Tag Archive for: cybersecurity

Sullivan County uses NYSSOC to combat cybersecurity threats

/in


Cybersecurity threats are a worldwide issue.

New York state is working to combat this with its New York State Security Operations Center (NYSSOC).

What You Need To Know

  • Sullivan County is the first county to start utilizing the NYSSOC

  • The NYSSOC facility is based in Brooklyn and dedicated to detecting and responding to real-time threats 24/7

  • Tompkins County will be the next to launch it, and 45 counties have shown interest in subscribing to NYSSOC

Sullivan County is the first county to start utilizing the NYSSOC.

It allows the state to monitor for cyber threats with a goals of preventing them and improving responses to incidents.

“The county, as well as the state, as well as the nation, are under attack constantly from foreign adversaries just looking to wreak havoc on the infrastructure and environment that we work in and with. So, it’s important for us to know what’s happening quickly, to be able to respond quickly, and to mitigate those risks as quickly as possible,” said Commissioner of Information Technology Services and CIO for Sullivan County Lorne Green.

The NYSSOC facility is based in Brooklyn and is dedicated to detecting and responding to real-time threats 24/7.

“Anything that they see that, you know, red flags, anything, even some minor occurrences that go through, they will alert us. And then, we can take action on those to either let them know that this is a low priority, high priority, medium, and then, whatever that comes through as, we can take action,” said Deputy CIO for Sullivan County Dan Smith.

Officials said Sullivan County went live with NYSSOC in late March. It was selected due to relationships with New York State Homeland Security and the State’s Center for Internet Security.

Officials collected log data from security appliances and servers to feed to NYSSOC to get the project rolling.

“They then parch that data and put it into their recording solution for analysis and further determination as to whether or not there are any incidents that need to be addressed,” Green said.

One of the major aspects of this effort is ensuring threats are being tracked even when local information technology services staff members are not…

Source…

I’m a cyber-security expert – this is how I live to avoid getting hacked

/in


Jake Moore could hack into your WhatsApp account in just a few clicks. He isn’t a scammer, but he knows how they operate. He has been a cybercrime expert for 13 years and, as the former Police Head of Digital Forensics, he has seen most of the tricks. These days though, the tricks are becoming increasingly advanced.

According to data from the accounting firm BDO, the amount of online fraud committed in the UK more than doubled in 2023, costing £2.3 billion. UK Finance reported that romance scams and ID theft are among the fastest-growing categories with a total of 1.4m cases recorded.

William Wragg, a senior Conservative MP, recently fell victim to a targeted online scam. He admitted to handing over the personal phone numbers of colleagues, after being blackmailed by someone on the dating app Grindr.

Moore advises companies on how to avoid these sorts of ever-changing security risks. It starts with simple, daily habits. “I find it interesting that the more I talk to people about basic cybersecurity, the more I realise that people either don’t know about it, or they just put it off,” says Moore. “It’s like doing your insurance. It is a bit boring.”

But by putting off these easy, everyday steps, phone users are at increasing risk of alarmingly complex scams, from fake calls by AI voice software to webcam hacking. The secret to safety is consistency: “It’s all about that balance between security and convenience.”

Here, Moore shares what he does regularly to make sure his personal life is safe from fraud, and online blackmail.

I never send texts

Moore would never send an SMS text; not even an iMessage. These are too vulnerable to hacking, as they can be intercepted by third-party software. “WhatsApp offers end-to-end encryption, which is an absolute must. It means that the communication cannot be intercepted by anyone, even Meta, which owns WhatsApp,” he says.

Read Next

I tried the Danish art of doing nothing and realised how much of life passes me by

If a hacker can type into your texts, they can steal personal information needed to commit fraud.

“Going one step further. You can use platforms such as Signal. Everyone that I speak to in cybersecurity will use Signal for messaging as it is extremely privacy-focused,” says Moore. Both…

Source…

What is Volt Typhoon? A cybersecurity expert explains the Chinese hackers targeting US critical infrastructure

/in


Volt Typhoon is a Chinese state-sponsored hacker group. The United States government and its primary global intelligence partners, known as the Five Eyes, issued a warning on March 19, 2024, about the group’s activity targeting critical infrastructure.

The warning echoes analyses by the cybersecurity community about Chinese state-sponsored hacking in recent years. As with many cyberattacks and attackers, Volt Typhoon has many aliases and also is known as Vanguard Panda, Bronze Silhouette, Dev-0391, UNC3236, Voltzite and Insidious Taurus. Following these latest warnings, China again denied that it engages in offensive cyberespionage.

Volt Typhoon has compromised thousands of devices around the world since it was publicly identified by security analysts at Microsoft in May 2023. However, some analysts in both the government and cybersecurity community believe the group has been targeting infrastructure since mid-2021, and possibly much longer.

Volt Typhoon uses malicious software that penetrates internet-connected systems by exploiting vulnerabilities such as weak administrator passwords, factory default logins and devices that haven’t been updated regularly. The hackers have targeted communications, energy, transportation, water and wastewater systems in the U.S. and its territories, such as Guam.

In many ways, Volt Typhoon functions similarly to traditional botnet operators that have plagued the internet for decades. It takes control of vulnerable internet devices such as routers and security cameras to hide and establish a beachhead in advance of using that system to launch future attacks.

Operating this way makes it difficult for cybersecurity defenders to accurately identify the source of an attack. Worse, defenders could accidentally retaliate against a third party who is unaware that they are caught up in Volt Typhoon’s botnet.

Why Volt Typhoon matters

Disrupting critical infrastructure has the potential to cause economic harm around the world. Volt Typhoon’s operation also poses a threat to the U.S. military by potentially disrupting power and water to military facilities and critical supply chains.

FBI Director…

Source…

Cybersecurity Threats in Global Satellite Internet

/in


By Gizem Yılmaz, Master Expert Data Analyst, Turkcell Technology

Internet via satellite was first used for military purposes in the 1960s and became available for wide-scale commercial use in the 1990s. Current satellite internet systems typically use low-orbit satellites and provide data transmission at low speeds due to limited bandwidth. Starlink, on the other hand, is a project developed by Elon Musk’s SpaceX company and aims to provide a faster, more reliable and more comprehensive internet experience with low latency and high bandwidth through a high number of low orbit satellites.

The surge in satellite internet usage has opened up a new frontier for cybersecurity threats, ranging from sophisticated hacking attempts to disruptive denial-of-service attacks.

[1] Last year, a security researcher at KU Leuven, Lennert Wouters, unveiled potential vulnerabilities in Starlink satellites, revealing that hackers could exploit hardware weaknesses in ground-based terminals. At the Blackhat Security Conference, Wouters demonstrated the feasibility of a low-cost mod chip, priced at around $25, to execute a “fault injection attack,” bypassing Starlink’s security measures and gaining unauthorized access to its systems. Recently, the Ukrainian Security Service (SBU) issued a warning about a new malware, “Malware 4. STL,” which utilizes a person’s mobile device to remotely gather data on Starlink systems, representing a distinctive threat compared to previous concerns about direct hacking or system disruption.

Hacking Satellites: Vulnerabilities and Risks:

As satellites play a pivotal role in global communication, they become attractive targets for malicious actors seeking to compromise sensitive data or gain unauthorized access. The vulnerabilities in satellite systems can manifest in various ways, from exploiting software vulnerabilities in ground control systems to physically tampering with the satellite hardware. Potential risks associated with satellite hacking include unauthorized access to sensitive data, manipulation of satellite functions, and disruption of communication services. Attackers may exploit vulnerabilities in satellite systems, ranging from software…

Source…