DOCSLIB.ORG

Visibility & Cyber Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Visibility & Cyber Security The TMB Guide To Cyber Security Cyber Security In Numbers | Tech Jargon Buster | Essential Cyber Security Tips & Advice | Backup & Disaster Recovery: The Ultimate Insurance Policy | How Cyber Secure Are You? | Visibility & Cyber Security TMB: CYBER SECURITY ESSENTIALS vv Welcome t TMB, we believe CONTENTS cyber security isn’t just about A 3 Welcome technology – it’s also about education. Robust security 4 10 Essential Cyber solutions like antivirus Security Tips applications and firewalls About TMB play an important role in 6 The TMB Cyber Security Technology Means Business is a provider of IT services and keeping businesses safe, Jargon Buster products, with more than 30 years of experience working with of course, but to be truly businesses, charities and other organisations. With offices in effective, they have to be backed by a workforce that 8 Backup & Disaster London, Hampshire, Essex and Kent, we cover a large part of knows what it’s doing. Recovery: The Ultimate the South East, and our clients range from small, family owned That’s why we created this ebook. We want to Insurance Policy businesses to large, multinational corporations. show not just our customers but everyone why it’s so important to be on the ball when it comes to cyber 10 Cyber Security Facts & As well as cyber security solutions, such as firewalls, email security. After all, we’re all in this fight together, Figures filtering and disaster recovery, we also specialise in fully and the more we collaborate to tackle this problem, managed IT support, network infrastructure projects, backups, the closer we get to beating it. We’ll probably never 12 Understanding The disaster recovery, technical consultancy and cloud software. get rid of cyber criminals completely, but we can Long-Term Damage definitely make things harder for them. Caused By Cyber Attacks Richard Shuker, technical director, [email protected] 0333 900 9050 www.tmb.co.uk 14 Why Visibility Is Vital To Technology Means Business Cyber Security CYBER ESSENTIALS TMB London TMB Hampshire TMB Essex TMB Kent 318 Worple Road, A1 Endeavour Business Park, 9-10 King’s Court, The Joiners Shop, London, Penner Road, Newcomen Way, The Historic Dockyard, SW20 8QU Havant, Hampshire Severalls Business Park, Chatham, Kent PO9 1QN Colchester, Essex ME4 4TZ CO 4 9RA 2 3 TMB: CYBER SECURITY ESSENTIALS ESSENTIAL CYBER SECURITY TIPS 10Taking a few simple precautions can make a huge amount of difference... According to the government’s Cyber Security ‘Pa$$w0rd’ or ‘12345678’, and don’t reuse your 6) Identify and fix your 9) Review your cyber security Breaches Survey 2018, more than 40% of passwords in different places. weaknesses measures every year businesses in the UK have experienced a All businesses should be aware of their weak Cyber criminals are always looking for new ways cyber breach, and more than 70% say cyber 3) Keep software and points. That could include many things, including to rip people off, so cyber security cannot be security is a high priority for them. Yet less hardware up to date operating systems that are no longer supported, considered as a one-off, static purchase. At least than a third of them have any kind of formal If possible, use automatic updates to keep your people who aren’t trained to spot phishing once a year, you should assess your current cyber security policies in place. IT solutions up to date. Otherwise, ensure that emails, routers that don’t use the latest security security solutions, to see if they’re still up to Clearly more needs to be done, and to give you regularly check for updates, particularly protocols and systems not configured to deliver the task, and if they’re not, then you need to you a head start, we’ve put together 10 cyber those that include security patches. Cyber the maximum security benefits. Arrange a upgrade. This is also a good time to look at your security commandments that every business criminals will be well aware of any weaknesses, security audit to gain clarity and to plan ahead. security budget, to make sure it’s being spent should follow. There are, of course, many more and they’ll waste no time trying to exploit them. effectively. tips and pointers we could include, but hopefully 7) Be careful when clicking this will at least help you to get started. 4) Report any suspicious links or files in emails 10) Make multiple backups, activity Booby-trapped files and websites are a favourite with at least one kept off site 1) Assume you’re a target It’s not necessary to report every single dodgy way for hackers to install malware or to steal Never put all your backup eggs in one basket: First and foremost, never assume that you won’t email you get, as long as they’re automatically data, and email is the most common way of backups can and do go wrong. In the majority be hit by a cyber attack. If you’re lucky, it will getting sent to your spam folder, but if you see getting people to open them. If you receive an of cases, one backup will be enough if your never happen, but absolutely anyone can be a what you think might be a phishing attempt and email from someone you don’t know and it’s main copy of data is damaged by mechanical target, because many attacks use automated it hasn’t been filtered out, tell your IT people. By urging you to download a file or follow a link, failure or human error, but if you’re unlucky, software, which doesn’t necessarily discriminate. getting the word out, you can make sure no one stop and think about it first. your backup could be lost at the same time. Small businesses may also be more likely to fall in your business falls victim to a scam. The chances of your backups being affected victim to security breaches because criminals 8) Don’t leave your computer increase when malware enters the equation. consider them soft targets. 5) Secure all devices including unattended without locking it Viruses, ransomware and so on can spread over phones first a network and take out all your backups, as well 2) Use strong, unique In the modern workplace, it’s not just This is especially important if you’re using a as your main copies. Keep one of them off-site, passwords workstations and servers you need to be laptop or other mobile device and you’re not though, and you should be safe. g Although other forms of authentication exist, concerned with; many workers also carry in the office, because if criminals gain physical such as fingerprint scanners, passwords remain phones and tablets that are connected to the access to your computer, it’s no problem for the most common way of logging into websites corporate network via WiFi. These need to be them to install malware on it. To lock your This article first appeared on the TMB and systems. Don’t make life easy for criminals secured or limited to a guest network, because system, simply press the Windows key and L. blog. Head to www.tmb.co.uk to read more by using weak or easily guessed passwords like they’re all potential entry points for hackers. You’ll need your password or PIN to log back in. of our posts. 4 5 TMB: CYBER SECURITY ESSENTIALS Adware Spear-phishing A form of unwanted software that automatically Like phishing, but tailored specifically to a person. displays adverts, often at particularly intrusive times. Spoofing Bot To fake certain information. In the case of email spoofing, Short for robot, a bot is an automated program that criminals make it look as if they’re contacting you from an works over the internet. email address different to the one they actually are. Botnet Spyware A network of bots. Just like it sounds, spyware covertly sends information from your computer to a third party. DDoS A distributed denial of service is a type of attack that Trojan involves flooding a computer system with requests Also called a trojan horse, this is a computer for information. This essentially overloads that program that seems to be legitimate, but which computer, causing it to crash. contains hidden code that unleashes malware. Encryption Virus By encrypting data, it becomes unreadable to A type of malicious software that attaches itself to anyone who doesn’t have the code to unlock it. files on your computer and which is able to replicate itself. Exploit An attack that takes advantage of a weakness in a Whaling computer system or piece of software. Like spear-phishing, where a particular person is targeted, but aimed specifically at high-profile Firewall employees such as CEOs or CFOs. A security system or program that prevents unauthorised access to a computer or network. Worm Similar to a virus, but a worm can spread across a Hacker network to other computers, and it doesn’t need Confused by tech talk? Let us TMB Someone who gains unauthorised access to data, another file to act as a host. lend you a hand... networks or computers. Malware Understanding cyber security has never been more Software designed to disrupt, damage or gain important for businesses – but it’s not easy. Experts unauthorised access to computer systems. sometimes use so much technical jargon, it’s like they’re talking a completely different language! Phishing But you don’t have to become a tech whiz to learn The practice of sending fraudulent emails, with the about security essentials. As long as you know a few of intention of gaining personal information.
Load more

Recommended publications
  • Potential Human Cost of Cyber Operations
    ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS REPORT ICRC EXPERT MEETING 14–16 NOVEMBER 2018 – GENEVA THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Report prepared and edited by Laurent Gisel, senior legal adviser, and Lukasz Olejnik, scientific adviser on cyber, ICRC THE POTENTIAL HUMAN COST OF CYBER OPERATIONS Table of Contents Foreword............................................................................................................................................. 3 Acknowledgements ............................................................................................................................. 4 Executive summary ............................................................................................................................. 5 Introduction....................................................................................................................................... 10 Session 1: Cyber operations in practice .………………………………………………………………………….….11 A. Understanding cyber operations with the cyber kill chain model ...................................................... 11 B. Operational purpose ................................................................................................................. 11 C. Trusted systems and software supply chain attacks ...................................................................... 13 D. Cyber capabilities and exploits ..................................................................................................
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Critical Infrastructure Report
    AUTHORED BY: TIFFANY EAST ER ADAM EATON HALEY EWING TREY GREEN CHRIS GRIFFIN CHANDLER LEWIS KRISTINA MILLIGAN KERI WEINMAN ADVISOR: DR. DANNY DAVIS 2018-2019 CAPSTONE PROJECT CLIENT: POINTSTREAM, INC. COMPREHENSIVE U.S. CYBER FRAMEWORK KEY ASPECTS OF CRITICAL INFRASTRUCTURE, PRIVATE SECTOR, AND PERSONALLY IDENTIFIABLE INFORMATION 2018 – 2019 Capstone Team The Bush School of Government and Public Service, Texas A&M University Advisor: Danny W. Davis, Ph.D. About the Project This project is a product of the Class of 2019 Bush School of Government and Public Service, Texas A&M University Capstone Program. The project lasted one academic year and involved eight second-year master students. It intends to synthesize and provide clarity in the realm of issues pertaining to U.S. Internet Protocol Space by demonstrating natural partnerships and recommendations for existing cyber incident response. The project was produced at the request of PointStream Inc., a private cybersecurity contractor. Mission This capstone team analyzed existing frameworks for cyber incident response for PointStream Inc. in order to propose a comprehensive and efficient plan for U.S. cybersecurity, critical infrastructure, and private sector stakeholders. Advisor Dr. Danny Davis - Associate Professor of the Practice and Director, Graduate Certificate in Homeland Security Capstone Team Tiffany Easter - MPSA 2019 Adam Eaton - MPSA 2019 Haley Ewing - MPSA 2019 Trey Green - MPSA 2019 Christopher Griffin - MPSA 2019 Chandler Lewis - MPSA 2019 Kristina Milligan - MPSA 2019 Keri Weinman - MPSA 2019 Acknowledgement The Capstone Team would like to express gratitude to COL Phil Waldron, Founder and CEO of PointStream Inc., for this opportunity and invaluable support throughout the duration of this project.
    [Show full text]
  • Bashe Attack Global Infection by Contagious Malware 2
    CyRiM Report 2019 Bashe attack Global infection by contagious malware 2 About CyRiM About Cambridge Centre for Risk Studies Cyber risks are emerging risk with new complexities that The Centre for Risk Studies is a world leading centre for call for insurers and risk managers to jointly develop the study of the management of economic and societal innovative solutions and tools, and enhance awareness risks. The Centre’s focus is the analysis, assessment, and underwriting expertise. and mitigation of global vulnerabilities for the The Cyber Risk Management (CyRiM) project is led by advancement of political, business, and individual NTU-IRFRC in collaboration with industry partners and decision makers. academic experts. CyRiM is a pre-competitive research project that aims to foster an efficient cyber risk The Centre provides frameworks for recognizing, insurance market place through engaging industry and assessing, and managing the impacts of systemic academic experts guided by government and policy level threats. The research programme is concerned with research. The CyRiM project will help Singapore to catastrophes and how their impacts ripple across an become an industry centre of excellence on cyber risk increasingly connected world with consequent effects on and grow the cyber risk insurance market by promoting the international economy, financial markets, firms in the both the demand and the supply of insurance coverage. financial sectors, and global corporations. To test research outputs and guide new research agendas, the For more information about CyRiM please visit Centre engages with the business community, http://irfrc.ntu.edu.sg/Research/cyrim/Pages/Home.aspx government policy makers, regulators, and industry bodies.
    [Show full text]
  • Trends in Online Foreign Influence Efforts
    Trends in Online Influence Efforts∗ Diego A. Martiny Jacob N. Shapiroz Julia G. Ilhardtx Version 2.0 August 5, 2020 Abstract Information and Communications Technologies (ICTs) create novel opportuni- ties for a wide range of political actors. Foreign governments have used social media to influence politics in a range of countries by promoting propaganda, advocating controversial viewpoints, and spreading disinformation. This report updates previ- ous work with data on 76 such foreign influence efforts (FIE) targeting 30 different countries from 2013 through 2019, as well as 20 domestic influence efforts (DIE) in which governments targeted their own citizens. Influence efforts (IEs) are de- fined as: (i) coordinated campaigns by a state or the ruling party in an autocracy to impact one or more specific aspects of politics at home or in another state, (ii) through media channels, including social media, by (iii) producing content designed to appear indigenous to the target state. The objective of such campaigns can be quite broad and to date have included shaping election outcomes at various levels, shifting the political agenda on topics ranging from health to security, and encour- aging political polarization. Our data draw on more than 920 media reports and 380 research articles/reports to identify IEs, track their progress, and classify their features. ∗We are grateful to a range of colleagues including Laura Courchesne, Nick Feamster, Andy Guess, Hans Klein, Brendan Stewart, and Alicia Wanless for helpful comments and feedback. Will Lowe provided invaluable advice on data structure and data entry. Jordan Allen, Nicola Bariletto, Arya Goel, Danielle Hull, Janette Lu, Imane Mabrouk, Matthew Merrigan, Justinas Mickus, Brendan O'Hara, Jan Oledan, Kamila Radjabova, Nina Sheridan, Joe Shipley, Jack Tait, Kamya Yadav, and Luca Zanotti provided excellent research assistance.
    [Show full text]
  • Dhs's Progress in Securing Election
    DHS’S PROGRESS IN SECURING ELECTION SYSTEMS AND OTHER CRITICAL INFRASTRUCTURE HEARING BEFORE THE COMMITTEE ON HOMELAND SECURITY HOUSE OF REPRESENTATIVES ONE HUNDRED FIFTEENTH CONGRESS SECOND SESSION JULY 11, 2018 Serial No. 115–70 Printed for the use of the Committee on Homeland Security Available via the World Wide Web: http://www.govinfo.gov U.S. GOVERNMENT PUBLISHING OFFICE 33–942 PDF WASHINGTON : 2019 VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH Congress.#13 COMMITTEE ON HOMELAND SECURITY MICHAEL T. MCCAUL, Texas, Chairman LAMAR SMITH, Texas BENNIE G. THOMPSON, Mississippi PETER T. KING, New York SHEILA JACKSON LEE, Texas MIKE ROGERS, Alabama JAMES R. LANGEVIN, Rhode Island LOU BARLETTA, Pennsylvania CEDRIC L. RICHMOND, Louisiana SCOTT PERRY, Pennsylvania WILLIAM R. KEATING, Massachusetts JOHN KATKO, New York DONALD M. PAYNE, JR., New Jersey WILL HURD, Texas FILEMON VELA, Texas MARTHA MCSALLY, Arizona BONNIE WATSON COLEMAN, New Jersey JOHN RATCLIFFE, Texas KATHLEEN M. RICE, New York DANIEL M. DONOVAN, JR., New York J. LUIS CORREA, California MIKE GALLAGHER, Wisconsin VAL BUTLER DEMINGS, Florida CLAY HIGGINS, Louisiana NANETTE DIAZ BARRAGA´ N, California THOMAS A. GARRETT, JR., Virginia BRIAN K. FITZPATRICK, Pennsylvania RON ESTES, Kansas DON BACON, Nebraska DEBBIE LESKO, Arizona BRENDAN P. SHIELDS, Staff Director STEVEN S. GIAIER, General Counsel MICHAEL S. TWINCHEK, Chief Clerk HOPE GOINS, Minority Staff Director (II) VerDate Mar 15 2010 15:40 Jan 03, 2019 Jkt 000000 PO 00000 Frm 00002 Fmt 5904 Sfmt 5904 H:\115TH CONGRESS\18FL0711\18FL0711 HEATH C O N T E N T S Page STATEMENTS The Honorable Michael T.
    [Show full text]
  • Cyber Attribution: Technical and Legal Approaches and Challenges
    DRAFT: PLEASE DO NOT QUOTE OR CITE WITHOUT PERMISSION 1 Cyber attribution: technical and legal approaches and challenges Nicholas Tsagourias Michael D Farrell University of Sheffield Georgia Institute of Technology Sheffield, UK Atlanta, USA [email protected] [email protected] Introduction Attribution describes the process of assigning a particular act to its source not necessarily in the sense of its physical perpetrator but more importantly in the sense of its mastermind. Attribution is important because it forms the basis of appropriate and effective technical, political and legal determinations and underpins technical, political and legal action and responsibility. In the cyber context, attribution has often been presented as a challenge because of the anonymity cyberspace affords, the possibility of spoofing, the multi-stage nature of cyber attacks, and the indiscriminate nature of cyber tools. To this, one should add the required human and technical resources, the lengthy time scales, and the associated investigatory demands. State to state attribution is treated with even more trepidation since the aforementioned problems are magnified whereas attribution or misattribution can engender serious consequences. Things, however, are changing. In the period 2007 to 2018, there have been more than twenty examples of high profile attribution claims of nation-state cyber attacks.1 These include attributions made by governments, civil society, and industry. One of the first public, high-profile instances of a large-scale cyberattack from a nation-state was the DDoS attack against the Estonian government, banks, and news agencies in 2007. The Prime Minister of Estonia, Andrus Ansip, attributed the attacks to Russia.2 This attribution received public criticism from Finnish security company F-secure,3 and was 1 The term cyber attack is used here to describe malicious cyber operations in general 2 Anderson, Nate.
    [Show full text]
  • USAF Counterproliferation Center CPC Outreach Journal #1051
    Issue No. 1051, 29 March 2013 Articles & Other Documents: Featured Article: Reports Warn of Lax Inspections, Bioterror Lab Risks 1. ‘Most Substantive’ Iran Nuclear Talks to Date, but Narrow Area of Agreement 2. UN Excludes Major Powers from Syria Chemical Arms Inquiry 3. ‘Iran may Freeze some Nuclear Activity to Ease Sanctions’ 4. North Korea 'Defeats' US Troops in New Video 5. Experts: NKorea Training Teams of 'Cyber Warriors' 6. Top China College Linked to PLA's Cyberspying Unit 7. U.S., South Korea Strengthen Response to North Korea’s Provocations 8. President Park Asks N. Korea to Give Up its Nukes 9. N. Korea Warns Pre-Emptive Nuclear Attack part of its Military Options 10. ‘Combat-Ready’ North Korea Threatens Hawaii, US Mainland 11. N. Korea Cuts Inter-Korean Military Hotline 12. Nuclear-Capable US Bombers Fly Over S. Korea 13. N.K. Leader Orders Rocket Forces to be on Standby to Strike U.S. and S. Korean Targets 14. China Defends Deal to Build 1000 MW Nuclear Plant for Pakistan 15. India Readies Hi-Tech Naval Base to Keep Eye on China 16. US, Russian Defense Chiefs Agree to Resume Missile Defense Talks 17. Russia to Equip Submarine Forces With High-Precision Weapons 18. Biological Attacks 'Getting Easier for Terrorists' 19. Reports Warn of Lax Inspections, Bioterror Lab Risks 20. Hagel might Have Final Say on Controversial Missile Defense Program 21. Cyber Threats Can Lurk in DoD Electronics, Software Purchases 22. US Jails Chinese Engineer for Taking Files on Missile Guidance System to China 23. The Threat of Nuclear Proliferation: A Response to “Thou Shalt Not Fear a Nuclear Iran” 24.
    [Show full text]
  • King's College, London: Department of War Studies
    UNIVERSITY OF READING U.S. Strategic Cyber Deterrence Options Doctor of Philosophy in Politics Department of Politics & International Relations Scott Jasper March 2018 1 Contents Abstract......................................................................................................................... 3 List of Abbreviations..................................................................................................... 4 Introduction................................................................................................................... 7 Section One: Thinking about Deterrence Chapter I: Literature Review........................................................................................59 Chapter II: Global Cybered Conflict...........................................................................120 Chapter III: Theoretical Foundations..........................................................................158 Section Two: Contemporary Deterrence Strategies Chapter IV: Deterrence by Retaliation.........................................................................198 Chapter V: Deterrence by Denial................................................................................. 234 Chapter VI: Deterrence by Entanglement.....................................................................269 Section Three: A New Strategic Option Chapter VII: Active Cyber Defense..............................................................................307 Conclusion.....................................................................................................................343
    [Show full text]
  • Cyber Attack Trends Analysis Report
    C Y BER AT TA CK TRENDS ANALYSIS KEY INSIGHTS TO GEAR UP FOR IN 2019 2019 Security Report Volume 01 CHECK POINT RESEARCH — 2019 SECURITY REPORT | 1 VOLUME 01 2019 SECURITY REPORT 01 INTRODUCTION: METHODOLOGY 3 02 OVERVIEW: MAJOR CYBER ATTACKS 4 03 2018: THREAT TRENDS 5 04 PAST: REVIEW OF 2017 PREDICTIONS 18 05 CONCLUSION: NEXT STEPS 21 INDEX OF 2018’S TOP MALWARE FAMILIES 22 APPENDIX A: TOP MALWARE FAMILIES 24 APPENDIX B: GLOBAL TOP EXPLOITED VULNERABILITIES 37 APPENDIX C: MALWARE FAMILY DESCRIPTIONS 39 CHECK POINT RESEARCH — 2019 SECURITY REPORT | 2 INTRODUCTION: METHODOLOGY 2018 introduced a challenging threat landscape. Threat actors consistently improved their cyber weapons and quickly adopted new methods and adapted their attacks to emerging technologies. And although it may have seemed the past year was quieter, this is far from the case. While threat actors were trying hard to keep a lower profile with their menacing activities, they could not escape our watchful eye. Indeed, never does a day go by that we do not see organizations under constant attack from the ever growing number of malware spreading at higher rates than ever. In this first installment of the 2019 Security Report we review the latest threats facing organizations in the fifth generation of the cyber landscape and provide you with our observations and insights from the past year. From massive data breaches and crippling ransomware attacks to a meteoric rise in cryptojackers, there was no shortage in disruption caused to global organizations. With data drawn from our ThreatCloud World Cyber Threat Map and our experience within the cyber re- search community, we will give a comprehensive overview of the trends observed in the categories of Cryptominers, Ransomware, Malware techniques, Data Breaches, Mobile and Nation State cyber attacks.
    [Show full text]
  • Criminal Charges As a Response to Nation-State Malicious Cyber Activity
    Persistent Enforcement: Criminal Charges as a Response to Nation-State Malicious Cyber Activity Garrett Hinck & Tim Maurer* INTRODUCTION The question of how states attribute responsibility for malicious cyber activity to other state actors has provoked much attention from both policymakers and scholars.1 Yet one approach to this problem has not been analyzed in depth: the use of criminal charges to allege or suggest state responsibility for cyber inci- dents. The United States has increasingly used this instrument since 2014. Its Department of Justice in fact adopted an explicit goal of bringing charges against foreign actors responsible for cyber activity. 2 Federal prosecutors have unsealed a series of indictments and criminal charges against Chinese intelligence of®cers involved in the theft of intellectual property and Iranian and North Korean indi- viduals who carried out destructive cyber attacks on behalf of their governments. This also includes charges against Russian intelligence of®cers alleged to have interfered in the 2016 U.S. election. This increasing number of criminal charges raises several important questions: What are the goals of these criminal charges, especially those against foreign intelligence of®cers unlikely ever to be arrested by U.S. law enforcement? Are criminal charges merely a more formal approach to alleging state responsibility than leaking statements from ªsenior administration of®cialsº to the media about cyber threats from other states? And how should this strategy of bringing criminal charges be evaluated in the context of broader U.S. policy efforts to combat mali- cious cyber activity? How does it interact with the Justice Department's stance of independence from political considerations? The U.S.
    [Show full text]