Tag Archive for: fight

This was H1 2022 – Part 1 – The Fight Against Cybercrime

/in


After many long lockdowns, the information technology industry woke up to a new reality. Cyber crime was too widespread and heavily resourced. Hybrid architectures had grown too complex to be able to provide adequate defense, resulting in new larger threat surfaces.

To make matters worse, there was a lack of skilled security professionals who could pick up the pieces and close the gaps quickly. Cybercrime was the new pandemic, and it was growing year after year. Fortunately, parties that fight against cybercrime have formed an unseen alliance, without borders, across public and private partnerships, and governments and law enforcement agencies. Their actions might not always be as visible as the next record ransom payment or data breach, but they are making waves, sending messages, and getting noticed by the criminals.

DevOps Connect:DevSecOps @ RSAC 2022

This blog emphasizes the increased efforts and successes of law enforcement and the global security community in their fight against cybercrime. It’s part of a three part series that takes a thematic look at cyber activities from the first half of 2022. The second post focuses on the cyber events leading up to and occuring as a consequence of the invasion of Ukraine by Russia. The third and final post in our series will cover events, attacks and heists beyond the cyber war.

Our first post starts in January 2022 with an arrest of one of cybercrimes most notorious gangs.

January 2022

On January 14, Russian authorities announced the arrest of 14 members of the REvil ransomware gang, confiscating over $6,5 million, 20 luxury cars, computer equipment and cryptocurrency wallets. REvil emerged in April 2019 from the void left behind by the shutdown of the GandCrab operation. In less than a year, the gang became the most prolific ransomware group, collecting some of the highest ransoms from its victims. REvil’s most publicized hit was the Kaseya supply-chain attack that crippled almost 1,500 businesses globally. The group, unable to negotiate with all victims individually, made a one-time offer for a universal decryption key to decrypt all organizations for a single sum of $70 million in Bitcoin. The Kaseya attacks prompted a harsh response from the US, with…

Source…

All-New Security Program and Hacking Mitigation Plans to Fight Impersonators

/in


Press release content from MarketersMEDIA. The AP news staff was not involved in its creation.

Click to copy

Las Vegas, NV, United States – July 23, 2022 —

The American Sweepstakes Network has administered and implemented contests, game promotions, and sweepstakes for the U.S.A.’s biggest marketers for over 30 years. The team’s experience is simply uncopiable — although, some have tried. With the rise of fraudsters attempting to impersonate companies and scam customers, the company has tightened its cybersecurity belts and implemented brand-new hacking mitigation plans to keep clients safe.

From enhancing the verification system to staying on top of PCI regulations, The American Sweepstakes Network is more secure than ever before.

Fraud Prevention and Instant Code Verification

Sweepstakes fraud isn’t new, but as the world becomes ever digital, it’s common to see an alarming increase in dishonorable companies.

Red flags like Greendot Cards and MoneyGram should always be avoided, and The American Sweepstakes Network has made it its core mission to ensure customers report any of these transaction requests to the US Fraud Report database ww.usfraudreport.com and or directly to our legal department.

Additionally, the team has included an instant code verification system to further enhance its ongoing cybersecurity efforts. If you’ve received a claim code that allegedly identifies you as a prize winner, simply input the number and hit “Verify.” 

The Company-Wide Hacking Mitigation Plan

Company impersonators and computer hacking go hand-in-hand. While many have fallen prey to several cyberattacks, the team is committed to enhancing security and protection and thus offering a new lease of life. 

By employing an effective hacking mitigation plan, users can rest easy knowing their sensitive information is safe.

The American Sweepstakes Network began by conducting a risk assessment, acknowledging the vulnerabilities that allowed unauthorized individuals into the system.

Identification led to fixing the common vulnerabilities before trying to tackle the more complex problems through…

Source…

Banks need best practices to fight rising cyberattacks

/in


Cyberattacks on the financial sector have been steadily increasing. According to VMware, financial institutions experienced a $238% increase in cyberattacks within the first six months of 2020 alone. In 2021, the trend continued with financial institutions/fintech being hit by ransomware, phishing, SQL injection, social engineering, and denial of service attacks, among others.

Government agencies have sought to stem the trend with regulations, resources, and regular warnings. But has this been enough and can financial institutions/fintech companies do more to protect the sensitive data of their customers and their own proprietary information? The answer is yes, and it involves executives’ gaining a better understanding of the progression of cyberattacks on the financial sector and responses to them, along with implementing best practices for cybersecurity that address current threat vectors.

On September 14, 2007, the online brokerage, TD Ameritrade, reported that it had experienced a data breach that resulted in the theft of 6.3 million customer account records. It was one of the first major wake-up calls for the financial sector and sadly would be followed by many others. A report by the Boston Consulting Group stated that financial services firms are 300 times more likely to experience a cyberattack than businesses in other industries. Their costs from a cyberattack are higher too. Accenture reported that the average cost of a cybercrime per financial services company in 2018 averaged $18.5 million compared with $13 million for companies in other sectors. It is likely that amount has increased. The good news is that there is greater awareness and measures in place to help combat cybercrime. This heightened awareness coupled with best practices can be extremely effective.

Serious cybercrime incidents in 2021

Since tracking and reporting of cyberattacks began, there has been a long pipeline of various cyberattacks on banks, credit unions, credit card companies, mortgage lenders, investment firms, cryptocurrency platforms, etc. worldwide.  Cybercriminals have included Russian hacking groups like the TA505, ransomware groups like DarkSide and Ragnar Locker, international crime…

Source…

Internet safety laws strengthened to fight Russian and hostile state disinformation

/in


  • Social media platforms will have to proactively look for and remove disinformation from foreign state actors which harms the UK
  • Firms failing to tackle online interference by rogue states face huge fines or being blocked

Social media platforms will have to proactively tackle Russian and other state-sponsored disinformation aimed at undermining the UK under changes ministers are making to new internet safety laws.

Many people are concerned about the threat that malicious state-linked disinformation poses to UK society and democracy, particularly following Russia’s brutal invasion of Ukraine.

The government will table an amendment to link the National Security Bill with the Online Safety Bill – strengthening this landmark and pioneering internet legislation to make the UK the safest place in the world to go online. A new Foreign Interference Offence created by the National Security Bill will be added to the list of priority offences in the Online Safety Bill.

It means social media platforms, search engines and other apps and websites allowing people to post their own content will have a legal duty to take proactive, preventative action to identify and minimise people’s exposure to state-sponsored or state-linked disinformation aimed at interfering with the UK.

This includes tackling material from fake accounts set up by individuals or groups acting on behalf of foreign states to influence democratic or legal processes, such as elections and court proceedings, or spread hacked information to undermine democratic institutions.

Digital Secretary Nadine Dorries said:

The invasion of Ukraine has yet again shown how readily Russia can and will weaponise social media to spread disinformation and lies about its barbaric actions, often targeting the very victims of its aggression. We cannot allow foreign states or their puppets to use the internet to conduct hostile online warfare unimpeded.

That’s why we are strengthening our new internet safety protections to make sure social media firms identify and root out state-backed disinformation.

Security Minister Damian Hinds said:

Online information operations are now a core part of state threats activity. The aim can…

Source…