomware groups and other malware variants — such as ALPHV, 0XXX Virus, DJVU, and the Cobalt Strike exploit toolkit — affected big swathes of both public- and private-sector organizations in the African country in 2023.

For example, one “notable regulatory agency” fell victim to the Mallox ransomware, “exploiting a Microsoft vulnerability in their public-facing digital systems,” the study noted, although there was no detail on which agency it was.

Ransomware-as-a-Service

Ransomware-as-a-service (RaaS) is a business model where ransomware developers sell or lease their variants to other cybercriminals, known as affiliates, who do the grunt work of planting malware by either exploiting software vulnerabilities or phishing.

RaaS allows would-be cybercriminals to launch sophisticated cyberattacks, according to the report. “Factors like the use of outdated or unpatched software and systems, reliance on cracked software, insufficient proactive monitoring, and unaddressed security vulnerabilities contributed to the success of these attacks,” CSEAN noted. “The accessibility of ransomware-as-a-service and the success of previous campaigns suggest a persistent and growing threat.”

Potential mitigations in the face of an increased threat of ransomware attacks include prompt patching, avoiding unauthorized software and rolling out stronger monitoring practices through intrusion detection systems.

“Adopting these proactive cybersecurity measures is essential to lessen the anticipated impact of the expected surge in ransomware attacks,” according to CSEAN.

CSEAN is not the first cybersecurity organization to report that Nigeria has become a hub of ransomware attacks. During the first half of 2023, Nigeria saw a 7% increase in ransomware attack attempts on individual and corporate users compared with the…

Source…

Strategies for Businesses in the Phase of Growing Cyber Extortion Threats


In the rapidlyadvancing digital age, businesses find themselves in an ongoing struggle against an invisible adversary called ransomware attacks. As cyber threats become more sophisticated and frequent, organizations are under increasing pressure to fortify their defenses and develop robust strategies to counter the growing menace of cyber extortion.

Ransomware, malicious software designed to block access to a computer system or files until a ransom is paid, has evolved into a pervasive and lucrative method for cybercriminals to exploit vulnerabilities in organizational networks. The consequences of falling victim to such attacks go beyond financial losses, encompassing severe operational disruptions, reputational damage, and compromised sensitive data. In fact, human error stands out as a primary entry point for ransomware attacks.

Therefore, in order to mitigate the risk, organizations are investing in comprehensive cybersecurity awareness training for employees. They are educating staff about the dangers of phishing emails and suspicious links, as well as the importance of robust password practices to reduce the risk of falling victim to ransomware.

Mr. Pallav Agarwal, Founder and CEO, HTS Solutions Pvt. Ltd., believes that ransomware resilience has become a significant concern as businesses navigate an era marked by escalating cyber threats. The growing sophistication of cybercriminals demands a proactive approach to safeguarding sensitive data and critical systems. As a result, in order to combat the menace of ransomware, businesses must adopt multi-faceted strategies. This is where updating and patching software, operating systems, and security applications regularly surfaced as significant ways to close the potential entry point for ransomware attackers.

Automated patch management systems streamline this process, ensuring timely updates and a more secure digital infrastructure. Furthermore, putting strong endpoint security in place—including cutting-edge antivirus and anti-malware software—offers a crucial line of defense against constantly changing cyber threats. Having current, safe backups is crucial in case of a ransomware attack. Thus, by regularly backing up important…

Source…