Connect with us

Cyber Security

Attackers Increasingly Focus on Business Disruption

Avatar

Published

on

Network intruders are staying undetected for an average of 95 days, enabling them to target critical systems and more completely disrupt business.

More cyberattackers are targeting large companies with stealthier attacks, aiming to significantly disrupt businesses and force them to pay higher ransoms, according to a report summarizing more than 300 breach investigations.

The “CrowdStrike Services Cyber Front Lines Report” found that 36% of incidents aimed to disrupt business or operations. While companies are getting better at detecting attacks using their own people and systems —79% of attackers were discovered internally, the highest rate in three years — the number of days attackers went undetected increased to 95, up from 85 days in 2018, CrowdStrike found.

The result is that malicious attackers have more time to attack operations and cause more disruption, says Thomas Etheridge, vce president of services at CrowdStrike.

“Not all of these threat actors are deploying ransomware, but they were really focused on disrupting the business’ ability to perform business,” he says. “That disruption was behind higher ransom amounts and the decision to often pay the ransom.”

The report’s findings highlight how last year’s steady beat of ransomware headlines became a trend. From the coordinated attacks on Texas towns to a focus on local school districts, reports of ransomware attacks exploded in 2019. While successful attacks have decreased in number by some accounts, attackers are focusing on larger targets and threatening to do greater damage. Called “big-game hunting” by many firms, the revised strategy is about minimizing effort and maximizing the profit from criminal activity.

“That type of access that the attacker has, it really gives them the flexibility to understand where the critical data assets are, what approach they are going to take to encrypt those assets, where the backups are stored — and that really puts the customer at a disadvantage,” Etheridge says.

While the increase in disruptive attacks is the main theme of CrowdStrike’s report, a number of other trends are highlighted as a well. The company found, for example, that a legitimate tool for scanning Active Directory stores, known as Bloodhound, had been co-opted by attackers to speed their movement across networks. 

The company also urged companies to better secure their cloud services, especially infrastructure-as-a-service (IaaS) infrastructure. Attackers are already targeting API keys, which are used to allow programs to access and incorporate features from the cloud.

“Static keys pose a significant risk because they allow enduring access to large amounts of often sensitive data,” the report states. “Instead, use ephemeral credentials for automated cloud activity and enforce the usage of these credentials only from authorized IP address space.”

Finally, Macs are now on the menu for attackers, CrowdStrike says.

“The increasing popularity of macOS systems in organizations, combined with insufficient macOS endpoint management and monitoring, have made Macs lucrative targets for threat actors,” the report states. “Once inside a victim environment, the Services team has observed threat actors leveraging legitimate user credentials and native macOS utilities to move laterally and persist there while evading detection.”

In terms of disruptive attacks, the manufacturing sector found itself most often successfully targeted by ransomware and other business-disrupting malware, according to CrowdStrike’s report. Healthcare had the second highest number of disruptive incidents, followed by government organizations and information-technology companies.

Attackers often used spear-phishing attacks for the initial compromise, the company found. In just over a third of cases (35%), spear-phishing e-mails or messages gave attackers initial access to the victim’s systems. Attackers also sought out legitimate credentials to allow them to move around networks. Collecting credential dumps and attempting to discover accounts were the No. 1 and No. 3 attack techniques.

Companies that deploy a handful of defenses could fend off many of the attacks detected by CrowdStrike. Multifactor authentication on all public-facing portals, for example, will prevent attackers from gaining easy access through stolen credentials. Network segmentation helps prevent attackers from easily moving around a network following a compromise. 

“These methods can help organizations improve their security posture,” Etheridge says. “Organziations are better able to self-detect the attackers in their environment, so we expect attackers to continue to use more stealthy techniques to increase their dwell time.”

Related Content:

Check out The Edge, Dark Reading’s new section for features, threat data, and in-depth perspectives. Today’s top story: “6 Unique InfoSec Metrics CISOs Should Track in 2020.”

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT’s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline … View Full Bio

More Insights

Source: https://www.darkreading.com/threat-intelligence/attackers-increasingly-focus-on-business-disruption/d/d-id/1336800?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Continue Reading

Cyber Security

Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/critical-cisco-sd-wan-hyperflex-bugs/165923/

Continue Reading

Cyber Security

Ryuk Ransomware Attack Sprung by Frugal Student

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/ryuk-ransomware-attack-student/165918/

Continue Reading

Cyber Security

Hide Internet Activity At Work

Avatar

Published

on

How to hide your internet activities from your employer?

Table of Contents

How to hide your internet activities from your employer?

The Internet has evolved into such a public space that not only hackers or governments, but also employers, snoop on internet activity. Without your awareness, companies may monitor your internet use, and the free browsing time you have at work can no longer feel private. Even though your entire web browsing history can be monitored at work, there is a way to keep your internet activities secret from your boss. But first, let’s take a look at how and what your boss may be keeping track of.

Why employers monitor their employees’ internet activity?

The majority of employers keep track of their workers’ internet use for a reason. Compliance with security legislation is one rational reason why monitoring is used. These regulations require businesses (mostly financial institutions or government-related organizations) to control all of their internal networks to avoid fraud and hacking, as well as to be able to track down a problem if one arises.

Another factor, which may be obsolete in today’s world but remains, is their employees’ lack of confidence. Companies monitor software and internet use, as well as active and idle hours, to determine employee productivity. They keep track of how much time you spend online, what websites you visit, and what files you download, which doesn’t feel safe or private in any situation.

How employers can monitor employee internet activity?

Employee internet activity can be tracked in a variety of ways, one of which is functioning as a man-in-the-middle. The employer’s network can be set up so that all internet traffic is routed through a rogue proxy that can intercept any traffic and read its contents. A network administrator who can access the server either remotely or physically can view all internet traffic on the employer’s network. The router or proxy server may be inside a company building or in the data center.

Without a VPN, an employer will serve as a middleman and monitor all internet traffic on the network.

On the man-in-the-middle server that the employer owns, all internet activity can be seen – when you connected to what website, did you stream any videos, play a game, or download a file – all is recorded.

Companies that do not have an IT department or resources devoted to tracking their employees’ online activities have made contracts with their Internet Service Provider, who serves as a man-in-the-middle and reports on the online activities conducted via the company’s network regularly. IP addresses, link times, websites or files downloaded, and other data are all visible to an ISP.

Knowing that your personal data can be monitored and used by your employer makes you feel uneasy, but there is a way to mask your internet surfing at work.

How to hide internet activity from employers?

While your employer will track your internet usage and see which websites you visit, using a VPN is a good way to mask your online activities. When you use a VPN, all of your internet activity is encrypted, and the only information that your boss can see is the IP address of the VPN server and gibberish that is difficult to crack. NordVPN is a VPN that uses the best AES-256 bit encryption. It does not hold any records or personally identifying information, and it protects you from someone attempting to eavesdrop on your communications.

The way it works is that when you use a VPN, all of your internet traffic is routed through an encrypted VPN tunnel to the VPN server. This way, the boss and ISP can’t see what websites you visit or what files you download. Using the man-in-the-middle method to see inside the encrypted VPN tube, the employer can only see gibberish details, making it difficult to figure out where you’re trying to communicate online. It just indicates your link to the VPN server’s IP address, rather than your connection to specific websites.

With VPN employer can not see what is inside a strongly encrypted VPN tunnel

VPN hides your online activities from your employer in real-time but you also must take into consideration that your browsing history can be accessible later on your device.

How to bypass administrator rights requirement when installing?

Installing VPN software, especially on a work machine, can necessitate administrator privileges, which you may not have. Fortunately, using a VPN Chrome plugin (which also works for Firefox!) is a simple way to mask your online activities. It is only intended to run on browsers and does not require administrative privileges to install.

How to hide your browsing history from your employer?

A VPN masks your browsing history only on the router or server, keeping your internet activity secret from your boss. You should be aware that browsing history files are stored locally on your computer, and your employer can ask you to show them if they are truly interested.

Combining a VPN and an incognito window is the best way to keep your browsing history secret from your boss. When you close an incognito browser, it will erase all of your browsing history files and cookies. Any browser has an incognito window, which is ideal for keeping your browsing history clean at all times.

Does a work VPN expose my home network when working remotely

Many businesses use a VPN to securely access their services from a distance. What do you do if your boss has already built a VPN for you?

When you use a work VPN, all of your traffic from that computer is decrypted at the company’s servers, and your employer can see all of the websites you visit. The boss, on the other hand, cannot reach your local home network. All other browsing data on other devices is kept private, however, your ISP will be able to see it.

By simply disconnecting from the work VPN, your internet traffic will be routed back to your normal ISP. However, instead of an employer, your ISP now has access to all of your browsing data, and your privacy is compromised.

Best VPNs that would keep things private from your employer

NordVPN

NordVPN is a VPN industry leader, offering lightning-fast speeds across all of its 5600+ servers in 60+ countries. CyberSec, an ad-blocking and malware-protection feature prevent you from accessing compromised pages and protects you from online monitoring.

With double VPN servers and solid next-generation unbreakable encryption, it supports P2P/torrenting traffic with fast download speeds. It also unblocks Netflix and other streaming channels, making it an excellent option for those who enjoy watching movies and TV shows online.

NordVPN has a strict no-log policy and is available on all platforms (including browser extensions). It is the most comprehensive VPN on the market, with reasonable prices and a 30-day money-back guarantee.

    • 5200+ global servers in 59+ countries
    • CyberSec malware and ad-blocking protection
    • Next-generation encryption with double VPN servers
    • Obfuscation technology that masks VPN traffic
    • Strict no-logs policy
    • Works with Netflix and good for streaming
    • Lightning-fast with P2P support
    • 30-day money-back guarantee

Surfshark

Surfhsark is one of the most user-friendly and cost-effective VPNs available. It keeps no logs and has over 1700 servers in 63 different countries.

Since all of the apps use solid AES-256 encryption, neither your boss nor your ISP will be able to see what you do online. CleanWeb technology, which can block unwanted advertisements and trackers, is also included in the service.

Surfshark will unblock 15 Netflix libraries around the world, as well as Hulu, BBC iPlayer, Hotstar, and Disney+.

It also helps you to connect an infinite number of devices to the same account.

Both servers are P2P-friendly and torrenting is perfectly hidden from ISPs. VPN browser extensions for Chrome and Firefox are also available.

All of Surfhsark’s plans come with a 30-day money-back guarantee. You can currently get a 2-year contract for only $1.99 per month.

3200+ global servers in 60+ countries

    • CleanWeb ad-blocking feature
    • Secure and strong encryption with OpenVPN
    • Whitelist, Multi-hop VPN and kill switch
    • No-logs policy
    • Works with Netflix and good for streaming
    • Great speeds
    • 30-day money-back guarantee

ExpressVPN

ExpressVPN is one of the most private VPN services available. It was openly audited and found to have no logs. Its server network spans more than 160 locations around the world.

This VPN provider uses RAM for all of its servers, in addition to an Internet Kill Switch and best-in-class encryption algorithms. This means that when the server is restarted, all data is removed. This guarantees complete privacy and keeps the employer in the dark.

ExpressVPN is excellent for unblocking streaming services and other restricted content in countries where they are available. It completely supports and hides torrenting, and it downloads files at lightning speeds.

This VPN service offers applications for all major platforms as well as VPN plugins for Chrome and Firefox. However, administrator privileges are needed to use the extensions because they require a VPN app to function.

All ExpressVPN plans come with a 30-day money-back guarantee.

    • 160+ locations and 3000+ servers
    • Strict No-Log policy
    • Unlimited streaming (Netflix, Hulu, BBC iPlayer)
    • Strong military-grade AES 256-bit key encryption
    • Kill Switch, Split tunneling, and RAM-disk servers
    • 30-day money-back guarantee
    • Windows, macOS, iOS, Android, and Linux support
    • Fast speeds and reliable connections

Final thoughts

Using a VPN with strong and unbreakable encryption, such as NordVPN, will allow you to keep your online browsing at work private and hidden from your boss. It makes it difficult to see the contents of your internet traffic and covers the websites and files you download from your boss. The easiest way to keep your online habits secret from your boss is to use it in conjunction with an incognito window that deletes your browsing history on your browser until locked.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/hide-internet-activity-at-work/

Continue Reading

Cyber Security

Massive DDoS Attack Disrupts Belgium Parliament

Avatar

Published

on

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://threatpost.com/ddos-disrupts-belgium/165911/

Continue Reading
Blockchain5 mins ago

Mining Bitcoin: How to Mine Bitcoin

AI10 mins ago

Data Science is Where to Find the Most AI Jobs and Highest Salaries

Blockchain29 mins ago

IDEX’s ‘hybrid liquidity pool’ aims to tackle some of DeFi’s biggest problems

SaaS32 mins ago

SaaS32 mins ago

SaaS32 mins ago

SaaS32 mins ago

SaaS33 mins ago

AI35 mins ago

Pandemic Has Spurred CIOs to Crystallize the IT Strategy

AR/VR36 mins ago

For National Space Day Watch Episode 1 of Space Explorers: The ISS Experience With Oculus

Blockchain41 mins ago

Crypto Firm Coin Metrics Raises $15 Million Led by Goldman Sachs

Blockchain43 mins ago

Bitcoin, Polkadot, Bitcoin Cash Price Analysis: 06 May

Blockchain44 mins ago

ConsenSys exec joins CoinFund to assist early-stage blockchain firms

Nano Technology51 mins ago

Open-source GPU technology for supercomputers: Researchers navigate advantages and disadvantages

Blockchain52 mins ago

Will Elon Musk’s SNL Appearance Boost Dogecoin?

Nano Technology52 mins ago

A silver lining for extreme electronics

Nano Technology52 mins ago

Simple robots, smart algorithms

Start Ups52 mins ago

Auth0 CEO Eugenio Pace on the $6.5 billion deal with Okta and his advice for entrepreneurs

Nano Technology53 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Nano Technology53 mins ago

Polarization-sensitive photodetection using 2D/3D perovskite heterostructure crystal

Aviation59 mins ago

US airline industry sees surge in disruptive passenger cases

AR/VR1 hour ago

Researchers Are Using Laser Beams To Create 3D Holograms

Blockchain1 hour ago

EOS price rallies 100% following a proposal to increase staking rewards

AI1 hour ago

AI in Construction Scenario and Workforce Planning Seen Lowering Costs 

Techcrunch1 hour ago

Twitter Tip Jar lets you pay people for good tweetin’

CNBC1 hour ago

Can the Oversight Board force Facebook to follow its own rules?

Blockchain1 hour ago

Is this region the new ‘Mecca’ for Bitcoin miners?

Blockchain1 hour ago

Nuvei eyeing $250M acquisition of crypto startup Simplex

Aviation1 hour ago

Libyan Coast Guard Shoots At Two Italian Fishing Boats: Italian Frigate And P-72A Surveillance Plane On The Scene

Nano Technology1 hour ago

Open-source GPU technology for supercomputers: Researchers navigate advantages and disadvantages

Trending