Tag Archive for: Defenses

Comelec setting up defenses vs possible cyber attacks in 2025 polls

/in


Comelec: 2025 polls safe from cyber attacks

MANILA, Philippines — Commission on Elections (Comelec) chairman George Erwin Garcia on Wednesday assured the public that the 2025 midterm elections will be protected and safe from cyber attacks.

This development comes following National Security Council Assistant Director General Jonathan Malaya’s warning of possible foreign interference in next year’s elections.

“That is what we are doing. The reason why the preparation is early. Procurement is timely. This ensures that the system is tested and all security measures are put in place,” Garcia said in a message to reporters.

“The features and the wish lists that we included in the hardware, software and transmission ensure the protection against any cyber attack,” he added.

Comelec has awarded a joint venture led by South Korean firm Miru Systems Co. Ltd. the P17.99 billion contract to lease an automated election system for use in the 2025 midterm elections.

Despite lawmakers and experts pointing out Miru System’s allegedly questionable performance in previous elections it handled, Comelec has remained firm in its decision to tap the firm for the provision of some 110,000 automated counting machines, election management systems, and other peripherals for use in next year’s elections.

“Of course, the readiness of our IT [Information Technology] personnel matters much, coupled with our learnings from the past. Most important of all is the support of all stakeholders in the electoral process and the critical collaboration with the electorate,” Garcia said.

“Vigilance is therefore crucial,” he stressed.

Malaya issued the warning after American and British authorities accused Chinese hackers of launching a state-backed campaign against officials and other stakeholders in the United States.

In previous months, the Philippines also experienced its share of hacking attempts, supposedly from hackers operating in China.

Source…

A Hacker’s Perspective For Building Proactive Organizational Defenses

/in


Anshu is the founder/CEO of CloudDefense.AI—a CNAPP that secures both applications and cloud infrastructure.

The ongoing happenings in cyberspace continually underscore the concerning fact that hackers are getting super smart with their tricks and launching sophisticated cyberattacks more often. Whether it’s crippling ransomware attacks or sneaky data breaches, cybercriminals are showing off their cleverness and adaptability like never before. Hacking techniques are evolving faster than our traditional security measures can keep up with.

This is the harsh reality of cloud security, where hackers exploit the very nature of the cloud—its openness, its dynamism—to gain an edge. But what if you could think like a hacker? What if you could see your publicly exposed infrastructure through their eyes, anticipate their moves, and shore up your defenses before they even struck?

That’s the power of understanding hacker recon. As the CEO of a cloud security company, I’ve learned that when it comes to implementing cybersecurity strategies, it’s not enough to merely react to threats. To stay ahead of the curve, we need to think like attackers, not just defenders. That said, here I discuss how to adopt the hacker’s perspective and use it to strengthen your cloud security posture.

Understanding What Hacker Recon Is

Think of hacker reconnaissance (recon) as detective work done before a cyberattack is launched. It’s when hackers gather information about their target, such as a company’s computer systems and networks. Through this, they’re trying to understand the layout of the digital front, looking for any security gaps, attack vectors or potential entry points that they can exploit later.

Simply put, the more information they uncover, the more smoothly their “operation” can go—just like any good detective needs solid clues to crack a case. So, next time you hear about a cyberattack, remember that it often starts with this information-gathering phase.

There are two main ways hackers do their recon:

• Passive recon involves gathering information without directly interacting with the target system. Hackers might use search engines, social media, public records and other…

Source…

Fortifying cyber defenses: A proactive approach to ransomware resilience

/in


Ransomware has become a pervasive threat, compromising the security and functionality of vital systems across the United States.

While governmental pledges and public declarations of intent to fight cybercrime are foundational, they often lack the immediate and tangible impact necessary to counter sophisticated cyber threats. Case in point – the US recently pledged, along with 39 other countries, not to pay ransoms. In theory this makes sense: don’t pay, the bad guys don’t make money and move on to other crimes. In practice, it won’t work.

government cybersecurity tools

Getting the right tools

Instead of investing time in formulating non-binding pledges rather than working on actionable solutions, the US Government should adopt a more proactive stance by directly procuring advanced cybersecurity tools.

These tools, which have been developed to keep data safe and stop ransomware attacks, exist and are continually evolving. By spearheading the implementation, through investment and education, the government can set a powerful example for the private sector to follow, thereby reinforcing the nation’s cyber infrastructure.

The effectiveness of such tools is not hypothetical: they have been tested and proven in various cybersecurity battlegrounds. They range from advanced threat detection systems that use artificial intelligence to identify potential threats before they strike, to automated response solutions that can protect data on infected systems and networks, preventing the lateral spread of ransomware.

Investing in these tools would not only enhance the government’s defensive capabilities but would also stimulate the cybersecurity industry, encouraging innovation and development of even more effective defenses.

This approach can also foster public-private partnerships, as government agencies can collaborate with cutting-edge technology firms to develop new standards, best practices, and adapt commercial tools for government use, ensuring the most robust protection possible. These collaborations can also facilitate expanded information sharing, enabling both to stay ahead of emerging threats and collectively strengthen the nation’s cyber defenses.

Moreover, the procurement of…

Source…

Understanding these nine ransomware stages can help harden cyber defenses

/in


Ransomware payouts are on track to make 2023 another banner year for criminals, netting more than $440 million since January, according to a recent analysis by Chainalysis. But there are ways for organizations to blunt the impact.

First, some background: One of the reasons for ransomware’s continuing success, according to Chainalysis, is the success of what is popularly called “big-game hunting,” or going after large enterprises with deep pockets and the promise of big ransom rewards. Witness the reach of the Clop gang with exploits of Progress Software Corp.’s MOVEit file transfer software. Chainalysis estimates an average payout of $1.7 million per victim.

But the trend has other contributing factors, such as an increased number of successful attacks on smaller targets. Also, as more victims refuse to pay some security analysts think this has motivated attackers to ask for higher ransoms across the board or use more extortion techniques to convince victims to pay. Ransomware continues to be a growth business opportunity for criminals, whether or not victims pay up, because stolen data carries a certain value on the dark web, the shady corner of the internet reachable with special software.

To bring more clarity to the rise in ransom payments, we examined reports by six security firms that tried to categorize the various steps involved in a typical ransomware attack:

  • EJ2 Communications Inc. Flashpoint’s Anatomy of a Ransomware attack (seven stages, July 2023)
  • Google LLC Mandiant’s m-Trends June 2023 report (which breaks down the recent Ukrainian cyberattacks into five stages)
  • Palo Alto Networks Inc. Unit 42’s Stages of a Ransomware attack (five stages, February 2023)
  • Blackberry Ltd.’s Anatomy of a Ransomware attack (eight stages, October 2022)
  • JP Morgan Chase & Co.’s Anatomy of a Ransomware attack (five stages, September 2022)
  • Darktrace PLC’s Nine Stages of Ransomware (it is really six discrete stages, December 2021)

Many of these companies have ulterior motives in laying out their ransomware models, in that they sell research based on their own telemetry (such as Palo Alto Networks and Mandiant) or products that can help find or mitigate malware…

Source…