Category Archives: Internet Security
Top 5 Global Cyber Security Trends of 2023, According to Google Report – TechRepublic
It is taking less time for organisations to detect attackers in their environment, a report by Mandiant Consulting, a part of Google Cloud, has found. This suggests that companies are strengthening their security posture.
The M-Trends 2024 report also highlighted that the top targeted industries of 2023 were financial services, business and professional services, tech, retail and hospitality, healthcare and government. This aligns with the fact that 52% of attackers were primarily motivated by financial gain, as these sectors often possess a wealth of sensitive and therefore valuable information.
Financially-motivated activity was found to have gone up by 8% since 2022, which is partially explained by the parallel rise in ransomware and extortion cases. The most common ways that threat actors gained access to a target network were through exploits, phishing, prior compromise and stolen credentials.
Dr Jamie Collier, Mandiant Threat Intelligence Advisor Lead for Europe, told TechRepublic in an email: Despite the focus on ransomware and extortion operations within the security community, these attacks remain effective across a range of sectors and regions. Extortion campaigns therefore remain highly profitable for cyber criminals.
As a result, many financially-motivated groups conducting other forms of cyber crime have transitioned to extortion operations in the last five years.
TechRepublic takes a deeper look into the top five cyber security trends of 2023 and expert recommendations highlighted by the 15th annual M-Trends report:
According to the M-Trends report, the median dwell time of global organisations decreased from 16 days in 2022 to 10 days in 2023 and is now at its lowest point in more than a decade. The dwell time is the amount of time attackers remain undetected within a target environment and indicates the strength of a businesss cyber posture. This figure suggests that companies are making meaningful improvements to their cyber security.
However, there could be another contributing factor; the average proportion of attacks due to ransomware increased to 23% in 2023 over 18% in 2022.
Dr. Collier explained to TechRepublic: The impact of extortion operations is immediately obvious. In the event when ransomware is deployed, a victims systems will be encrypted and rendered unusable. Alternatively, if data is stolen, a cyber criminal will quickly be in touch to extort a victim.
SEE: Top 7 Cybersecurity Threats for 2024
Organisations in the Asia-Pacific region saw the biggest reduction in median dwell time, with it decreasing by 24 days over the last year. Mandiant analysts link this to the fact that the majority of attacks detected were ransomware-related, and this majority was higher than any other region. Meanwhile, companies in Europe, the Middle East and Africa saw the average dwell time increase by two days. This is thought to be due to the regional data normalising following a concerted defensive effort by Mandiant in Ukraine in 2022.
Another proof that businesses are getting better at detecting cyber threats is that Mandiant found that 46% of compromised organisations first identified evidence of compromise internally rather than by an outside entity like a law enforcement agency or cyber security company, up from 37% in 2022.
Cyber criminals are increasingly targeting edge devices, using living off the land techniques, and deploying zero-day exploits, suggesting a renewed focus on maintaining persistence on networks for as long as possible.
Dr. Collier told TechRepublic: With network defenders increasingly on the lookout for extortion campaigns, evasive tactics increase the chances of a successful operation. Ransomware operations are far more effective when cyber criminals can reach the most sensitive and critical areas of a targets network and evasive tactics help them to achieve this.
Edge devices typically lack endpoint detection and response (EDR) capabilities, so they are solid targets for cyber criminals looking to go under the radar. In 2023, Mandiant investigators found that the first and third most targeted vulnerabilities were related to edge devices. These were:
The report authors wrote: Mandiant expects that we will continue to see targeting of edge devices and platforms that traditionally lack EDR and other security solutions due to the challenges associated with discovery and investigation of compromise. Exploitation of these devices will continue to be an attractive initial access vector for Chinese espionage groups to remain undetected and maintain persistence into target environments.
SEE: Q&A on how Dell sees security at the edge
About 20% of malware families detected by Mandiant in 2023 did not fit into a typical category, which is a higher proportion than previous years. Furthermore, 8% of attacks in this other category involved the use of remote administration tools and other utilities. These are less likely to be flagged by default by EDR, or other security tools, which can keep the attacker undetected, and are often coupled with living off the land techniques.
Living off the land is the use of legitimate, pre-installed tools and software within a target environment during a cyber attack to help evade detection. This can reduce the overall complexity of the malware by allowing the attacker to weaponize existing features that have already been security tested by the organisation. It is particularly effective with edge devices because they are typically not monitored by network defenders, allowing them to remain on the network for longer.
A recent example the Mandiant researchers spotted is a backdoor named THINCRUST, which was appended into the web framework files that were responsible for providing the API interface for FortiAnalyzer and FortiManager devices. The threat actors were able to harness the native API implementation to access and send commands to THINCRUST by simply interacting with a new endpoint URL they had added.
In 2023, Mandiant researchers tracked 97 unique zero-day vulnerabilities exploited in the wild, representing a more than 50% growth in zero-day usage over 2022. The zero-days were exploited by espionage groups and financially-motivated attackers looking to steal valuable data to turn a profit.
The reports authors anticipate the number of identified zero-day vulnerabilities and exploits that target them will continue to grow in the coming years due to a number of factors, including:
Cloud adoption is continuously growing Gartner predicts more than 50% of enterprises will use industry cloud platforms by 2028 and, therefore, more attackers are turning their attention to these environments. According to CrowdStrike, there was a 75% increase in cloud intrusions in 2023 over 2022.
Mandiant analysts say attackers are targeting weakly implemented identity management practices and credential storage to obtain legitimate credentials and circumvent multifactor authentication (MFA).
SEE: UKs NCSC Issues Warning as SVR Hackers Target Cloud Services
Mandiant observed instances where attackers gained access to cloud environments because they happened across credentials that were not stored securely. Credentials were discovered on an internet-accessible server with default configurations or had been stolen or leaked in a previous data breach and not been changed since. They also gained access using different techniques to bypass MFA, covered in more detail in the next section.
Once inside the cloud environment, the authors observed bad actors performing a number of tactics to abuse the cloud services, including:
Now that multifactor authentication has become a standard security practice in many organisations, attackers are exploring new, creative tactics to bypass it. According to Mandiant, the number of compromises against cloud-based identities configured with MFA is increasing.
In 2023, the firm observed an increase of adversary-in-the-middle (AiTM) phishing pages that steal post-authentication session tokens and allow bad actors to circumvent MFA. In an AiTM campaign, attackers set up a proxy server that captures a users credentials, MFA codes and session tokens issued by the logon portal while relaying the connection to the legitimate server.
SEE: New phishing and business email compromise campaigns increase in complexity, bypass MFA
The majority of business email compromise cases Mandiant responded to in 2023 involved the threat actor circumventing the users MFA via AiTM. In the past, the relative complexity of setting up AiTM phishing infrastructure compared to traditional credential harvesting forms may have kept the number of these attacks low. However, there are now a number of AiTM kits and phishing-as-a-service offerings advertised in the cybercriminal underground, according to Mandiant. These products significantly lower the barrier to entry for AiTM phishing, resulting in an uptick.
Other techniques the Mandiant researchers observed attackers using to bypass MFA include:
Red teams consist of cyber security analysts who plan and execute attacks against organisations for the purposes of identifying weaknesses. In 2023, Mandiant consultants used generative AI tools to speed up certain activities in red team assessments, including:
Dr. Collier told TechRepublic: The role of AI in red teaming is highly iterative with a lot of back and forth between large language models (LLMs) and a human expert. This highlights the unique contribution of both.
AI is often well suited for repetitive tasks or fetching information. Yet, having red team consultants that understand the trade craft and possess the skills to apply context provided by LLMs in practical situations is even more important.
AI was also used in Mandiants purple team engagements, where analysts must become familiar with a clients environment from the perspective of an attacker and defender to foster collaboration between red and blue teams. Generative AI was used to help them understand the customers platform and its security more quickly.
SEE: HackerOne: How Artificial Intelligence Is Changing Cyber Threats and Ethical Hacking
In the report, the authors speculated on how cyber security analysts could use AI in the future. Red teams generate a substantial amount of data that could be used to train models tuned to help secure customer environments. However, AI developers will also have to find novel ways to ensure models have appropriate guardrails in place while simultaneously allowing for the legitimate use of malicious activity by red teams.
The combination of red team expertise and powerful AI leads could result in a future where red teams are considerably more effective, and organisations are better able to stay ahead of the risk posed by motivated attackers, the authors wrote.
The metrics reported in M-Trends 2024 are based on Mandiant Consulting investigations of targeted attack activity conducted between January 1, 2023 and December 31, 2023.
See original here:
Top 5 Global Cyber Security Trends of 2023, According to Google Report - TechRepublic
Saints secure with signing of NordVPN – St Kilda FC
St Kilda Football Club is pleased to welcome leading cybersecurity company NordVPN as an official partner.
By saints.com.au
2 days ago
St Kilda Football Club is pleased to welcome leading cybersecurity company NordVPN as an official partner.
The worlds most advanced VPN service provider, NordVPN is used by millions of internet users across the globe.
Were excited to enter this partnership with NordVPN, EGM Commercial and Consumer Chris Larkins said.
We know how much our fans enjoy connecting with the club online, so were excited to partner with NordVPN to help ensure their safety as they do so.
The partnership will aim to educate Saints fans on the potential risks of using unsecured networks to ensure privacy and safety online.
NordVPN Head of PR Laura Tyrylyt said the software not only allows users to stay private online, but also protects them from malware and trackers, as well as screening the dark web to see if other online service providers have leaked accounts associated with users email addresses.
Strong defence is crucial not only on the football field but also in our activities online, thus were honoured to establish our partnership with St Kilda Football Club NordVPN Head of PR Laura Tyrylyt said.
We are sure this partnership will bring more awareness about cybersecurity and online privacy to football fans. Were looking forward to providing them with robust internet security solutions across their devices.
NordVPN is currently running a 75% off sale, including a 30-day money-back guarantee for new customers. In addition, St Kilda members are eligible to an extra month of NordVPN subscription for free.
To learn more about NordVPN or to access the St Kilda member exclusive deal click here.
The rest is here:
Saints secure with signing of NordVPN - St Kilda FC
SANS Institute to Empower Cyber Professionals in the Middle East at SANS Dubai May 2024 – Global Security Mag
SANS Institute to Empower Cyber Professionals in the Middle East at SANS Dubai May 2024
SANS Institute has announced SANS Dubai May 2024 from 11-16 May at the Hilton Dubai, Palm Jumeirah. The course is expertly designed to equip cyber professionals with the skills needed to identify, counter, and prevent emerging cybersecurity threats, particularly those security professionals interested in expanding their knowledge of Red Team engagements and security control requirements.
Recent high-profile cyberattacks indicate that offensive attacks are bypassing defensive strategies, and cybersecurity experts, auditors, engineers and compliance officers are actively seeking practical solutions to protect their systems and data. In line with this, the UAE is witnessing a surge in demand for cybersecurity professionals with the necessary skills, with market projections indicating substantial growth from $0.52 billion in 2023 to an anticipated $0.95 billion by 2028.
SANS Dubai May 2024 offers two specialized courses through both in-person training and simultaneous live online sessions: the newly-launched SEC565: Red Team Operations and Adversary Emulation, and SEC566: Implementing and Auditing CIS Controls.
SEC565 will teach students how to develop and improve Red Team operations for security controls through adversary emulation, cyber threat intelligence, Red Team tradecraft, and engagement planning, ultimately improving the overall security posture of the organization.
In SEC566, students will learn how an organization can defend its information by using a vetted cybersecurity control standard, specifically how to implement, manage, and assess security control requirements defined by the Center for Internet Securitys (CIS) Controls across an organizations complex networks, including cloud assets.
"As threats advance and become more sophisticated, organizations in the Middle East must proactively assess their security measures. Mastering offensive security techniques is necessary today, and thats where the SANS Institute comes in, says Ned Baltagi, Managing Director Middle East, Turkey and Africa, SANS Institute. By leveraging threat intelligence and emulating real-world environments, we teach professionals how red teams provide invaluable insights into an organizations vulnerabilities by identifying weaknesses, enhancing defense strategies, and strengthening incident response capabilities.
Moreover, understanding what to do when addressing threats can be overwhelming when organizations must meet various compliance and framework requirements. We aim to teach professionals how to defend their information systems by the implementation of foundational safeguards, measure control implementation and effectiveness, then report back to leadership at each level."
On May 13, 2024, SANS will also hold a Community Night session on How to Prevent Social Engineering based on Successful Red Team Exercises. Organizations spend a large amount of effort to lock down their technology and the associated process to prevent intrusions, but many times breaches end up happening due to the human factor. David Mayer, Principal Instructor at SANS Institute will present successful social engineering campaigns and provide tips on how companies can train their employees to prevent social engineering from being successful.
For more information and to register for SANS Dubai May 2024 in person or online, please click here. To register for SANS Dubai May 2024 Community Night, please visit: https://www.sans.org/mlp/community-night-dubai-may-2024/
Read the original here:
SANS Institute to Empower Cyber Professionals in the Middle East at SANS Dubai May 2024 - Global Security Mag
4 fast, easy ways to strengthen your security on World Password Day – PCWorld
Many arbitrary holidays litter our calendars (ahem, Tin Can Day), but World Password Day is one fully supported by the PCWorld staff. Were all for ditching weak passwords especially when strengthening your security takes only a little effort.
Follow these four easy suggestions and youll thank yourself for years to come. Not only will data breaches and hackers stop being immediate threats, but you wont have to scramble to remember a collection of user name and passwords. Thats especially true if you opt for a newer form of account protection thats simpler to use than passwords.
Trust us, you want to safeguard yourself. Data breaches are common these days, and as Bitwardens latest survey results indicate, a concerning number of people still reuse passwords (31 percent in the U.S. do so for 11 to 20+ sites!). And with so many data leaks, its getting easier and easier for hackers to not just know your passwords, but figure out the personal info you might use in a password another prevailing bad habit (42 percent in the U.S.). Yikes.
Password managers make better account security so easy. You only have to memorize one strong password to safeguard nearly all your other login info. (Heres how to come up with a good master password.)
You shouldnt have an issue finding a password manager that suits you, either its perfectly normal to have reservations about them, but there are so many options out there. Want something that integrates seamlessly with your phone or browser? Google, Apple, and Firefoxs password managers are basic but solid. Hate the idea of all your passwords sitting in the cloud? Try KeePass or one of its variants. Need support for advanced two-factor authentication methods, like a YubiKey? Many paid services include it. Password managers now also generally support passkeys, a simpler yet more secure method of account protection.
Paying for a good solution isnt always necessary either, as youll see when going over our lists of the best paid password managers and the best free password managers. The kinds of features that unlock when paying for services are helpful indeed, especially if youre using multiple devices or want to secure passwords for multiple people, but theyre not absolutely vital otherwise. That said, our go-to solution Dashlane makes managing passwords dead simple and only costs $33 per year, or $2.75 per month. Its money well spent for the added security (and the extra polish).
And dont worry if you try one service and dont like it. Exporting and importing password databases is simple.
Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.
Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.
Terahash / Twitter
Companies like Terahash can combine several hundred GPUs to crack short passwordsinstantly. This chart shows how longer passwords can make the process impossibly long, even with such computing power on hand.
Terahash / Twitter
Terahash / Twitter
Even websites that barely register in your memory deserve a strong, unique password. If youve left behind traces of personal information or financial information, like stored credit card info unauthorized access to your account could lead to future headaches.
Normally, remembering a strong, random, and unique password for every place you visit on the internet would be a pain in the rear. Everything requires a login these days. But with a password manager (which of course youve just set up!), you no longer have that responsibility. So long as you have the browser extension (or app installed on your phone), you can let it choose a password for you. Just tell it how many characters in length and what mix of them. (Security experts currently recommend 24 characters in length, randomly generated with numbers, letters, and special characters; you can also opt for a similarly long passphrase for things you need to manually type.) The fun part is that because you dont have to memorize each password yourself, long and complex strings arent a hassle.
If you want to really level up your login security, you can also use strong, unique user names, too. With a password manager tracking everything, being randominternetuser13960 on one site, ithurtstomove4582 on another, and pizzacoma2259 on a third is a cinch. Have to use an email address for your login? Gmail and some other email providers let you create aliases by adding a plus sign (+) and phrase after your account name. So for example, you could use emailaddress+likesbooks@gmail.com to distinguish that particular site. Or better yet, you can wholesale upgrade to email masks for true anonymity.
Apple
Apple
Apple
We hate to say it, but these days, strong passwords alone arent enough to ward off threats. Data breaches happen, and so do moments of being caught off-guard by phishing attempts.
Two-factor authentication adds another layer to your login process. Instead of having immediate access to your account upon entering your user name and password, youll have to pass another security check before access is granted. (You can read more about how 2FA works in our explainer, which also gives more details on the common forms available.)
Like using a password manager, two-factor authentication doesnt have to be a cumbersome addition to your login process. Apps like Authy, Aegis, and Ravio make accessing your 2FA codes on multiple devices simple, and support easy security measures like biometric authentication to protect those codes from prying eyes.
We of course recommend enabling two-factor authentication on as many accounts as possible, but at minimum, do it for major accounts like email and financial services places with info that could wreak havoc on your life if someone else got unauthorized access. Also consider protecting your Amazon, social media, Steam, and work accounts (and their info ripe for use in social engineering) in this way, too.
For sites that dont have two-factor authentication which sadly includes a large number of e-commerce sites you can help limit damage from unauthorized account access by not leaving your credit card information and address on file.
This newer form of account authentication has been spreading steadily since last year, and just in time, too. Passkeys cut out a lot of the hassle of using passwords while also providing strong security out the gate a quality of life upgrade sorely needed as online security gets more complex.
You just need a device like a phone, tablet, or even your PC to serve as an authenticator. Itll be registered to your account when you generate the passkey. Afterward, youll get prompts on the device to authorize logins, which youll approve using face identification, a fingerprint, or a PIN. Its incredibly simple, and more importantly, passkeys are more resistant to the current effects of data breaches. Because they are an asymmetrical form of encryption, a hacker cant guess at your passkey based on the compromised websites encrypted login data. Only you have the other part of the puzzle, and its a different kind of piece than the part saved to your website account.
You can also use a password manager to store passkeys, though theyre currently a bit less secure than using a physical device.
You can read more about passkeys in our coverage of Googles recent launch of passkey support for its accounts (as well as in Googles own excellent overview of the topic), but basically, this is the cutting-edge of online security. A passkey eliminates the hassles of passwords, along with the pressing need for two-factor authentication, and should make protecting your accounts much easier. Good websites support both passwords and passkeys so you can still have a password + 2FA combo as an alternate method to login (just in case you lose your device with stored passkeys), but use your passkey day-to-day with less hassle.
All set up with your password manager and two-factor authentication, and feeling primed to go even further? Learning more of the ins and outs of your password manager will help integrate it into your life even more seamlessly. Installing your services companion smartphone app and browser extension is just a starting point check out our guide on how to make most of your password manager for more tips. You can also have a look at our story about 5 easy tasks that supercharge your security. If youve followed this articles advice, youre already more than halfway there!
Here is the original post:
4 fast, easy ways to strengthen your security on World Password Day - PCWorld
U.S. officials scramble to stop major Internet firms from ditching FISA obligations – The Washington Post
U.S. government officials were scrambling Friday night to prevent what they fear could be a significant loss of access to critical national security information, after two major U.S. communications providers said they would stop complying with orders under a controversial surveillance law that is set to expire at midnight, according to five people familiar with the matter.
One communications provider informed the National Security Agency that it would stop complying on Monday with orders under Section 702 of the Foreign Intelligence Surveillance Act, which enables U.S. intelligence agencies to gather without a warrant the digital communications of foreigners overseas including when they text or email people inside the United States.
Another provider suggested that it would cease complying at midnight Friday unless the law is reauthorized, according to the people familiar with the matter, who spoke on the condition of anonymity to discuss sensitive negotiations.
The companies decisions, which were conveyed privately and have not previously been reported, have alarmed national security officials, who strongly disagree with their position and argue that the law requires the providers to continue complying with the governments surveillance orders even after the statute expires. Thats because a federal court this month granted the government a one-year extension to continue intelligence collection.
Section 702 requires the government to seek approval from the Foreign Intelligence Surveillance Court for the categories of intelligence it wants to collect. The court has issued certifications for collection involving international terrorism, weapons of mass destruction and foreign governments and related entities. Those certifications are good for one year and were renewed this month at the governments request.
U.S. officials have long argued that the law is a vital means of collecting the electronic communications on foreign government adversaries and terrorist groups. But its renewal has become an unusually divisive flash point, aligning conservative Republicans and liberal Democrats who are wary of granting the government broad surveillance authorities without new restrictions.
The people familiar with the efforts to keep the companies in compliance declined to name them, but they said their loss would deal a significant blow to U.S. intelligence collection.
Its super concerning, said one U.S. official of the potential loss of intelligence. You cant just flip a switch and turn it back on again.
U.S. officials began to hear Friday afternoon that the providers were planning to stop compliance unless Section 702 was reauthorized.
Senators are attempting to come to an eleventh-hour agreement on amendments on the legislation Friday night to quickly reauthorize the measure and avoid any lapse. Last week, the House renewed Section 702, but only for two years and only after privacy hawks failed to pass an amendment that would have required U.S. intelligence agencies to obtain a warrant to review Americans communications collected under the program. That bid failed in a dramatic 212-212 tie vote.
The House approval came despite former president Donald Trumps entreaty on social media to KILL the bill.
First passed in 2008 and reauthorized several times since then, the law enables the NSA to collect without a warrant from U.S. tech companies and communications providers the online traffic of non-Americans located overseas for foreign intelligence purposes. Communications to or from foreign targets deemed relevant to FBI national security investigations about 3 percent of the targets, according to the government are shared with the bureau. But the law is controversial because some of those communications may involve exchanges with Americans, which the FBI may view without a warrant.
The House bill represents the biggest expansion of surveillance in 15 years since Section 702 was originally created, and a shameful Congress would be expanding surveillance at a time when reforms are needed, said Jake Laperruque, deputy director of the Center for Democracy and Technologys Security and Surveillance Project.
U.S. security officials, for their part, for years have extolled the benefits of the law, with White House officials saying that the intelligence collected accounts for more than 60 percent of the presidents daily briefing. FBI Director Christopher A. Wray recently disclosed that it helped the bureau discover that Chinese hackers had breached the network of a U.S. transportation hub, and that it had helped thwart a terrorist plot last year in the United States involving a potential attack on a critical infrastructure site.
Failure to reauthorize 702 or gutting it with some kind of new warrant requirement would be dangerous and put American lives at risk, Wray told Congress this month.
Cyber attack takes Frontier Communications systems offline, affecting millions of broadband customers – ITPro
US telecom provider Frontier Communications was forced to shut down a number of its internal systems after detecting an unauthorized third party in its IT environment, shuttering internet access for millions.
Frontier Communications said it first detected the unauthorized access on 14 April 2024, before reporting the incident to the SEC on 15 April. The company said it had taken its systems down as part of its incident response protocols in an effort to contain the breach.
Frontier reported it believes it has contained the incident, with its core IT environment already restored, adding that it has also begun efforts to restore normal business operations, but this process is still ongoing.
Frontier serves customers in 25 US states, with 3 million broadband subscribers and a fiber optic network consisting of 5.2 million locations, as threat actors continue to target critical national infrastructure organizations to maximize the impact of their attacks.
Frontier says the third party, which it believes was likely a cyber crime group, was able to gain access to personally identifiable information (PII), among other information.
The telecom provider was unable to provide any further information on the specific types of sensitive information accessed by the attackers, or whether the PII pertained to customers or employees.
Some customers took to social media to voice their concern after being without internet for three days since Frontier took its systems down, reporting they cannot access technical support through Frontiers app, website chat, or their phone line.
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Frontier announced it was experiencing technical issues with its internal support systems and provided a phone number for those who require assistance.
This incident comes hot on the heels of a series of high-profile cyber incident affecting telecom companies.
A huge cache of AT&T customer data was published on the dark web on 30 March 2024, with the personal data of 73 million current and former customers being exposed.
In February 2024, Australian telecom company Tangerine disclosed a breach that exposed the personal data of 232,000 customers, after an eternal contractors compromised credentials were used to access a customer database.
As a result, internet providers are increasingly being classified alongside the healthcare, water, and energy sectors as critical national infrastructure (CNI), due to the number of critical services that rely on an internet connection.
In its 2023 annual review UKs National Cyber Security Centre included internet providers as part of the critical national infrastructure, defined as organizations which if compromised could cause large scale loss of life, a serious impact on the economy, and have other grave social consequences for the community.
The annual review also notes the cyber threats facing organizations today have changed, with a rise of state-aligned groups launching attacks against critical national infrastructure in rival states.
As such, telecommunications firms should be taking extra precautions to mitigate the potential threats of nation-state affiliated threat actors deploying sophisticated attacks to cripple essential services across the region.
See the rest here:
Cyber attack takes Frontier Communications systems offline, affecting millions of broadband customers - ITPro
Researchers create ‘quantum drums’ to store qubits one step closer to groundbreaking internet speed and security – Tom’s Hardware
A device called a quantum drum may serve as "a crucial piece in the very foundation for the Internet of the future with quantum speed and quantum security", says Mads Bjerregaard Kristensen, postdoc from the Niels Bohr Institute in a new research piece. The original research paper has an official briefing available for free on Phys.org, and can be found published in full in the Physical Review Letters journal for a subscription fee.
One key issue with quantum computing and sending quantum data ("qubits") over long distances is the difficulty of maintaining data in a fragile quantum state where losing data or "decohering" becomes a much higher risk. Using a quantum drum at steps along the chain can prevent this data decoherence from occurring, enabling longer and even potentially global communication distances.
The current record for sending qubits over a long distance is held by China and Russia, and is about 3,800 km with only encryption keys sent as quantum data. The standard wired qubit transmission range is roughly 1000 kilometers before loss of photons ruins the data. Quantum drums could potentially address this limitation.
How does a 'quantum drum' work? In a similar manner to how existing digital bits can be converted into just about anything (sound, video, etc.), qubits can be converted as well. However, qubits require a level of precision literally imperceivable to the human eye, so converting qubits without data loss is quite difficult. The quantum drum seems like a potential answer. Its ceramic glass-esque membrane was shown to be capable of maintaining quantum states as it vibrates with stored quantum information.
Another important purpose served by these quantum drums is security. Were we to start transferring information between quantum computers over the standard Internet, it would inherit the same insecurities as our existing standards. That's because it would need to be converted to standard bits and bytes, which could become essentially free to decode in the not-so-distant quantum future.
By finding a quantum storage medium that doesn't lose any data and allows information to be transferred over much longer distances, the vision of a worthwhile "Quantum Internet" begins to manifest as a real possibility, and not simply the optimism of quantum computing researchers.
Quantum computing research continues to be a major area of interest, often with highly technical discussions and details on the technology. A research paper on quantum drums and their potential of course doesn't mean that this technique will prove to be commercially viable. Still, every little step forward creates new opportunities for our seemingly inevitable quantum-powered future.
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Read this article:
Researchers create 'quantum drums' to store qubits one step closer to groundbreaking internet speed and security - Tom's Hardware
Sullivan County uses NYSSOC to combat cybersecurity threats – Spectrum News
Cybersecurity threats are a worldwide issue.
New York state is working to combat this with its New York State Security Operations Center (NYSSOC).
Sullivan County is the first county to start utilizing the NYSSOC.
It allows the state to monitor for cyber threats with a goals of preventing them and improving responses to incidents.
The county, as well as the state, as well as the nation, are under attack constantly from foreign adversaries just looking to wreak havoc on the infrastructure and environment that we work in and with. So, it's important for us to know what's happening quickly, to be able to respond quickly, and to mitigate those risks as quickly as possible, said Commissioner of Information Technology Services and CIO for Sullivan County Lorne Green.
The NYSSOC facility is based in Brooklyn and is dedicated to detecting and responding to real-time threats 24/7.
Anything that they see that, you know, red flags, anything, even some minor occurrences that go through, they will alert us. And then, we can take action on those to either let them know that this is a low priority, high priority, medium, and then, whatever that comes through as, we can take action, said Deputy CIO for Sullivan County Dan Smith.
OfficialssaidSullivan County went live with NYSSOCin late March. It wasselected due to relationships with New York State Homeland Security and the States Center for Internet Security.
Officialscollected log data from security appliances and servers to feed to NYSSOCto get the project rolling.
They then parch that data and put it into their recording solution for analysis and further determination as to whether or not there are any incidents that need to be addressed, Green said.
One ofthemajor aspects of thiseffortis ensuring threats are being tracked even when local information technology services staff members are not there.
I can sleep a whole lot better at night, Green said.
Having the tools in place to make it easier for us to function and to allow people to do their jobs without as much worry, you know, of just regular things coming in and possibly taking us down, it's just it's very reassuring mindfully, Smith said.
Expertssaid the publicshould feel more confidenttheir information is beingprotected because of these changes.
We are attempting to stay on top of the cyber threats that exist and that we are taking appropriate action to mitigate when those occur to protect their data, Green said.
According to Green, Tompkins County will be the next to launch this, and 45 counties have shown interest in subscribing to NYSSOC.
View post:
Sullivan County uses NYSSOC to combat cybersecurity threats - Spectrum News
Even as ransomware attacks fall, emailers warned of new phishing scam – Yahoo! Voices
Email users need to be watchful for a seemingly new form of malicious software being spread in phishing messages since at least November last year.
Called Latrodectus, which refers to the deadly widow group of spiders, the malware can reportedly evade an emails "sandbox" feature, meaning it can land in inboxes without first undergoing the usual scrutiny given to other messages by up-to-date email systems.
According to internet security researchers at Team Cymru and Proofpoint, the malware has been found in "nearly a dozen" campaigns, according to the researchers, who said the messages typically try "to initiate a conversation with a target" through forms in an email.
The format could "become increasingly used by financially motivated threat actors across the criminal landscape," they warned.
But while the threat from Latrodectus grows, the first quarter of 2024 has seen a fall in ransomware attacks compared to the same period last year, according to CyberInt, which monitors threats to cyber-security.
The 22% year-on-year drop is in part down to increased efforts to track down and arrest perpetrators, according to The Hacker News, pointing to the arrests of three people allegedly involved with the "infamous" ransomware syndicate known as "LockBit."
2023 was a record year for ransomware attacks, which climbed by over 50% compared to 2022.
Usually spread via email, ransomware is a form of malware that "installs itself onto a victims machine, encrypts their files, and then turns around and demands a ransom to return that data to the user," according to McAfee, the anti-virus software business.
Go here to see the original:
Even as ransomware attacks fall, emailers warned of new phishing scam - Yahoo! Voices
Wi-Fi Hacking Happens. Here Are 10 Expert-Recommended Tips to Prevent It – CNET
You'll get faster speeds using an Ethernet connection, but there's no denying the convenience of Wi-Fi. The technology makes it possible to connect numerous devices around your home, from laptops and phones to security cameras and streaming sticks, but it's not without its flaws. Aside from a little speed loss, the main concern with Wi-Fi is that it also makes it easier for others -- perhaps unwanted users and devices -- to connect to your network.
Consider the information on your Wi-Fi-connected devices and how accessible that information might be if someone gained access to your Wi-Fi network: credit cardnumbers, bank records, login credentials, live camera feeds.
A secure home network will help reduce the risk of getting hacked and having someone access your sensitive information. Not only that, it will keep away unwanted or unauthorized users and devices that would slow down your connection or freeload on the internet service you pay for.
It's fairly simple to create and maintain a secure home Wi-Fi network. Below, you'll find 10 tips for securing your network. Some are more effective than others at keeping hackers and freeloaders at bay, but all are useful in their own way.
Keep in mind that nothing can guarantee absolute security from hacking attempts, but these tips will make it harder for anyone to compromise your network and data. (For more Wi-Fi tips, check outhow to tell if your internet provider is throttling your Wi-Fiand ourtips on how to speed up your Wi-Fi connection).
Here are the basics for protecting your home Wi-Fi network. Keep reading for more information on each below.
1. Place your router in a central location.
2. Create a strong Wi-Fi password and change it often.
3. Change the default router login credentials.
4. Turn on firewall and Wi-Fi encryption.
5. Create a guest network.
6. Use a VPN.
7. Keep your router and devices up to date.
8. Disable remote router access.
9. Verify connected devices.
10. Upgrade to a WPA3 router.
Strong network security starts with a smart setup. If possible, place your router at the center of your home. Routers send wireless signals in all directions, so strategically placing your router in a central location will help keep your connection to the confines of your home. As a bonus, it will likely also make for the best connection quality.
For example, if you have internet in an apartment where neighbors are immediately to the left and right of you, placing your router next to a shared wall could send a strong, and tempting, signal their way. Even if you aren't in an apartment, a good router can cast signals next door or across the street. Placing your router in a central location will help reduce how far those signals travel outside your home.
This should go without saying, but I'm still going to cover it to emphasize its importance. Creating a unique password for your Wi-Fi network is essential to maintaining a secure connection. Avoid easily guessed passwords or phrases, such as someone's name, birthdays, phone numbers or other common information. While simple Wi-Fi passwords make them easy to remember, they also make it easy for others to figure them out. (Here's how to access your router settings to update your Wi-Fi password.)
Be sure to change your password every six months or so or whenever you think your network security may have been compromised.
Along the same lines of password-protecting your Wi-Fi network, you'll also want to keep anyone from being able to directly access your router settings.
To do so, go ahead and change your router's admin name and password. You can log in to your router settings by typing its IP address into the URL bar, but most routers and providers have an app that lets you access the same settings and information.
Your router login credentials are separate from your Wi-Fi network name and password. If you aren't sure what the default is, you should be able to find it on the bottom of the router. Or, if it's been changed from the default somewhere along the way, here's how to access your router settings to update the username and password.
Most routers have a firewall to prevent outside hacking and Wi-Fi encryption to keep anyone from eavesdropping on the data sent back and forth between your router and connected devices. Both are typically active by default, but you'll want to check to ensure they're on.
Now that you know how to log in to your router settings, check to make sure the firewall and Wi-Fi encryption are enabled. If they're off for whatever reason, turn them on. Your network security will thank you.
Before sharing access to your main home network, consider creating a separate guest network for visitors. I'm not suggesting your guests will attempt anything nefarious with your main Wi-Fi connection, but their devices or anything they download while connected to your network could be infected with malware or viruses that target your network without them knowing it.
A guest network is also ideal for your IoT devices, such as Wi-Fi cameras, thermostats and smart speakers -- devices that may not hold a lot of sensitive information and are perhaps more easily hackable than a smarter device such as a computer or phone.
There are a few reasons to use a good VPN, and network security is one of them. A virtual private network hides your IP address and Wi-Fi activity, including browsing data.
VPNs are probably more useful when connected to a public network, but they can still add a level of security and privacy to your home network. Some VPNs are better than others, but like anything, you often get what you pay for. Free VPN services are available, but paying a little extra (just a few bucks per month) will deliver a much better, more secure service.
While software updates can be annoying, they have a purpose, and it often includes security updates. When companies become aware of potential or exposed security vulnerabilities, they release updates and patches to minimize or eliminate the risk. You want to download those.
Keeping your router and connected devices current with the latest updates will help ensure you have the best protection against known malware and hacking attempts. Set your router to automatically update in the admin settings, if possible, and periodically check to make sure your router is up to date.
Remote router access allows anyone not directly connected to your Wi-Fi network to access the router settings. Unless you need to access your router while away from home (to check or change the configuration of a child's connected device, for example), there should be no reason to have remote access enabled.
You can disable remote access under the router's admin settings. Unlike other security measures, disabled remote router access may not be the default.
Frequently inspect the devices connected to your network and verify that you know what they are. If anything on there looks suspicious, disconnect it and change your Wi-Fi password. After changing your password, you'll have to reconnect all your previously connected devices, but any users or devices that are not authorized to use your network will get the boot.
Some devices, especially obscure IoT ones, may have odd default names of random numbers and letters you don't immediately recognize. If you encounter something like that when auditing your connected devices, disconnect them. Later on, when you can't start your robot vacuum cleaner from your phone, you'll know that's what it was.
WPA3 is the latest security protocol for routers. All new routers should be equipped with WPA3, so if you buy a new router, you should have nothing to worry about. However, many people rent their routers directly from the provider, which may not include the most up-to-date equipment.
If your router was made before 2018, you might have a WPA2 device, which lacks the same security protocols as newer WPA3 devices. A quick search of your device's model should tell you when it came out and any specific features, such as whether it has WPA2 or WPA3. If you've got a router with WPA2, call your provider and negotiate for a better, more recent router.
Again, even with the most recent and effective methods of protecting your home network, security will never be 100% certain. As long as there is the internet, hackers and cybercriminals will find ways to exploit it. But with the tips above, you can better keep your network secure from anyone trying to use your connection or access your data.
For more, check out how to find free Wi-Fi anywhere in the world and the ideal location for your router.
Link:
Wi-Fi Hacking Happens. Here Are 10 Expert-Recommended Tips to Prevent It - CNET