Don’t wait for cybercrime to find you - remember that the best defense is always a good offense. Be a cybersecurity rock star. Just like any musician, you’ll have your big hits and your flops. But when you can see where you're going, with the right visibility into your systems, you will be TCB, takin’ care of business.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Crypto mining malware is now the weapon of choice for hackers worldwide. The skyrocketing prices of cryptocurrencies is driving the scale of cryptojacking attacks, and can mean very lucrative profits ranging from hundreds of dollars to twenty thousand dollars per month. Victims now include Tesla and the UK government.
While we often think about malicious users when we speak of insider threats, the "real" problem lies with users that may unintentionally be putting their organizations at risk. This includes users that get phished, bypass controls for convenience or efficiency, and connect their own devices to the corporate networks.
For years, IoT developers have focused too much on availability, and not enough on privacy and confidentiality. This mindset appears to be shifting and the NIST report is proof of a growing recognition that there needs to be universal standards in place to improve the privacy and security of any IoT system.
Individuals, business leaders, and all other types of organization leaders need to improve their ransomware protections to protect their personal data, preserve privacy, and maintain access to their other data. What are some of the simple steps to avoid being a ransomware victim?
There is reason to be optimistic about the future of cyber security. In today’s world, there is always a “weak link” in the chain that hackers can exploit. In a blockchain world, there are no longer any weak links and every action taken on the blockchain is part of a completely verifiable and trackable digital ledger.
There's a need to secure offline, rather than online, microfinancing solutions. The future rests in the power of embeddable microchips and the power of process isolation by inserting a Linux-powered computer into the architecture of an non-secure IoT device to create a hardware Root of Trust.
ATM machines have always represented a “soft target” in the minds of criminals. What’s now clear is that the ATM card skimmer scams of years past pale in comparison with what’s possible now with jackpotting scams with cyber criminals turning every ATM they visit into casino slot machines with huge jackpots.
Cybersecurity and AI has dominated the recently concluded WEF at Davos. Yet, there is still a lot more to be done in terms of close and constant cooperation between the pioneering private organizations and the forward thinking governments. Simple right? Easier said than done.
EFF and Lookout traced Dark Caracal to Lebanon and has infected Android users in more than 20 countries and stolen hundreds of gigabbytes of dat. Cyber espionage using fake apps with Android malware is the new trend as nation states and cybercriminals move towards using mobile as the target platform.










