Posts

Monona-based Sprocket Security protects data through constant hacking | Business News


Many companies already had a few employees equipped to work remotely, but with most office workers working from home during the pandemic, multiple new points of entry for hackers opened up, Cammilleri said.

Hackers could attempt to find holes in the system caused by human error when trying to shift to remote work, Cammilleri said. They could also attempt more sophisticated phishing scams — email campaigns that attempt to get the reader to reveal personal information or download malicious software.

Support Local Journalism

Your membership makes our reporting possible.

{{featured_button_text}}

“I send a phishing email, they click on it, and basically I compromised their system,” Cammilleri said. “Now I’m logged onto their computer, which has corporate access, and game over.”

For individuals, stolen credit cards, online accounts or Social Security numbers can be in jeopardy, but for corporations, ransomware might be the biggest threat.

Hackers using ransomware break into computers or servers and encrypt mass amounts of data. When the data is encrypted, it can’t be read unless the computer knows the encryption key, so hackers hold that key — and therefore the data — hostage until a certain sum of money is paid.

“Ransomware is one way to make a lot of money really quick and easily,” Cammilleri said.

Sprocket is contracted by Fortune 500 companies, private companies and some municipal governments, Cammilleri said. One of its contracts is with the Milwaukee law firm von Briesen & Roper.

Source…

US response to hack must be powerful | News, Sports, Jobs


What is being called the SolarWinds hack of tens of thousands of private and government networks may have been the most serious digital invasion of the United States ever, those with knowledge of the situation have said. It may take years to repair the damage, they add.

As many as 18,000 computer networks have been compromised by the hack, which got its name from the Texas software firm through which the hackers invaded networks.

U.S. intelligence agencies say the attack bears all the signs of having originated in Russia. More detailed knowledge of where blame should be laid needs to be obtained.

Fixing blame is the easy part, however. Deterring the culprits from doing the same thing — or worse — in the future is a knottier challenge.

Attacks on the incredibly complex computer systems relied upon by both the private sector and government have increased steadily during recent years. They come from many villains, including the Russian, Chinese, North Korean and Iranian regimes. They are the critical national security concern of the 21st century.

How can they be stopped? Clearly, traditional responses such as economic sanctions and diplomatic attacks have not worked. New, effective counterattacks are needed. Nothing short of military action ought to be off the table.

Finding ways to make leaders of rogue regimes suffer personally may be the only way to end the attacks.

One way or another, U.S. officials must develop effective deterrents against foreign hackers, whether they are sponsored by their governments or are in it for personal gain. The potential for the hackers to do enormous, possibly life-threatening, damage to Americans makes such an initiative imperative.

Today’s breaking news and more in your inbox



Source…

IRCTC upgraded e-ticketing website, mobile app launched: Check user-friendly features | Economy News


New Delhi: Union Railway Minister Piyush Goyal on (Thursday) December 31, 2020 launched the revamped website and mobile app of IRCTC.

The IRCTC upgraded e-ticketing website and mobile app comes with a host of user friendly features and will be operational from January 1.

Salient Features of the Upgraded website:

  • Complete User personalization linked to the user login, such as the  booking of meals, retiring rooms and hotels has been integrated and can be directly along with the tickets, thus providing a one stop solution for the needs of the traveller.
     
  • Predictive entry suggestions using Artificial Intelligence to be given to the passenger when he is entering the station or passenger. This will greatly reduce the hassle in searching stations and also save time in ticket booking.
     
  • Simpler checking of the refund status at the user accounts page.  Earlier this feature was not easily accessible.
     
  • ‘Regular’ or ‘Favorite’ journeys can be booked easily by automatically entering relevant details.
     
  • Train search & selection simplified by putting the information on one page to reduce the time used by passengers and enhancing the booking experience.
     
  • All information on one page – Availability for all class are displayed along with respective fares for all trains. Simply scroll the page and choose to ‘Book’ the desired train and class. Earlier each train seat availability and fares could be seen only after clicking on that train individually.
     
  • A ‘Cache system’ has been introduced in the backend to provide availability status. This will avoid delays in loading availabilities.
     
  • In case waitlisted tickets, its ‘confirmation probability’ is displayed. Earlier this had to be checked for each waitlist status separately.
     
  • Availability for other dates can be toggled on the page itself.
     
  • Prompts during the booking process for making it easy for even less computer familiar users. This will save his time in wandering on the website for searching the website.
     
  • The journey details will be shown also at the payment page. It will prompt the user to check and rectify, if there are any typographical errors. These corrections can only be corrected by visiting a PRS…

Source…

‘Ransomware attacks on pharma sector to increase’ – News Today


Chennai: Quick Heal Technologies Limited, has released its threat predictions that will share the future of cybersecurity in 2021 and beyond.

In a statement, it said, “Previously, advanced ransomware attacks like WannaCry, Petya, Ryuk, Grandcrab etc. used to only encrypt disks or files and demand a ransom payment in return for a decryption key. Now a new ransomware trend is observed which not only encrypts user files but also exfiltrates private and sensitive information. On denial of ransom, adversaries threaten to release hijacked information in public.”

Numerous hospitals, Covid-19 research firms, and pharma companies have fallen victim to ransomware in the last quarter of ‘20, making it necessary for them to adopt or deploy a comprehensive set of security solutions.

Cobalt Strike is a threat emulation toolkit that is often being used for post-exploitation, covert communication, and browser pivoting, among other malicious purposes.

With the Covid-19 pandemic, almost all organisations have rolled out a remote working model, businesses have introduced tools to facilitate employees to connect to office networks from home and collaborate.

This new infrastructure must be managed and configured with great precision.

The booming cryptocurrency values will invite even more threat actors towards developing stealthier crypto-miners and generate higher revenues in 2021.

Himanshu Dubey, director, Quick Heal Security Labs, said, “The pandemic acted as a huge opportunity for cyber criminals to innovate their attack strategies further, and steal sensitive data for their personal gain. These advancements are likely to continue in the coming year as well. For instance, new tactics like double extortion, crypto-mining, ethical hacking, etc. are expected to be widely adopted by threat actors in 2021”.

 

Source…