Connect with us

Cyber Security

Arron Banks’ private messages leaked by hacker

Avatar

Published

on

Image copyright PA

The Twitter account of Arron Banks, the founder of the pro-Brexit campaign Leave.EU, has been hacked.

The perpetrator has leaked thousands of his private messages to and from dozens of other people spanning several years.

In a statement, Mr Banks accused Twitter of taking too long to tackle the issue and said the social network had “deliberately chosen” to leave his personal information online.

Twitter said it had “taken steps to secure the compromised account”.

“We will continue to take firm enforcement action in line with our policy which strictly prohibits the distribution on our service of materials obtained through hacking,” Twitter said in a statement.

 

It is not known who carried out the attack.

The data was made available by the hackers in the form of a link to a download. The original file is no longer online.

One expert said the hacker, if caught, could be prosecuted under the Computer Misuse Act, and that others who made use of the material would be walking into a legal minefield.

“Even if Arron Banks was using Twitter in a private capacity rather than as Leave.EU, the data was misappropriated from Twitter and that likely engages the Data Protection Act,” commented Tim Turner, a data protection consultant.

“There are public interest defences for using unlawfully obtained data, but that requires a journalist or other person to gamble that they can successfully argue that the public interest supports whatever use they make of it.

“You cannot know for certain that the public interest will back up any particular course of action; a person would have to act first, and see what follows.”

Avon and Somerset Police has confirmed that it is investigating the matter.

“We’re investigating whether any offences have been committed under the Computer Misuse Act after we received a report a Twitter account was compromised,” said a spokesman.

In February 2019, Leave.EU and an insurance company owned by Mr Banks were fined £120,000 by the Information Commissioner’s Office for breaching data protection laws.

“Arron Banks has shown extraordinary contempt for the ICO and British data laws and so this is a moment for him to reflect on the need for those laws and a regulator to enforce them,” said the journalist Carole Cadwalladr.

Ms Cadwalladr and Mr Banks have had many battles over her investigations into his affairs.

She said in a tweet that she had been sent some direct messages, said to be from the hacked account.

They were “pretty explosive” she tweeted.

Ms Cadwalladr told the BBC she had not downloaded any data.

Mr Banks’ Twitter account was suspended following the breach but is now working again.

Related Topics

Read more: https://www.bbc.co.uk/news/technology-50474626

Cyber Security

Incident Of The Week: Garmin Pays $10 Million To Ransomware Hackers Who Rendered…

Avatar

Published

on

[Records Exposed: N/A  |  Industry: Technology  |  Type Of Attack: Ransomware]

On July 23, Garmin users went to Twitter to express their concern over inaccessible website features. Four days later, Garmin released an official statement confirming that a cyber attack had taken place. Garmin assured its users that no PII (personal identifying information) was compromised.

The Facts:

Garmin is most commonly known for its fitness tracking capabilities in the form of GPS wearables, but the corporation also operates in the aviation space. Consequently, some planes whose aviation infrastructure relies on Garmin technology were also affected by the hack.

Hackers deployed the ransomware tool WastedLocker, which encrypts key data on a company’s digital infrastructure. In the case of Garmin, website functions, customer support, and user applications were all affected. Unlike typical ransomware software, WastedLocker does not steal identifying information and hold it for ransom. Instead, it renders programs useless until decrypted. The hacking organization then demands a fee for the decryption key. In the case of Garmin, although not verified by the U.S. corporation, it is believed that Garmin paid the $10 million ransom.

In the world of cyber crime, however, nothing is cut and dry. Cyber security experts have linked this young ransomware tool with the Russian hacking group known as Evil Corp. If this is the case, assuming the WastedLocker attack occurred under Evil Corp’s authority and not as a ransomware-for-hire event, Garmin had a difficult choice to make. To return their systems to working order, they had to risk breaking U.S. sanctions against Evil Corp.

Related: Critical Communications For Enterprise Cyber Security Incident Response

Third-party negotiators can act as intermediaries between the hacked and the hackers. It appears that Garmin paid a cyber security firm in New Zealand to assist with the hack, meaning it is likely that they worked as the go-between to legally pay the $10 million ransom without breaking U.S. sanction laws. Garmin has declined to discuss the cyber event beyond its bare-bones press release on the 27th.

Lessons Learned:

While ransomware attacks are nothing new, they are rapidly growing in sophistication and scale. It is believed that organized cyber crime entities are investing their “earnings” back into their hacking infrastructure much the way a startup grows by investing its profits. They’re building out specialized teams in order to run their operation on a larger scale, target larger entities, and decrease their rate of detection.

Traditionally, government organizations, cities, hospitals, and universities are most commonly targets of ransomware attacks. Those ransoms averaged around $100,000. Now, however, it appears threat actors like Evil Corp has moved their sites to Fortune 500 companies with random demands in the millions. Garmin may be just the beginning of a new ransomware era that specifically targets large U.S. corporations. That isn’t to say SMBs are off the hook. As Evil Corp and the likes go after bigger fish, the pond opens up for young hackers to come in and take their place.

To pay or not to pay a ransomware ransom comes down to personal choice. A Tripwire article by Graham Cluley offers this perspective: “That ultimately is a decision that only you can make. Bear in mind that the more companies that pay a ransom, the more the criminals are likely to launch similar attacks in the future. At the same time, you may feel that your business needs to make the difficult but pragmatic decision to pay the criminals if you feel your company cannot survive any other way.”

Related: The Cost Of An Enterprise Ransomware Attack

Quick Tips:

At its core, preventing ransomware attacks is about deploying a holistic cyber security solution. A hacking organization has nothing to ransom if it can’t breach enterprise systems. Most enterprise breaches start as basic phishing schemes. That is why organizations of all sizes must invest the time and money into strong cyber security policies and best practices such as:

  • Making it easy to report suspicious emails by embedding a “report phishing” button into all incoming emails which triggers a cyber security incident response
  • Giving employees the least amount of access they need to do their job, i.e. implementing a zero-trust strategy
  • Practicing and testing anti-phishing awareness internally or with the assistance of a cyber security third party vendor
  • Reducing workplace stress and creating a slower-paced environment, as cyber criminals pray on psychological human responses such as carelessness and hurriedness 

Read More: Incident Of The Week

Source: https://www.cshub.com/attacks/articles/incident-of-the-week-garmin-pays-10-million-to-ransomware-hackers-who-rendered-systems-useless

Continue Reading

AI

AI in Cybersecurity Helping with Threat Hunting, Reducing Attack Vectors

Avatar

Published

on

Adding AI in the Security Operations Center can assist with threat hunting, reduce attack vectors and breach attempts, making the organization more proactive. (GETTY IMAGES)

By John P. Desmond, AI Trends Editor

The cybersecurity landscape is looking at higher than ever threat levels, data volumes quadrupling every 36 months, computing power and data transfer speeds increasing just as fast, and a diversity of IoT devices ushering in a new era of automation.

To get a grip on this, more organizations are exploring how AI can help. The Next-generation security operations center (SOC) incorporates automation and orchestration — automation applied to both defense operations and threat hunting incorporating AI and machine learning, and orchestration managing how multiple sets of tools and platforms work together.

“AI and ML are not only used in a next-generation SOC to enhance detection and prevention activities, but also, increasingly, to augment incident response actions such as containment actions, ticket creation, and user engagement to triage and/or validate a suspicious action,” stated John Harrison, Director, Cybersecurity Center of Excellence for Criterion, in an article he wrote for  Nextgov. “The applications of AI and ML reduce the time spent on each alert and improve the Mean Time to Detect as well as the Mean Time to Repair.” Criterion is a systems integrator focused on solutions for government agencies.

New challenges facing SOCs include: serving the needs of remote and teleworking employees, a dramatically increased number during the pandemic; managing multiple cloud platforms; and dealing with an exploding number of IoT devices that need to be configured.

“The structure of SOCs is already adapting and evolving to bring together defensive operations and the analysis of emerging threats with the strategic introduction of new technologies. The result is a mature, flexible, risk-based and cost-efficient approach to ensure the crown jewels of an enterprise remain secure,” Harrison stated.

Historical ways of doing things are being updated. Security information and event management (SIEM), a term coined in 2005, provides a real-time analysis of security alerts generated by applications and network hardware. Firewalls, malware protection and other signature-based options solve part of the problem. Successful threat hunting requires a preemptive search of large data sets, using AI and machine learning. The idea is to identify threats that may or may already have evaded the current detection capabilities.

“The application of automation to threat hunting enables faster response time and more agile and improved recommendations on responses. It reduces attack vectors, breaches, and breach attempts and enables organizations to move from a purely reactive response to operating ahead of threats,” Harrison stated.

AI Seen As Potentially Helping Extend Budgets by Delivering More Value

The push to incorporate AI into cybersecurity is also being seen as a way to extend corporate security budgets under pressure.

AI in cybersecurity until 2014 was a marketing term, stated Raef Meeuwisse, CISM, CISA, author of “Cybersecurity for Business,” in a recent account in infosecurity. He is not a fan of machine learning on its own applied to cybersecurity. “The problem with machine learning is that the AI is limited to the features that it has been taught to expect,” he states. “Fooling a machine learning security system is as simple as adding an unexpected/ unprogrammed feature into the exploit.”

Raef Meeuwisse, CISM, CISA, author of “Cybersecurity for Business”

Artificial neural networks, in contrast, effectively self-organize how the system reviews and manages the data it has access to. “It does not need to have seen the behavior before, it only has to recognize the outcome, or potential outcome,” he states.

Security programs using AI technologies, often running as local agents, can now understand and block rogue identity and access activities, identify and quarantine malware, prevent data loss, adapt the security configurations of devices, with few or no errors. “The progression and investment into artificial neural network technology means that some security software technologies have now reached a level of competency that was unthinkable 10 years ago,” Meeuwisse states.

In some SIEM environments, the AI applied to security can inspect, alert and block based on analysis that would be impossible to achieve manually. “The AI technologies are literally performing the equivalent of years of manual security work every minute,” he states.

As the AI technologies become more stable, the author sees the price point moving lower as well. The average AI anti-malware solution for home use is now priced at less than $1 per device per month. “My own experience using these technologies is that they are incredibly helpful,” he stated.

AI is a New Learning Requirement for Cybersecurity Professionals

Cybersecurity professionals working in enterprises now face a requirement to learn about how AI and machine learning can work within their systems. “AI/ML has a direct effect on cybersecurity teams and brings a whole new set of needs to the enterprise,” stated Bob Peterson, CTO architect at Sungard Availability Services, an IT service management company, in a recent account in .

The creation and maintenance of the AI/ML security system requires a joint effort from many contributors. “The team requires domain experts that understand the security data and how it is generated, data analysis and data science experts that understand data analysis techniques, and AI/ML experts that translate this information into the right models and algorithms,” Peterson stated.

When hiring, it’s good to be open-minded. Maybe a candidate has a needed skill but needs to come up the learning curve in cybersecurity. “It may be easier to educate them on cybersecurity versus the technology skill itself,” Peterson stated.

Cybersecurity also faces a challenge in diversity of staff. Only 20% of security professionals are women and only 26% in the US are from marginalized communities, according to Sivan Nir, a threat intelligence team leader at Skybox Security, a cybersecurity software supplier.

Sivan Nir, threat intelligence team leader, Skybox Security

“This is a big problem because cybersecurity, in particular, is a field that thrives on diversity,” Nir stated. “If you think about who we are up against, cybercriminals come from diverse backgrounds, so it is crucial our teams have different points of views and a variety of thought processes.”

Nir emphasized the importance of making people—especially girls and underrepresented groups—aware of tech and cybersecurity as a career path from a young age. “Working in technological fields should be seen as exciting, not intimidating,” she stated. “Cybersecurity, in particular, is never boring—it tackles real-world challenges at a fast pace every day.”

Read the source articles in Nextgov, infosecurity and ITPro Today.

Source: https://www.aitrends.com/security/ai-in-cybersecurity-helping-with-threat-hunting-reducing-attack-vectors/

Continue Reading

Cyber Security

Data Is The New Perimeter

Avatar

Published

on

Before the current millennium, enterprise talent would go to the office. It was so straightforward. Talent would all just sit at enterprise stations on prem and exist within a knowingly defined perimeter. The Firewall, VPN, LAN, Antivirus environment was within the gaze- and right under the nose- of the CISO.

CISO prioritization has always been on securing that perimeter. Managing technology vulnerabilities to ensure visibility over the complete threat landscape was the day-in-day out activity. The castle and moat strategy worked well when everything was inside the castle. But as cloud migration began and remote work continued, the perimeter expanded. The best CISOs in the business evolved with these changes and increased focus on nimble privilege-based access as opposed to a simple VPN on/off switch. Data at rest was always in view. Data in transit had been tougher to track. With global enterprise moving to a distributed structure reality, visibility over data in transit is truly an issue.

With the user consistently accessing data via non-enterprise endpoints an updated mindset and approach come into focus. In our Interactive Discussion on the CSHub Mid Year Report, Dennis Leber noted, “data is the new perimeter.”

Infinite Perimeter

We’ve been using the phrase infinite perimeter on CSHub to showcase what must be managed- access, endpoint, cloud and now IoT- as ever expansive. The distributed workforce, plus your 3rd party partners, plus their 3rd party partners thrusts access management and the concepts of least privilege and zero trust to the fore.  Those same distributed users bringing their own devices turns endpoint security into a game of cat and mouse. Your network now includes the home routers of your distributed workforce as well as their smart speakers.

The data breach can now occur via myriad means. And so, rather than focus on the perimeter point that has been breached, focus on the data.

Controls For The Data Breach

A breach has always been focused on the data. But with an easily defined perimeter, the focus of the information security officer was rightly on the breach. Gaining an ever-widening scope of focus on the exponential expanse of the perimeter is mandatory. An additional focus on data at rest and data in transit will assist in that infinite perimeter scope of focus achieving clarity.

The focus has been on knowing where the crown jewels sit and protecting that space. CSHub Executive Board Member and IEEE Public Visibility Initiative spokesperson Kayne McGladrey notes, “if you don’t know where your data live, you can’t apply any effective policies around access controls or do any meaningful incident response or do any meaningful security awareness.”

Focusing on the Data in the Data Breach

As data exfiltration abounds, getting a handle on data in transit is of course, key. McGladrey continues, “right now, for almost all businesses data is the most important thing they have, whether it’s PII, PHI, IP. The threat actors are not attacking because people have nice office spaces that are currently empty, and they’re not attacking because they have nice manufacturing capacity, that’s also operating at a lower rate. They’re attacking because they want to steal the data and do things with it, depending on their motivation. And if you can’t say empirically, ‘We know where all those data are,’ you can not apply controls.”

But having basic controls over data in transit is simply not good enough. McGladrey expounds, “Build both policies to require encryption of data in transit, as well as policies around approved services to use, and then implement telemetry. If you don’t have a policy that says, ‘We’re going to have a standards list of approved services for transmitting data across organizations, and we’re going to have enforcement of that in our technical control,’ – think like a CASB at the very simplest level- then ultimately you have no idea where your data are going at the end of the day.”

Risk

Knowing everything about that most-important data in transit leads you to a cogent understanding of your actual enterprise risk. Horizon Power CISO and CSHub Executive Board Member Jeff Campbell notes, “It’s all got to be based on risk. Tapping into the corporate risk framework at your organization and understanding what they consider to be important as a strategic enabler, and then understanding that security- particularly now in this digital future- plays a very, very important part in enabling those strategic initiatives.”

Prioritization and risk go hand-in-hand. If the wrong things are prioritized, your risk increases. McGladrey notes that’s all the more important in a distributed enterprise. “Some of the projects that get spun up aren’t really going to have a material reduction in risk- and they’re not going to have a significant benefit to the business and with a nomadic workforce- that becomes a challenge.”

Prioritization

The organization should of course be already running in line with an industry standard like Center for Internet Security’s critical security controls. That ensures that you know that the enterprise is secure with where the business is. Zeroing in on the larger long-term enterprise goals provides a context of where the business is going. Understanding the Board and C-Suite cyber security focus points denotes how you can connect cyber security to those business goals. And when that connection is made, so is the business case for your current and future budget. 

Campbell sums up, “So how do you prioritize? You develop metrics consistent with what your board likes to see around cyber security, as well as how that ties in into delivery of those initiatives. Those metrics need to be framed in a way that is a common language, and the common language at the board and executive layer. And that’s how you prioritize.”

The theme of business enablement has rifled through the industry over the past few years and the focus now has a fever pitch. A focus on business enablement has been about ensuring that the CISO can simply do what they know they need to do. We have now turned the corner in that business enablement can now help a CISO understand how to prioritize what they need to do.

Source: https://www.cshub.com/executive-decisions/articles/data-is-the-new-perimeter

Continue Reading
AR/VR14 hours ago

Gnomes & Goblins to be Wevr’s Biggest Production, 10x Larger Than the Preview

AI14 hours ago

Is It Worth Investing in a Website Builder?

AR/VR14 hours ago

How to Create a Cloud-connect AR Experience in 15 Minutes or Less

AR/VR15 hours ago

Mortal Blitz: Combat Arena’s PlayStation VR Open Beta Begins Next Week

Crowdfunding16 hours ago

AvidXchange Announces New “Tech Rising” Initiative to Remove Barriers to Technology Education

Blockchain17 hours ago

Swipe Is the Latest Project to Integrate Chainlink’s Price Oracles

Blockchain17 hours ago

Craig Wright Won’t Need to Pay Hodlnaut $60K Until Appeal Is Over, Says Counsel

Blockchain17 hours ago

Bitcoin a Hedge Against Elon Musk Mining Asteroid Gold, Say Winklevoss Twins

AR/VR17 hours ago

Solaris Offworld Combat has Been Delayed to September

Crowdfunding18 hours ago

Mastercard Announces Global Commercial Partnership With Pollinate

AR/VR18 hours ago

Oculus Social VR App ‘Venues’ to Get Overhaul in Preparation for ‘Facebook Horizon’

Blockchain18 hours ago

Thailand’s Central Bank Eyes DeFi Use Cases for Its Digital Baht

Blockchain18 hours ago

Bitcoin Proceeds of COVID-19 Business Support Scheme Fraud Seized

AR/VR19 hours ago

VR Giants’ Co-op Kickstarter Achieves Funding Success

Payments22 hours ago

Huntington Bancshares picks BillGo for faster payments

Payments22 hours ago

Banco Ripley goes live on Temenos Transact

Payments23 hours ago

OakNorth’s UK bank has approved £600m in loans since March

Payments23 hours ago

How a “Chad” minted Curve tokens early and briefly surpassed BTC’s market cap

Start Ups23 hours ago

Diplomatic ties Between Israel and UAE :Donald Trump

Publications23 hours ago

As the pandemic persists, New Zealand considers negative interest rates

Publications23 hours ago

Stock futures rise slightly after S&P 500 struggles to reach February record high

Payments23 hours ago

ABN Amro to slash size of investment bank after losses

Cannabis23 hours ago

Weed memes, explained

Publications23 hours ago

The $150 billion video game industry grapples with a murky track record on diversity

AR/VR24 hours ago

Cas & Chary Present: Top 10 ‘Half-Life: Alyx’ Mods So Far

Cleantech1 day ago

J.B. Hunt’s 1st Delivery With Fully Electric Freightliner eCascadia

Science1 day ago

Sabesp anuncia resultados do 2T20

Science1 day ago

CarParts.com Announces Pricing of Public Offering of Common Stock

Blockchain1 day ago

Four of the Top Five South Korean Banks to Offer Crypto Services

Science1 day ago

SABESP Announces 2Q20 Results

Payments1 day ago

Alt Lending – week ending 14th August

Science1 day ago

Brussels Airport Company has selected Ecolog to perform COVID-19 Tests at the Brussels Airport

Publications1 day ago

Coronavirus live updates: Congress leaves without passing relief bill; Fauci concerned with U.S. outbreak

Blockchain1 day ago

Is Chainlink Poised for a Sell Off After Reaching New ATH?

Publications1 day ago

China may never catch up with its commitments to the U.S. in ‘phase one’ deal, expert says

Science1 day ago

Danke Partners with Leading Chinese Media to Release 2020 College Graduate Housing Blue Book

Blockchain1 day ago

$12K Bitcoin Price in Sight as Retail, Institutional Traders Turn ‘Greedy’

Blockchain1 day ago

$99 Gas Fees on Ethereum Are Crippling DeFi’s Growth

Crowdfunding1 day ago

UK’s Federation of Small Businesses Says Next Budget Must be “Most Pro-Business Ever” to Combat Negative Effects of First Recession in 11 Years

Start Ups1 day ago

Former New York Times reporter Alex Berenson: I’m increasingly convinced that COVID-19 is a creation of the media/technology complex. (NO – I do not mean it’s not real or was bioengineered)

Trending