Tag Archive for: Part

Hacking the World – Part 1: Hacking Basics

/in


Each week in October, as part of Cybersecurity Awareness Month, we’ll publish an article packed with facts and stats, to give you an in-depth look at the state of cybersecurity in today’s world. We’ll start with the basics, then cover vulnerabilities, risks, costs – and so much more.

Cybersecurity is in focus now more than ever before – and 2020 was a record year for hacking activity. Companies faced swathes of sophisticated attacks during the initial throes of the COVID-19 pandemic and this trend has continued into 2021.

We’ll tell you everything you need to know about the scale, cost, and geography of hacking attacks and data breaches, not to mention stats on the biggest threats, vulnerabilities, and risk areas over the last 12 months.

We’ll even cover the future of cybersecurity and some tips to stay safe. But first, let’s take a look at the key definitions. Jump to a section below, or read on:

Cybersecurity Glossary

General Statistics

Hacking 101

Cybersecurity Glossary

Digital rights refer to those rights that allow individua

Cybersecurity is a complicated subject with its fair share of technical jargon. Before we get into our long list of cybersecurity/hacking stats, let us first go over some key definitions.

This should help us avoid any confusion.

As you probably already know, cybersecurity is the protection of device users/contents against unauthorized electronic data and bad actors. Cybersecurity also outlines the measures taken to achieve this protection.
Hacking is the process of gaining unauthorized access to a system or device’s data. There are a ton of other cybersecurity and hacking-related definitions. Here are some important ones.

Now we’ll dive into the world of hacking and cybersecurity statistics…

General Statistics

Here are a few general stats to get you acquainted with cybersecurity and hacking: History, target data, and the current state of hacking breaches.

The History of Hacking

Hacking is almost as old as the very first computer network. That’s right, as long as computers have been around, people have been busy trying to figure out how best to exploit them.

Bob Thomas of BBM wrote the creeper — an experimental program…

Source…

The Colonial Pipeline Ransomware Cyberattack — Part 2 – rAVe [PUBS]

/in


hacker cybersecurity cyberattacks

What motivates a hacker or group of cyberattackers? The answer is typically money.

For each column in this series, rAVe writer Paul Konikowski takes a deeper dive into a recent security event or data breach, shedding light on supply chain vulnerabilities, infrastructure and cyber-physical security.

The Colonial Pipeline ransomware attack in May of 2021 caused many gas shortages. It also resulted in an Executive Order from the Biden administration to “improve the nation’s cybersecurity and protect federal government networks.” The EO press release noted, “public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.” But what motivates these attackers?

Hollywood movies and television series have long depicted hackers as teenagers huddled in a basement or dorm room, hacking into systems to change their grades or just to cause a little mayhem. The mischief-minded nerdy teens or collegiate hacker groups do exist in real life, for sure. But those stories are rare, and the impact of hacks by mischievous “script kiddies” is usually very minor. It’s more of competition at that age. While the pride of “cracking” a device or “pwning” someone is a real feeling among cybercriminals, most don’t do it for fun. Instead, most cyberattackers are motivated by money. Let’s look at the Colonial Pipeline as an example.

On May 7, 2021, a group of cybertattackers known as DarkSide used ransomware to attack the business networks of Colonial Pipeline, and the pipeline management quickly shut down the pipeline systems too.

A few days later, the Darkside website hosted a statement about the motivation of the attack, which said:

“We are apolitical, we do not participate in geopolitics, [you] do not need to tie us with a defined government and look for … our motives… Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” 

Granted, if this statement came from criminals, it could be a partial or complete lie. But for the…

Source…

Microsoft Catches NOBELIUM’s Email Malware Plans, Also Known for its Part in SolarWinds’ Attack

/in


Microsoft catches NOBELIUM before they can even distribute a wide-scale email URL malware, which was intended for the US technological landscape, preventing another “SolarWinds” attack from happening. NOBELIUM is a known group that was linked with the recent hack of SolarWinds and is considered to be a massive threat by the security industry.

Microsoft

(Photo : GettlyImages/ Stephen Lam)
Microsoft post-pandemic plans revealed

As most people say “Crisis averted,” and that was thanks to Microsoft’s diligent monitoring and research about the threat actors otherwise known as “NOBELIUM,” which have been observed lately. The group had been making its stealthy actions since January this year, carefully planning their attack, and striking when already completing all of its variables. 

Initially, SolarWinds’ malware attack last December was attributed to the Russians but has denied any connections or actions with regards to it. Good thing is that organizations like Microsoft were able to complete and connect the dots, and have discovered new names in the tech industry which are responsible for said malware. 

Read Also: Biggest iPhone Hack Ever: ‘Fortnite’ Trial Exposes Emails Detailing the ‘XCodeGhost’ Malware

Microsoft Catches NOBELIUM in the Act

NOBELIUM Malware Attack Discovered by Microsoft

(Photo : Screenshot From Pexels Official Website)

While SolarWinds is yet to fully recover from the attack, as it was projected it would take up to 18 months at the most, its threat actors are back to enact their reign of terror amongst others. According to Microsoft’s latest report, the Microsoft Threat Intelligence Center (MSTIC) has detected a new sophisticated approach in hacking into systems. 

Microsoft said that it has been getting into systems since early January 2021, and has been making its way into systems. Its recent attack had leveraged Constant Contract, a mass-mailing service, to distribute the said email malware URLs. 

The notorious NOBELIUM has been made, and it is good news for the tech industry as it has evaded a big one, especially with the way that the threat actors work. A lot of cases were attributed to them, with NOBELIUM’s hacking portfolio having a significant list of…

Source…

Malicious Life Podcast: China’s Unrestricted Cyberwarfare Part 1

/in


Back in the 1990s, cyberwarfare was a word rarely used in the West – and definitely unheard of in China, which was just taking its first steps on the Internet. Two Chinese military officers, veterans of the semi-conflict with Taiwan, helped shape the role of cyber in modern warfare in China and beyond.

Host Ran Levy is joined by special guest Lieutenant Colonel, USMC (retired) Bill Hagestad, a leading international authority on cyberwarfare and Chinese cyber operations and capabilities specifically – check it out…

China’s Unrestricted Cyberwarfare Part 1 Transcript

What is cyberwar?

It’s such a trendy term these days that it’s hard to tell. On the news, you hear that the U.S. is in a cyber war with Russia, or with China, or with Iran. Russia is in a cyber war with the U.S., and Ukraine, and half the continent of Europe. And there’s China, and Israel, and…

Who cares? Seriously, if Russia hacks into the U.S. Department of Things That Don’t Concern Me, or into some politician’s emails, does it even matter? It doesn’t seem like war. Remember real war? You could get shot in a real war. Cyber wars seem kind of sucky in comparison.

“[Nate] I was thinking about this, recently, after a discussion I had with Bill Hagestad.”

BILL HAGESTAD
“[Hagestad] Yes. Good day! My name is Bill Hagestad, a Retired Lieutenant Colonel of the US Marine Corps, served almost three decades serving our country, a couple of tours in Iraq.”

Bill has a different kind of view on what cyberwar is all about. To get the full picture, you have to understand where he’s coming from.

“[Nate How would you describe your relationship with the Chinese government because I have trouble doing so?

[Hagestad] [Laughs] Yes. I make – I’m very transparent about it. I am actually a visiting scholar at the People’s Liberation Army’s number one think tank out of Jiangsu Province in the People’s Republic of China known as the Knowfar Institute.”

The number one think tank for the PLA. A place no Westerner should be allowed within 1,000 yards of.

“[Nate] And I mean no offense when I ask, what did the Chinese gain by keeping you…

Source…