Cyber Security Report

Total Page:16

File Type:pdf, Size:1020Kb

Cyber Security Report INDEPENDENT PUBLICATION BY raconteur.net #0418 27 / 11 / 2016 CYBER SECURITY BEWARE THE HOME APPLIANCES ‘SILENT’ CYBER ARMS WHAT MAKES CRIMINAL SMALL UK BUSINESSES 04 RACE IS MAKING NOISE 06 HACKERS WANT TO HACK? 08 ARE NOW BIG TARGETS 03 THAT CAN LAUNCH A CYBER ATTACK Suspected state-sponsored attacks have Cyber criminals are driven by a diverse range Small contractors are in the sights of cyber The internet of things and connected devices present a cyber-security risk triggered an international cyber arms race of aims and ambitions to break into a computer villains as the weak link in corporate defences WHO ARE THE CYBER ATTACKERS? Based on data IBM collected in 2015 from more Organised cyber than 8,000 client devices in 100 countries 40% criminals are Outsiders digital mafia 44.5% Malicious insiders In the wake of the Tesco Bank hack, which saw 9,000 customer accounts targeted, cyber security experts are warning of organised online 15.5% Inadvertent actors crime gangs operating like a digital mafia Source: IBM Security Services 2016 family, our small groups, employees on the books, our business partners, anyone with valid access to some part of our system. OVERVIEW Either way you lose, says Adrian Nish, who “We all carry sophisticated technology like STEPHEN ARMSTRONG leads the Threat Intelligence team in BAE Sys- smartphones around with us and we all work tem’s cyber-defence division. Real-life hackers or use the cloud. So now hackers no longer are as good as or even better than movies sug- have to hack 20 or 50 organisations. They r Robot is possibly Holly- gest. A few months ago, Mr Nish explains, hack- hack one cloud and they get every single wood’s ultimate hacker show – ers targeted the Central Bank of Bangladesh person who is using that cloud.” the chaotically unfolding sto- and tried to steal $951 million, six times the Working the people factor is common- Mry of Elliot Alderson, a cyber amount in George Clooney’s Ocean’s Eleven. place. “You’ve got to work on five or six dif- security engineer with emotional problems, “They set up bank accounts in Manila in ferent attack factors at any one given time,” who is recruited by a fiendishly cunning the Philippines and in Sri Lanka then broke says white hat hacker Jamie Woodruff from group of hacktivists in their attempt to bring into the Bangladesh bank network, probably Metrix Cloud. “My favourite is the viewing down the fictitious financial giant E Corp. sometime in 2015, and waited until Febru- webcams on Google. You can locate a specific Elliot wears a hoodie and hacks from his ary 4,” he explains. “This was a Thursday, area, find open cameras and build up a profile bedroom, just like all good movie or TV hack- the end of the week in Bangladesh and just about who walks into that infrastructure and ers do. For Mikko Hypponen, chief research before the Chinese New Year, so overall who walks out. People follow routine. You see officer at the cyber security firm F-Secure, they had this four-day window to get away them repeat, you build up a pattern then use this image is quaint and entirely false. Mr with the heist. They flipped just eight bits of tools like Montego, where you can type in key Hypponen looks at 350,000 samples of new code, secured root access and covered up the identifiable information then find your eBay malware attacks almost every single day. transactions to make it look like the money account, your e-mail account, your address, Some 95 per cent of them are from organised hadn’t left the bank’s accounts at all.” your telephone number… then you’re in.” online crime syndicates. Only the tiniest pro- Of 35 attempted transactions, only four Among the tricks Mr Woodruff has pulled portion of hacks is committed by hacktivists. got through – meaning the hackers stole $81 there’s setting up fake .eu versions of compa- “The earliest viruses million rather than $951 ny sites and asking employees to log in, tail- were written by bored million – but it’s still gating into an office with a group of smokers teenagers looking for one of the biggest bank then walking around dropping tainted USBs a challenge, but to- robberies in history. and sticking up official looking QR codes at day’s hackers are much This new breed of “Banks don’t do enough business conferences which infect smart- more malicious,” he testing,” Mr Nish warns. MOST FREQUENTLY OCCURRING INCIDENT CATEGORIES phones with malware. explains. “What makes cyber criminals see “We’re dealing with PERCENTAGE OF TOTAL GLOBAL CYBER-SECURITY INCIDENTS 2014 2015 And movies rarely show one of the fast- them different from themselves as people who’ve been Based on data IBM collected in 2015 from more than 8,000 client devices in 100 countries est-growing forms of cyber attack – ransom- old-school hackers is digital mafiosos trained to make net- ware, where a hacker locks down all the files they have a motive.” work intrusions, so the on anything from a laptop to an entire com- This new breed of people we have defend- Unauthorised 37% pany or steals extensive information and de- cyber criminals see ing our system also access 45% mands money to release or return everything. themselves as digital mafiosos. The Mol- need training, also need to know how to spot Moty Cristal, professional negotiator and dovan hackers behind the Dridex malware these types of attacks and how to set up the % chief executive of NEST Negotiation Strate- attack stole millions of dollars in co-ordi- system security in order to defend against it.” Malicious 20 gies, recalls one banking client receiving an nated hits on 300 banks around the world. In TV drama, people are a big weak point code 29% e-mail stuffed with very confidential customer Evgeniy Mikhailovich Bogachev, the Russian that hackers take advantage of. In Sherlock, information. Two minutes later, he received a thought to be the author of the Zeus trojan, for instance, Moriarty pretends to hack the 20% WhatsApp message demanding $120,000. has a $3-million bounty on his head from the Bank of England, the Tower of London and Sustained Mr Cristal adds: “When you’re facing this probe/scan FBI, and is wanted by Interpol and Europol. Pentonville Prison before – spoiler alert – 16% crisis, it is the human factor that needs to be That’s not to say naughty teenagers aren’t a revealing it was the human factor all along managed. Making connections and negoti- threat, says Troy Hunt of data breach aggre- – disgruntled employees, with no super 11% ating are essential.” gation service Have I Been Pwned? “There technology needed. And the human factor Suspicious Although, to be fair, The Negotiator is a activity are teenagers getting hold of vast amounts is definitely key in online security. 6% whole different movie. Looks like hackers of personal data, using freely available soft- “The most sophisticated attacks of recent can get into almost everything. ware, as in the recent TalkTalk hack,” he years had people on the inside,” says Sadie Access or 8% points out. “Scotland Yard told the press it Creese, professor of cyber security at the credentials abuse 3% Share this article online via was a Russia-based Islamic jihadist group, University of Oxford. “That’s people who raconteur.net but it turned out to be two teenagers.” work for us, people that are members of our Source: IBM Security Services 2016 RACONTEUR CONTRIBUTORS DISTRIBUTED IN PUBLISHING MANAGER HEAD OF PRODUCTION STEPHEN ARMSTRONG JOHN LEYDEN DAN MATTHEWS EDWIN SMITH FINBARR TOESLAND DAVEY WINDER EMMA John Okell Natalia Rosek Contributor to The Former crime reporter Journalist and author Writer and editor, Freelance journalist, Award-winning WOOLLACOTT Sunday Times, Monocle, in Manchester, he of The New Rules of he contributes to he specialises in journalist and Specialist technolo- PRODUCTION EDITOR DIGITAL CONTENT MANAGER Wallpaper* and GQ, is now a writer for Business, he writes for publications including technology, business author, he specialises gy writer, she covers Benjamin Chiou Jessica McGreal he is also an occasional the technology news newspapers, maga- The Guardian and The and economic issues, in information legal and regulatory broadcaster on and opinion website zines and websites on a Sunday Telegraph. and contributes security, contributing issues, contributing MANAGING EDITOR DESIGN to Forbes and the Peter Archer Samuele Motta BBC Radio. The Register. range of issues. to a wide range of to Infosecurity Grant Chapman publications. magazine. New Statesman. Kellie Jerrard BUSINESS CULTURE FINANCE HEALTHCARE LIFESTYLE SUSTAINABILITY TECHNOLOGY INFOGRAPHICS raconteur.net/cyber-security-2016-ii Although this publication is funded through advertising and sponsorship, all editorial is without bias and spon- Raconteur is a leading publisher of special-interest content and research. Its publications and articles cover a wide The information contained in this publication has been obtained from sources the Proprietors believe to be sored features are clearly labelled. For an upcoming schedule, partnership inquiries or feedback, please call range of topics, including business, finance, sustainability, healthcare, lifestyle and technology. Raconteur special correct. However, no legal liability can be accepted for any errors. No part of this publication may be repro- +44 (0)20 8616 7400 or e-mail [email protected] reports are published exclusively in The Times and The Sunday Times as well as online at raconteur.net duced without the prior consent of the Publisher. © Raconteur Media 2 CYBER SECURITY raconteur.net 27 / 11 / 2016 RACONTEUR COMMERCIAL FEATURE jamesteohart/istockphoto The fallout of Ya- hoo!’s data breach is a major concern for chief executive Marissa Mayer, who is currently working to finalise a $4.8-billion deal to sell Yahoo!’s core internet busi- Ethan Miller/Getty Images Miller/Getty Ethan ness to Verizon Be ready to limit damage after a data breach… Cyber attacks are on the rise and may even be inevitable, so SECURITY RISK OF THINGS organisations must create a culture of cyber awareness and be The internet of things is connecting devices to networks on an ever-increasing prepared to protect their reputation scale.
Recommended publications
  • Cost of a Cyber Incident)
    CO ST OF A CYBER INCIDENT: S YSTEMATIC REVIEW AND C ROSS-VALIDATION OCTOBER 26, 2020 1 Acknowledgements We are grateful to Dr. Allan Friedman, Dr. Lawrence Gordon, Jay Jacobs, Dr. Sasha Romanosky, Matthew Shabat, Kelly Shortridge, Steven Surdu, David Tobar, Brett Tucker and Sounil Yu for the review comments and helpful feedback on the earlier draft of the report. The authors would like to thank CISA staff for support and advice on this project. 2 Table of Contents 1. Objectives .................................................................................................................................................................... 7 2. Results in Brief .......................................................................................................................................................... 8 3. Analysis ...................................................................................................................................................................... 16 3.1. Per-Incident Cost and Loss Estimates .............................................................................................. 18 3.1.1. Cross-Validation: Primary Loss Data for Large and Small Incidents .................................. 20 3.1.2. Reconciliation of Per-Incident Cost Studies .................................................................................. 26 3.1.3. Per-Record Estimates ............................................................................................................................. 29 3.2. Aggregate
    [Show full text]
  • Terrence Andrew Davis Message
    Friend Request Sent Suggest Friends Terrence Andrew Davis Message Timeline About Friends Photos More Intro Terrence Andrew Davis updated his profile picture. March 10 · Studied at Arizona State University Went to Agua Fria High School Lives in Las Vegas, Nevada Share 1 BibleStreamer Israel TempleBot (God) Says... trust rendezvous silicosis affiliating Hiss's screechier phoning ravelled populist's slingshot's Deanna callings left's anonymity's respelled fabrication's exemplifying casters friendliness's quiescence refusal russet filigreeing southwest paramedic's townhouse's debilities taproots flunked gauzy Moldavia Minnesota's May 24 at 11:46pm · Edited Featured Albums Terrence Andrew Davis updated his cover photo. March 10 · English (US) · Español · Português (Brasil) · Français (France) · Deutsch Privacy · Terms · Advertising · Ad Choices · Cookies · More Facebook © 2017 Share 1 Share Terrence Andrew Davis December 30, 2015 · What's a good tombstone, God? God says... Isidro's brigantine's prediction's Quinton's guile musician Coppola's leukocyte's whippoorwill's stokes finished ibexes Earlene's marrows magnetically Krishnamurti yahoos futz George's staccato's platypuses eloquence's finery's wiggly gouges engages Leningrad's Shackleton Mon mistaken Amoco alcoholic Share Terrence Andrew Davis December 30, 2015 · God says... swelter's legibly streptococcal lobster's deleting cowlick's schoolmistress itemization snowsuit's sawdust goings scanners ancestor crystals whined Pele noise's Royal exhausting nationalized trotted hollowing symbolizes impecunious stutters Chukchi territorial snug wiped candlesticks faeces oligarchic Share Terrence Andrew Davis December 30, 2015 · CIA agents will sandpaper their SS tatoos. Share Terrence Andrew Davis December 30, 2015 · http://science.slashdot.org/…/exploding-munitions-caught-on… God says..
    [Show full text]
  • Biting Into Forbidden Fruit
    Biting into the forbidden fruit Lessons from trusting Javascript crypto Krzysztof Kotowicz, OWASP Appsec EU, June 2014 About me • Web security researcher • HTML5 • UI redressing • browser extensions • crypto • I was a Penetration Tester @ Cure53 • Information Security Engineer @ Google Disclaimer: “My opinions are mine. Not Google’s”. Disclaimer: All the vulns are fixed or have been publicly disclosed in the past. Introduction JS crypto history • Javascript Cryptography Considered Harmful http://matasano.com/articles/javascript- cryptography/ • Final post on Javascript crypto http://rdist.root.org/2010/11/29/final-post-on- javascript-crypto/ JS crypto history • Implicit trust in the server to deliver the code • SSL/TLS is needed anyway • Any XSS can circumvent the code • Poor library quality • Poor crypto support • No secure keystore • JS crypto is doomed to fail Doomed to fail? Multiple crypto primitives libraries, symmetric & asymmetric encryption, TLS implementation, a few OpenPGP implementations, and a lot of user applications built upon them. Plus custom crypto protocols. https://crypto.cat/ https://www.mailvelope.com/ http://openpgpjs.org/ JS crypto is a fact • Understand it • Look at the code • Find the vulnerabilities • Analyze them • Understand the limitations and workarounds • Answer the question: can it be safe? JS crypto vulns in the wild • Language issues • Caused by a flaw of the language • Web platform issues • Cased by the web • Other standard bugs • out of scope for this presentation Language issues Language issues matter
    [Show full text]
  • Analyse De Maliciels Sur Android Par L'analyse De La Mémoire Vive
    Analyse de maliciels sur Android par l’analyse de la mémoire vive Mémoire Bernard Lebel Maîtrise en informatique Maître ès sciences (M. Sc.) Québec, Canada © Bernard Lebel, 2018 Analyse de maliciels sur Android par l’analyse de la mémoire vive Mémoire Bernard Lebel Sous la direction de: Mohamed Mejri, directeur de recherche Résumé Les plateformes mobiles font partie intégrante du quotidien. Leur flexibilité a permis aux développeurs d’applications d’y proposer des applications de toutes sortes : productivité, jeux, messageries, etc. Devenues des outils connectés d’agrégation d’informations personnelles et professionnelles, ces plateformes sont perçues comme un écosystème lucratif par les concepteurs de maliciels. Android est un système d’exploitation libre de Google visant le marché des appareils mobiles et est l’une des cibles de ces attaques, en partie grâce à la popularité de celui- ci. Dans la mesure où les maliciels Android constituent une menace pour les consommateurs, il est essentiel que la recherche visant l’analyse de maliciels s’intéresse spécifiquement à cette plateforme mobile. Le travail réalisé dans le cadre de cette maîtrise s’est intéressé à cette problématique, et plus spécifiquement par l’analyse de la mémoire vive. À cette fin, il a fallu s’intéresser aux tendances actuelles en matière de maliciels sur Android et les approches d’analyses statiques et dynamiques présentes dans la littérature. Il a été, par la suite, proposé d’explorer l’analyse de la mémoire vive appliquée à l’analyse de maliciels comme un complément aux approches actuelles. Afin de démontrer l’intérêt de l’approche pour la plateforme Android, une étude de cas a été réalisée où un maliciel expérimental a été conçu pour exprimer les comportements malicieux problématiques pour la plupart des approches relevées dans la littérature.
    [Show full text]
  • Hacking the Web
    Hacking the Web (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa 1 Table of Contents } General Introduction } Authentication Attacks } Client-Side Attacks } Injection Attacks } Recent Attacks } Privacy Tools 2 (C) 2009-2020 Arun Viswanathan Ellis Horowitz Marco Papa Why secure the Web? } The Web has evolved into an ubiquitous entity providing a rich and common platform for connecting people and doing business. } BUT, the Web also offers a cheap, effective, convenient and anonymous platform for crime. } To get an idea, the Web has been used for the following types of criminal activities (source: The Web Hacking Incidents Database (WHID) http://projects.webappsec.org/w/page/13246995/Web-Hacking-Incident-Database) } Chaos (Attack on Russian nuclear power websites amid accident rumors (5Jan09) } Deceit (SAMY XSS Worm – Nov 2005) } Extortion (David Aireys domain hijacked due to a CSRF (cross site request forgery) flaw in Gmail – 30Dec2007) } Identity Theft (XSS on Yahoo! Hot jobs – Oct 2008) } Information Warfare (Israeli Gaza War - Jan 2009 / Balkan Wars – Apr 2008 ) } Monetary Loss (eBay fraud using XSS) } Physical Pain (Hackers post on epilepsy forum causes migraines and seizures – May 2008) } Political Defacements (Hacker changes news release on Sheriffs website – Jul 2008) (Obama, Oreilly and Britneys Twitter accounts hacked and malicious comments posted – Jan 09) } Chinese Gaming sites hacked (Dec. 2011) 3 Copyright(C) 2009 (c) -20092020- 2019Arun Arun Viswanathan Viswanathan Ellis HorowitzEllis Horowitz Marco Marco Papa Papa
    [Show full text]
  • UC Santa Cruz Electronic Theses and Dissertations
    UC Santa Cruz UC Santa Cruz Electronic Theses and Dissertations Title Unbecoming Silicon Valley: Techno Imaginaries and Materialities in Postsocialist Romania Permalink https://escholarship.org/uc/item/0vt9c4bq Author McElroy, Erin Mariel Brownstein Publication Date 2019 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA SANTA CRUZ UNBECOMING SILICON VALLEY: TECHNO IMAGINARIES AND MATERIALITIES IN POSTSOCIALIST ROMANIA A dissertation submitted in partial satisfaction of the requirements for the degree of DOCTOR OF PHILOSOPHY in FEMINIST STUDIES by Erin Mariel Brownstein McElroy June 2019 The Dissertation of Erin McElroy is approved: ________________________________ Professor Neda Atanasoski, Chair ________________________________ Professor Karen Barad ________________________________ Professor Lisa Rofel ________________________________ Professor Megan Moodie ________________________________ Professor Liviu Chelcea ________________________________ Lori Kletzer Vice Provost and Dean of Graduate Studies Copyright © by Erin McElroy 2019 Table of Contents Abstract, iv-v Acknowledgements, vi-xi Introduction: Unbecoming Silicon Valley: Techno Imaginaries and Materialities in Postsocialist Romania, 1-44 Chapter 1: Digital Nomads in Siliconizing Cluj: Material and Allegorical Double Dispossession, 45-90 Chapter 2: Corrupting Techno-normativity in Postsocialist Romania: Queering Code and Computers, 91-127 Chapter 3: The Light Revolution, Blood Gold, and
    [Show full text]
  • View Final Report (PDF)
    TABLE OF CONTENTS TABLE OF CONTENTS I EXECUTIVE SUMMARY III INTRODUCTION 1 GENESIS OF THE PROJECT 1 RESEARCH QUESTIONS 1 INDUSTRY SITUATION 2 METHODOLOGY 3 GENERAL COMMENTS ON INTERVIEWS 5 APT1 (CHINA) 6 SUMMARY 7 THE GROUP 7 TIMELINE 7 TYPOLOGY OF ATTACKS 9 DISCLOSURE EVENTS 9 APT10 (CHINA) 13 INTRODUCTION 14 THE GROUP 14 TIMELINE 15 TYPOLOGY OF ATTACKS 16 DISCLOSURE EVENTS 18 COBALT (CRIMINAL GROUP) 22 INTRODUCTION 23 THE GROUP 23 TIMELINE 25 TYPOLOGY OF ATTACKS 27 DISCLOSURE EVENTS 30 APT33 (IRAN) 33 INTRODUCTION 34 THE GROUP 34 TIMELINE 35 TYPOLOGY OF ATTACKS 37 DISCLOSURE EVENTS 38 APT34 (IRAN) 41 INTRODUCTION 42 THE GROUP 42 SIPA Capstone 2020 i The Impact of Information Disclosures on APT Operations TIMELINE 43 TYPOLOGY OF ATTACKS 44 DISCLOSURE EVENTS 48 APT38 (NORTH KOREA) 52 INTRODUCTION 53 THE GROUP 53 TIMELINE 55 TYPOLOGY OF ATTACKS 59 DISCLOSURE EVENTS 61 APT28 (RUSSIA) 65 INTRODUCTION 66 THE GROUP 66 TIMELINE 66 TYPOLOGY OF ATTACKS 69 DISCLOSURE EVENTS 71 APT29 (RUSSIA) 74 INTRODUCTION 75 THE GROUP 75 TIMELINE 76 TYPOLOGY OF ATTACKS 79 DISCLOSURE EVENTS 81 COMPARISON AND ANALYSIS 84 DIFFERENCES BETWEEN ACTOR RESPONSE 84 CONTRIBUTING FACTORS TO SIMILARITIES AND DIFFERENCES 86 MEASURING THE SUCCESS OF DISCLOSURES 90 IMPLICATIONS OF OUR RESEARCH 92 FOR PERSISTENT ENGAGEMENT AND FORWARD DEFENSE 92 FOR PRIVATE CYBERSECURITY VENDORS 96 FOR THE FINANCIAL SECTOR 96 ROOM FOR FURTHER RESEARCH 97 ACKNOWLEDGEMENTS 98 ABOUT THE TEAM 99 SIPA Capstone 2020 ii The Impact of Information Disclosures on APT Operations EXECUTIVE SUMMARY This project was completed to fulfill the including the scope of the disclosure and capstone requirement for Columbia Uni- the disclosing actor.
    [Show full text]
  • Hostscan 4.8.01064 Antimalware and Firewall Support Charts
    HostScan 4.8.01064 Antimalware and Firewall Support Charts 10/1/19 © 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco public. Page 1 of 76 Contents HostScan Version 4.8.01064 Antimalware and Firewall Support Charts ............................................................................... 3 Antimalware and Firewall Attributes Supported by HostScan .................................................................................................. 3 OPSWAT Version Information ................................................................................................................................................. 5 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.890.0 for Windows .................................................. 5 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.890.0 for Windows ........................................................ 44 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.824.0 for macos .................................................... 65 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.824.0 for macOS ........................................................... 71 Cisco AnyConnect HostScan Antimalware Compliance Module v4.3.730.0 for Linux ...................................................... 73 Cisco AnyConnect HostScan Firewall Compliance Module v4.3.730.0 for Linux .............................................................. 76 ©201 9 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
    [Show full text]
  • Kaspersky Managed Service Providers Program
    Kaspersky for Business MOBILE CONTROLS CLOUD ENDPOINT NETWORK SECURITY REPORTING VIRTUALIZATION SIEM SUPPORT SERVERS SERVICES CLOUD APPS Kaspersky Managed Service Providers Program Technical Reference Guide www.kaspersky.com #truecybersecurity Table of contents Program benefits 1 MSP program requirements 1 Products 2 Training and certification 5 Professional services 5 Technical designs 6 Kaspersky Endpoint Security Cloud 6 Kaspersky Endpoint Security for Business Select 6 Kaspersky Endpoint Security for Business Advanced 6 Kaspersky Hybrid Cloud Security 7 Kaspersky Security for Microsoft Office 365 8 Kaspersky Security for Mail Server 8 Kaspersky Security for Internet Gateways 9 Customer onboarding checklist 10 Appendix A 11 Appendix B 12 Appendix C 13 Appendix D 17 Program benefits • Flexible licensing allow you to choose between a monthly subscription and an annual license. Because you own the product license, there’s no need to spend time administrating contract renewals with customers — extending licenses is easy; no special action is required. • Increase sales revenues with volume-based discounts — the more customers you have, the less you pay. Pricing depends on the total number of devices of all customers. Sell more and gain bigger discounts. • Be even more efficient and grow your client base without having to hire additional engineers. With built-in best practices that drive operational efficiency, you’ll improve your tech-to-device ratio and boost your bottom line. Increase your scalability and protect more endpoints with fewer headaches. • Improved usability. Kaspersky Lab understands the importance of ease of use when it comes to security, and our design and usability specialists are closely involved in product development.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Johnson (2016A).Pdf (381.8Kb)
    Peer Reviewed Proceedings of the 7th Annual Conference Popular Culture Association of Australia and New Zealand (PopCAANZ), Sydney 29 June–1 July, 2016, pp. 98-107. ISBN: 978-0-473-38284-1. © 2016 ROSSER JOHNSON Auckland University of Technology ROSSER JOHNSON Auckland University of Technology Hypercommercial Television: An Introduction ABSTRACT KEYWORDS This paper examines the introduction and spread of hyper- hypercommercialism commercial broadcasting on free-to-air television in New Zealand. commercial speech It begins by defining the key terms and then moves to outline the television circumstances under which such broadcasting developed. Drawing New Zealand on a content analysis of television schedules, the paper will show the marketing rapidity and extent to which networks chose to screen promotional culture hypercommercial television forms with a specific focus on two particular examples of the genre. INTRODUCTION For the purposes of this paper, ‘hypercommercial broadcasting’ simply refers to television programming that is supported by commercial messages over and above standard magazine advertising. Obvious examples include programme sponsorship, product placement and infomercials. More specifically however, the 1990s in New Zealand saw two particular examples of hypercommercial broadcasting that deserve focussed investigation. MAGAZINE/ADVERTORIAL PROGRAMMING Magazine/advertorial programmes are those in which a significant portion of the time is devoted to advertorial promotions of featured goods. In this context ‘advertorial’ refers to infomercial or infomercial-style segments that are integrated into the show. This process can be extremely blatant; infomercial spokespeople (and infomercial excerpts) can be seamlessly integrated into the show. It can also be relatively subtle; presenters and guests can ‘chat’ and 98 Rosser Johnson offer ‘information’ and this is only revealed as an infomercial when the product is advertised at the end of the segment.
    [Show full text]
  • Influence, Infrastructure, and Recentering Cybercrime Policing
    Influence, infrastructure, and recentering cybercrime policing: Evaluating emerging approaches to online law enforcement through a market for cybercrime services Ben Colliera, Daniel R. Thomasb, Richard Claytonc, Alice Hutchingsc, Yi Ting Chuac aScience, Technology, and Innovation Studies, University of Edinburgh bComputer and Information Sciences, University of Stathclyde; cDepartment of Computer Science and Technology, University of Cambridge The Version of Record of this manuscript has been published and is available in the Journal of Policing and Society XX/02/2021 http://www.tandfonline.com/10.1080/10439463.2021.1883608 ABSTRACT We document and evaluate two emerging policing strategies that are reshaping how centralised law enforcement agencies deal with online cybercrime markets. The first of these strategies we term infrastructural policing, a strategy drawn from law enforcement campaigns to disrupt international drug markets which involves targeting the small number of administrators who maintain the infrastructure supporting cybercrime markets. The second, we term influence policing, a strategy drawn from the UK’s approach to counter- radicalisation, which involves the delivery of highly targeted messaging campaigns to potential customers. We illustrate these with a study of the online market for Denial of Service (DoS) attacks, conducting a quantitative longitudinal analysis of five years of time series attack data to establish the effect of these interventions on this illicit market. While arresting and sentencing key players had little lasting effect on DoS attacks (due to the jurisdictional issues which the Internet poses), after infrastructure administrators were targeted with takedowns there was a significant reduction in attacks and a dramatic reshaping of the market structure. Additionally, the use of search engine advertisements targeted at potential customers for these services in the UK was associated with a cessation in growth in attacks in this country.
    [Show full text]