Tag Archive for: Counter

Threats to Smart Home Security and How to Counter Them

/in


Smart home systems are revolutionizing entertainment and convenience. They also contain loads of personal information that make them popular targets for cybercriminals. However, those who understand smart home security threats and the risks associated with them can plan accordingly. Then, these individuals can ensure their smart home devices are properly protected.

5 Smart Home Security Threats You Need to Know About

Research indicates a smart home equipped with multiple internet-connected devices could be exposed to more than 12,000 hacking or unknown scanning attacks weekly. Meanwhile, the global smart home market is growing. As more people purchase smart devices for their houses, expect the number of smart home cyberattacks to increase.

You cannot stop smart home cyberattacks, but you can learn about common smart home security threats and how to stop them. That way, you’ll be well-equipped to keep your smart home system secure.

Now, let’s look at five common smart home security threats and how to counter them.

1. Identity Theft

Cybercriminals can attack a smart device company. If successful, hackers can gain access to personal information from all of the company’s smart device users. From here, they can use this information to steal your identity.

When you set up a smart device, share minimal personal information. If the company that supplies the device is breached, you can limit the risk that hackers can access and use your personal information for malicious activities.

If a smart device company reports a data breach, follow the business’ instructions to respond to the incident. In many instances, a company will offer free credit monitoring services after a data breach.

2. Location Tracking

Smart home devices are designed to protect your personal information. Yet, there can be times when a smart device makes your home easily accessible. In these instances, cybercriminals can spy on you and track your location.

To guard against location tracking, set up a separate network for your smart home devices. This network can help you hide your home address from cybercriminals. You can use the network for all of your smart home devices, regardless of whether…

Source…

Google warns cryptocurrency miners are hacking cloud accounts, suggests ways to counter cyber threat

/in




The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)

© Provided by The Financial Express
The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)

Global search engine giant Google has revealed that hackers are increasingly targeting compromised cloud accounts to mine cryptocurrency. The revelation is part of a new report from Google’s in-house cybersecurity action team.

Google’s cybersecurity team, which spots cyber threats and gives advice on how to tackle them, has come out with a report called “threat horizon” that sheds light on multiple threats currently looming in cyberspace.

As per the report, Russian state hackers have been attempting to dupe users into giving away their passwords on the pretence that they were being targeted by government-backed attackers. In North Korea, hackers have been trying to lure users with fraudulent job offers from big-ticket firms like Samsung.

Crypto miners hacking Google cloud accounts

The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency.

Since “mining” blockchains that underpin cryptocurrencies require a significant amount of computing power and expensive software, 86 per cent of the cloud computing hacks are said to be used to perform cryptocurrency mining.

Democratic countries need to think about creating safe, accountable internet: MoS IT

The cryptocurrency mining software area is downloaded within 22 seconds after the cloud account has been hacked. Cyber-attackers take advantage of vulnerable third-party software and poor customer security to perform the hacks.

Other forms of cyber threat

The Google report says in one instance 12,000 Gmail accounts were targeted by the Russian government-backed hacking group APT28, also known as Fancy Bear, where users were tricked into handing over their user details through email.

Google says the attack was neutralised after all the phishing emails were blocked –’which focused on the UK, the US and India-and no users’ details had been compromised.’

Apple, Google get slapped with EUR 20-Million antitrust fine in Italy over ‘aggressive’ data practices

In another…

Source…

Scrambling to counter a ransomware attack could leave you with egg on your face • The Register

/in


Sponsored When you read about security teams “scrambling” to respond to a ransomware attack, what do you think is the real problem?

Ransomware and other cyberattacks are, sadly, a given. But if you’re always “scrambling” or racing to counter the threat, perhaps you need to radically rethink your approach.

Having a plan to not just detect an attack, but to its impact, and to bring back only those files and data that are affected, means you’ll be far better placed to get your organisation back in business quickly. The alternative, after all, is to weigh up the costs of recovery time against just giving the attackers what they want.

So if you think the former approach makes sense, you should join the second episode of our Ransomware Remediation Masterclass Series, on October 21 at 11am, where the subject is “How to Detect and Analyse Ransomware Threats”.

Your host will be Tim Phillips, a master of defence in his own way. Tim will be joined by Rubrik’s Chris Beckett, who will be taking you step by step through the anatomy of a ransomware attack – and crucially what happens in the aftermath.

So, as well prepping you on how to spot the signs of an attack and how to assess the blast radius, Chris will also drill you on the actions you need to take at each stage to recover quickly.

And he’ll explain how the best defence intelligently leverages machine learning to fortify response tools.

Joining us is easy. Just register here, and we’ll make sure you’re reminded on the day.

We can’t guarantee you’ll be entirely safe from ransomware attacks in the future. But we can promise you’ll be far better informed about how to deal with them when they happen.

This article is sponsored by Rubrik.

Source…

US government taking creative steps to counter cyberthreats :: WRAL.com

/in


By ERIC TUCKER, Associated Press

WASHINGTON — An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for its use, a top national security official said Wednesday.

The department this month announced that it had obtained a warrant from a federal judge in Texas to remove web shells, or malicious code that gives hackers a foothold into networks, from hundreds of vulnerable computers affected by a hack that Microsoft has blamed on a group operating from China.

The FBI operation was designed to disrupt the effects of a hack that affected an untold thousands of servers running the Microsoft Exchange email program. Many victims took steps on their own to safeguard their systems, but for those that who did not, the Justice Department stepped in to do it for them with a judge’s approval.

It was the virtual equivalent of police going around the neighborhood locking doors that criminals had opened remotely.

“We have a decision to make, which is are we going to go ahead and do that action ourselves or are we just going to leave that malware there, sort of unremediated,” said Assistant Attorney General John Demers, speaking at a virtual discussion hosted by the Project of Media & National Security at George Washington University.

He said the operation was one of the very first of its kind and was discussed extensively beforehand by the FBI and the Justice Department. The department is figuring out how it plans to use the tool in the future.

“We don’t yet have sort of worked out what our criteria are going to be going forward,” Demers said. “Now that we’ve had this experience, that’s the kind of discussion we’re having internally now.

“This is not a tool of first resort that we’re going to be using a couple times a week as different intrusions come up,” he added. “This does require working with the private sector on the right solution. It does require testing to be sure that…

Source…