To Catch a Thief - Deciphering Cybercrime Signatures

The Oxford Reference Online defines cybercrime as crime committed over the Internet. Some people call cybercrime “computer crime.” The Encyclopaedia Britannica defines computer crime as any crime that is committed by means of special knowledge or expert use of computer technology. Computer crime could reasonably include a wide variety of criminal offences, activities, or issues.

The scope of the definition becomes even larger with the frequent companion or substitute term “computer-related crime.” Some writers are also of the opinion that “computer crime” refers to computer-related activities which are either criminal in the legal sense of the word or just antisocial behaviour where there is no breach of the law (Lee, M.K.O. (1995). The word “hacker” should also be defined here, as it will be used extensively in this article – hackers are basically people who break into and tamper with computer information systems. The word “cracker” carries a similar meaning, and “cracking” means to decipher a code, password or encrypted message. What is concerning is that organised crime is escalating on the Internet, according to a 2002 statement by the head of Britain's National High-tech Crime Unit, Lee Hynds. According to him the Internet provides organised crime groups with “a relatively low risk theatre of operations.” As the topic of cybercrime is so wide, what I would like to do is focus on Malaysia’s Computer Crimes Act 1997, local law enforcement and practical tips on how to prevent cybercrime. Computer crime laws in other countries, the enforcement and multilateral efforts to harmonise laws against cybercrime will be discussed in next month’s column. Are there laws in Malaysia to prosecute cybercriminals? What are the penalties for cybercriminals in Malaysia and around the world? Share your comments with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/

Cybersecurity: Malware and Dreaded Trojan Horses

Malware is an abbreviated term for "malicious software". It refers to any software that is designed to specifically disrupt or damage a system.  

Malware includes such things as worms, Trojan horse, and viruses.  A Trojan horse is a program that appears to be useful or at the very least harmless.  However, it has been designed to contain hidden code to exploit or damage a computer system. A Trojan horse neither replicates nor copies itself, but performs some illicit activity when it is run. It stays in the computer doing its damage or allows somebody from a remote site to take control of the computer. There are other terms that are associated with Trojan Horses: Remote Access Trojans and Rootkits.   Remote Access Trojans are commonly referred as backdoors.  They allow someone else to control your computer from a remote location.  A rootkit is a collection of software programs that once installed allow someone to gain unauthorized remote access to your computer A self-contained program (or set of programs) that is able to spread copies of itself to other computer systems.  A worm can consume network or local system resources.  They can cause a denial of service attack.  A worm may also deliver other malware such as keyloggers in addition to spreading itself. A virus is a program code that can cause damage to hardware, software or data. Virus code is usually buried within the code of another program (file, document or boot sector of a disk) and once executed it will attempt to replicate itself by infecting other hosts across the network.  Some times viruses are used to deliver other types of malware such as a Trojan horse. Which Trojan Horses have you experienced and which mitigation techniques have succeeded? Share your comments here with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/

CyberSecurity Ventures Announces its Top 500 Vendors for 2016

What are the top cyber security firms for 2016?

“In 2016, we are placing a greater emphasis on ‘pure play’ cybersecurity firms that focus mainly on advisory, consulting, specialized staffing, and support services” says Steve Morgan, Founder and CEO at Cybersecurity Ventures and Editor-In-Chief of the Cybersecurity 500. “root9B brings a rare combination of extensive real-world cyber defense experience, senior level cyber experts with backgrounds protecting U.S. federal agencies and commercial enterprises, deep subject matter expertise in the most important cybersecurity disciplines, a local presence in key U.S. regions with plans and the financial ability to expand into other regions, international exposure, and their own state-of-the-art adversary pursuit center. They have a very well thought out model for proactively hunting down and stopping network intruders for their clients” adds Morgan. The cybersecurity workforce shortage has resulted in one million job openings in 2016. Pure play cybersecurity firms are providing essential cyber defense talent to small-to-mid sized companies, Fortune 500, and Global 2000 corporations that are struggling to staff up to the cyber threats they are facing. “We are honored to be recognized as the Cybersecurity 500’s top cyber firm” says Eric Hipkins, CEO at root9B. “This shift of pure play cyber companies clearly documents the requirement for innovative, security-for-a-service companies.” adds Hipkins. View the complete list by visiting: http://cybersecurityventures.com/cybersecurity-500/ . What are your picks for the top cyber security vendors in 2016? Share your comments with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/ .

The Most Critical Cyber Threats in 2016

Security Researchers have identified four cyber threats which may pose the greatest risk to businesses and indivuals. First, the Rise of the IoT Zombie Botnet: There are many who say that 2015 was the year of the Internet of Things; but it was also the year the Internet of Things got hacked. 

Connected cars, medical devices, Barbie dolls and skateboards were just a few items shown to be vulnerable to hackers this year. If 2015 was the year of proof-of-concept attacks against IoT devices, 2016 will be the year we see many of these concept attacks move to reality. One trend we’ve already spotted is the commandeering of IoT devices for botnets. Instead of hackers hijacking your laptop for their zombie army, they will commandeer large networks of IoT devices—like CCTV surveillance cameras, smart TVs, and home automation systems. Second, Chip-and-PIN Innovations: Any time the security community closes one avenue of attack, hackers adapt and find another. When retailers stopped storing customer credit card numbers and transactions in databases, hackers sniffed their networks to grab the unencrypted data live as it was sent to banks for authentication. When retailers encrypted that live data in transit to prevent sniffing, attackers installed malware on point-of-sale readers to grab data as the card got swiped and before the system encrypted the numbers. Thirdly, attacks That Change or Manipulate Data: In testimony this year, James Clapper, the director of national intelligence, told Congress that cyber operations that change or manipulate data in order to compromise its integrity—instead of deleting or releasing stolen data—is our next nightmare. Mike Rogers, head of the NSA and US Cyber Command said the same thing. And finally, Extortion Hacks: Following the Sony hack in late 2014, we predicted that hacker shakedowns would increase in 2015. By shakedown, we were referring not to standard ransomware attacks, whereby malware encrypts or otherwise locks access to a victim’s computer until the victim pays a ransom. We meant extortion hacks where attackers threaten to release sensitive company or customer data if the victim doesn’t pay up or meet some other demand. With these attacks, even if you have backed up your data and don’t care that hackers have locked you out of your system, public release of the data could ruin you and your customers. Which cyber threats do you anticipate as the greatest risks for 2016? Share your comments with the Cloud and Cyber Security Center. 

National Crime Agency Issues Online Saftey Guidance for Businesses & Consumers

The National Crime Agency (NCA) has identified hacking is the primary method for infiltrating networks. Through the injection of specialist software, hackers seek to gain unauthorised access to computer networks and systems and take administrative control of these. Successful hacking attacks can compromise data stored on the network of individuals, products, strategic plans, sensitive data and commercial data. This data is often then sold on to fraudsters.

  Hacking also has the potential of putting the operation of systems which control physical infrastructure at risk. DDOS attacks prevent legitimate access to online services by swamping the communications links with a mass of traffic so that users are unable to access the service as it can not handle the volume of incoming traffic. These attacks are usually undertaken through the use of botnets – a group of compromised, controlled computers which involuntarily send messages simultaneously to the computer or server. DDOS attacks prevent legitimate access to online services by swamping the communications links with a mass of traffic so that users are unable to access the service as it can not handle the volume of incoming traffic. For consumers NCA isssued guidelines for Phishing: bogus emails asking for security information and personal details; Webcam manager: where criminals takeover your webcam; File hijacker: where criminals hijack files and hold them to ransom; Keylogging: where criminals record what you type on your keyboard; Screenshot manager: allows criminals take screenshots of your computer screen, and Ad clicker allows a criminal to direct a victim’s computer to click a specific link Share your comments about cyber threats with the Cloud and Cyber Security Center. 

Former NSA Head General Michael Levinson Comments on the Threat of Cyber Terorism

When confronting cyber crime and terrorism there are three layers: the government system, the political system and popular culture. So, the governmental system: Raw incompetence is the best explanation I can offer you. That’s at the executive-branch level. At the political level, we began last week in Washington with reining in the renegade National Security Agency for actually having phone bills—yours and mine—up at Fort Meade.

Wednesday, we have the Boston Police Department shooting someone who is committed to behead people. And Thursday, we learned that OPM had lost four, make it 14, million sets of records. At the level of popular culture, we Americans have not yet decided what it is we want or what it is we will permit our government to do in this cyber domain. And until we make those decisions, these kinds of events are more likely. American military doctrine says this cyber thing is a domain. There are no rivers or hills up here. It’s all flat. All advantage goes to the attacker. That’s one reality. Then, all of us just fell in love with the ease and convenience and scale, so we decided to take things we used to keep if not in a safe, at least in our desk drawer, and put it up here, where it’s by definition more vulnerable. No. 3, we still have a bunch of scrimmages down here in physical space about what it is you will let your government do to keep you safe. We have no consensus whatsoever up here in the cyber domain. What’s the impact for you? Share your comments with the Cloud ad Cyber Security Center.

Cyber Crime Defense: Selecting Anti-Virus Utilities for 2016 - A First Look

Malware these days is about making money, and there's no easy way to cash in on spreading a virus. Ransomware and data-stealing Trojans are much more common, as are bots that let the bot-herder rent out your computer for nefarious purposes. Modern antivirus utilities handle Trojans, rootkits, spyware, adware, ransomware, and more. PCMag has reviewed three dozen different commercial antivirus utilities, and that's not even counting the many free AV tools.

  Out of that extensive field we've named four Editors' Choice products. Nine more commercial antivirus utilities proved effective enough to earn an excellent four-star rating, and another seven earned three and a half stars. Of course,  more were reviewed, but those antivirus utilities that received scores of less than three stars don't qualify for inclusion in this "best of" listing. Almost all of these products are traditional, full-scale, antivirus tools, with the ability to scan files for malware on access, on demand, or on schedule. A couple are outliers, tools meant to enhance the protection of traditional antivirus. As for just relying on the antivirus built into Windows 8.x or Windows 10, that may not be the best idea. In the past, Windows Defender has performed poorly both in our tests and independent lab tests, though it did win in September and October of 2015.  So which AV solutions do you believed are best suited to ward off cyber threats in 2016? Send your comments to the Cloud and Cyber Security Center.

Cyber Security Outlook for 2016

As we enter the New Year cyber security experts have weighed-in on what to expect in 2016. With millions of active daily users across various popular social media platforms and many of those managing corporate accounts, social media provides the perfect opening for a targeted attack.

 In 2016, we can expect to see an increase in phishing and spear phishing attacks that leverage information found on social media, particularly with major events like the presidential election drumming up unusually high social media activity and making social networking platforms like Facebook a goldmine of personal information and a hotbed for cybercrime. Phishing attacks and targeted information borne threats will continue to grow, as cyber-criminals look to find more sophisticated ways to get to their end goal. Malware will be more frequently delivered from "trusted" servers which have been compromised. Criminals, nations, and anyone else seeking to hack will continue to exploit social engineering as a primary means of digital "breaking and entering." new and more sophisticated implementations of ransomware and wiper attacks, both of which can wreak havoc on a company, taking critical systems offline and halting operations.  This is but a small sample of cyber security expert predictions for the year ahead. So what do you expect for your organization and personal cybercrime? Share your thoughts with the Cloud and Cyber Security Center.

Visiongain Releases Report on the Top Cyber Security Companies to Watch in 2016

The latest report from business intelligence provider Visiongain offers comprehensive analysis of the top 100 cyber security companies. October 2015 when Dell announced the takeover of EMC.

This is an example of the business critical headline that you need to know about - and more importantly, you need to read Visiongain objective analysis of how this will impact your company and the industry more broadly. How are you and your company reacting to this news? Are you sufficiently informed. The cyber security market is highly fragmented, very dynamic with high levels of M&A activity and there is much to play for with established incumbents at risk of losing significant business opportunities to aspiring innovators. Two key elements of this report include: 1) An nalysis of game changing technological trends being employed by the leading cyber security players and how these will shape the industry and 2) The leading 100 cyber security companies and what are their prospects over the forecast period? See profiles of the companies operating within the sector with analysis of their prospects. So which security vendors do you believe will play a prominent role in 2016? Send your comments to the Cloud and Cyber Security Center. Download the complete report at: https://www.visiongain.com/Report/1550/Top-100-Cyber-Security-Companies-Ones-to-Watch-in-2016

Cybercrime Threats Which May Threaten Organizations and Consumers in 2016

Kaspersky Labs has defined seven cyberthreats to guard against in the year ahead. Retail Data Hacks, Mobile Security & Smartphone Vulnerability Threats, Phishing Attacks & Social Engineering, Identity Theft, Healthcare Data Hacks and  

 Attacks on Banks Mitigation steps include: 1) Use strong passwords for your accounts that include numbers, lower case and capitalized letters, and are not easy to guess, e.g. password, 12345, etc. 2) Don't open suspicious emails requesting that you reenter sensitive data, 3) Destroy sensitive documents, 4) Use a VPN to secure your Internet connection if you need to use public Wi-Fi, 5) Keep your antivirus software up to date. These are boom times for cyberthreats, cyberattacks and cybercrime. From identity theft to the retail hacks, these attacks are dominating the news cycle. On average, fraud victims will spend $776 of their own money and lose 20 hours trying to fix the mess that identity thieves made. Which cybercrime threats pose the biggest danger to yourself or your organization in 2016? Send your comments to the Cloud and Cyber Security Center.