Tag: ransomware

In a world of cyber threats, the push for cyber peace is growing

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Digital conflict and military action are increasingly intertwined, and civilian targets – private businesses and everyday internet users alike – are vulnerable in the digital crossfire. But there are forces at work trying to promote peace online.

It will be a tough challenge: In May 2019, Israel responded to unspecified cyberattacks by Hamas with an immediate airstrike that destroyed the Gaza Strip building where the hackers were located.

The US had done something similar in 2015, launching a drone strike to kill an alleged Islamic State hacker, but that operation was months in the making. In July 2019, the US also reversed the equation, digitally disabling Iranian missile-launching computers in response to Iran shooting down a U.S. military drone over the Strait of Hormuz.

US businesses fear they might be the targets of retaliation for that attack from Iran. Even local nonprofits need to learn how to protect themselves from online threats, potentially including national governments and terrorists. In some ways cyberspace has rarely seemed more unstable, even hostile.

At the same time, dozens of countries and hundreds of firms and nonprofits are fed up with all this digital violence, and are working toward greater cybersecurity for all – and even what might be called cyber peace.

Serious hacking is getting easier

Data and security breaches like the one carried out by the Shadow Brokers, revealed in 2016, released extremely advanced hacking tools to the public, including ones created by the National Security Agency. Cybercriminals are using those programs, among others, to hijack computer systems and data storage in governments across the country.

Some companies have been forced to revert to one-to-one instant-messaging and passing written memos in the wake of ransomware attacks and other cybercrimes.

The U.S. government is taking note. Instead of pushing the technological envelope, it has elected to use tried and true analog technologies to help secure the electricity grid, for example.

A rising international effort

A growing coalition, including the governments of France and New Zealand, is coming together to promote international standards of online behavior, aimed at reducing cyber insecurity. Nonprofits like the Online Trust Alliance, Cyber Peace Alliance, Cybersecurity Tech Accord and ICT4Peace, are joining, as are major funders like the Hewlett Foundation and the Carnegie Endowment for International Peace.

I am the acting director of the Ostrom Workshop at Indiana University that includes the Cyber Peace Working Group, one of several academic groups also working to protect the Internet and its users.

Although it’s too soon to say anything certain about long-term results, there are some early indications of success, including the outcome of a Paris meeting in November 2018. More than 60 nations – though not the United States – signed the Paris Call for Trust and Security in Cyberspace, along with more than 130 companies and 90 universities and nonprofit organizations. The document is a broad statement of principles that focus on improving “cyber hygiene,” along with “the security of digital products and services” and the “integrity of the internet,” among other topics. It doesn’t legally bind its participants to do anything, but does lay out some basic points of agreement that could, in time, be codified into laws or other enforceable standards.

Its critics question whether it is too early to establish global commitments given that core issues of sovereignty over the internet remain unresolved. Nevertheless, the Paris Call has helped shape the conversation around the scope and meaning of cyber peace.

Another international effort began in the aftermath of the March 2019 mass shooting at two mosques in Christchurch, New Zealand. The governments of 18 nations – along with more than a dozen well-known technology firms like Google and Facebook – adopted the Christchurch Call to Eliminate Terrorist and Violent Extremist Content Online.

This effort has led many of the companies involved to change their policies governing hate speech and disinformation on their platforms. For example, YouTube, owned by Google parent company Alphabet, announced a new hate speech policy prohibiting content “alleging that a group is superior in order to justify discrimination, segregation or exclusion based on qualities like age, gender, race, caste, religion, sexual orientation or veteran status.” The Christchurch Call has also helped widen the discussion about cyber peace to include thorny questions about democracy, such as how to balance freedom of speech with limits on extremist content.

A digital Geneva Convention?

A key element remains the need to protect civilians from harm in a future cyber conflict, such as attacks on the electricity grid, dams and other systems that affect daily life for much of the world.

One idea is to fashion an agreement along the lines of the Geneva Conventions, which with their predecessors have sought to protect innocent lives in military conflict for more than a century. An international treaty along the lines of the Outer Space Treaty, Antarctic Treaty or the U.N. Convention on the Law of the Seamay beuseful.

There is not yet a grand “Treaty for Cyberspace,” though. The relevant international agreement with the highest number of ratifications so far is the 2004 Council of Europe Convention on Cybercrime, also called the Budapest Convention, which guides international prosecution and extradition of cyber criminals. The U.N. has severalgroups working on aspects of international cybersecurity.

But as with potential solutions to climate change, there’s not a lot of political energy being put into the efforts.

Making progress anyway

In an attempt to avoid leaving people to fend for themselves in a perilous online world, the nonprofit Consumer Reports organization has launched a “Digital Standard” program that will evaluate and rate the privacy and security features of various internet-connected devices and services. Academics are also helping out, such as the Security Planner tool created by Citizen Lab at the University of Toronto, which helps civil society groups and researchers protect their data.

There’s much more to be done to protect a digitally centered society, both politically and technically. The key will be focusing on a more positive vision of peace that includes better governance, respect for human rights, making internet access more widely available around the world, and teaching everyone how to protect themselves – and each other – online.

This will not happen overnight, and the path may not be a straight line. Consider that the often-derided 1928 Kellogg-Briand Pact, also called the Pact of Paris, outlawed aggressive war. It didn’t work, but did eventually help lay a foundation for the United Nations and a more stable international system.

Similarly, a Cyber Peace Accord – building from efforts such as the Paris Call and the Cybersecurity Tech Accord – could, in time, lead the international community toward greater stability in cyberspace. One possibility could take inspiration from efforts to fight climate change, by asking individual nations, towns, groups and even individuals to announce “Cyber Peace Pledges,” to build momentum toward a more collective solution.

Working together, we may just be able to achieve cyber peace through a mix of shaming, outcasting and inspiring users, firms and policymakers to act.

This article is republished from The Conversation under a Creative Commons license. Read the original article here: http://theconversation.com/in-a-world-of-cyber-threats-the-push-for-cyber-peace-is-growing-119419.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Online fraudsters on the prowl: Here is how you can keep your mobile devices secure

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

According to the Telecom Regulatory Authority of India (Trai), India is now home to 1.6 billion mobile phone users. For the average Indian, mobile is the only point of entry to the internet. Add to that the 2016 Indian banknote demonetisation, which saw progressive changes in payment behaviour such as increasing adoption of mobile wallets and e-payments in a heavily cash-based economy. With mobile devices having surpassed desktop computing as a source for both business and personal use, including email access, banking and authentication, mobile security becomes an even more pressing issue.

CrowdStrike’s Mobile Threat Landscape Report for 2019 provides insights into the key types of malware observed so far in 2019. Adversaries’ typical deployment mechanisms demonstrate that attackers are utilising experience they have developed over years compromising ‘traditional’ computers, and now are applying it to mobile platforms. While desktop computing has benefited from years of development in commercial and open-source malware research and detection, the current state of defensive technology in the mobile space is less mature. This has led to longer potential attacker dwell times on compromised mobile devices with greater access to sensitive data.

A broad range of criminal and targeted adversary groups were also found to have increasingly adopted the targeting of mobile platforms, with evolving tactics. In July 2018 there was a highly targeted attack against a small number of targets in India. In this case, select iPhone devices were targeted and enrolled to use as an attacker-controlled Mobile Device Management (MDM) server, which was then used to push malware-infected versions of legitimate apps, such as WhatsApp and Telegram.

Mobile malware designed for the Android operating system is the most prevalent – driven by the ease of installing new applications from third-party sources and in India, Android holds a share of about 91 percent of the mobile operating system market.

According to the Reserve Bank of India’s 2017-18 Annual Report, mobile banking volume grew 92 percent in volume of transactions and 13 percent in value of transactions from March 2017 to March 2018 while the number of mobile banking users grew 54 percent during the same time frame and little change in the number of ATMs deployed. In India, 92.6 percent of total retail payments volume is electronic, up from 88.9 percent in the previous year, much higher figures than in the US.

This has set the stage for greater adoption of mobile payments and banking. With the enormous potential of digital comes enormous risks, as banks share not only their own but also their customers’ data with a diverse range of external parties, elevating the risk of financial crime and cyber-attacks.

More than the implementation of cyber law and regulations, it is also the worrying lack of awareness about cyber laws and regulations at both corporate levels as well as individual levels that needs to be countered from the point of view of the increased number of malware attacks. Individual mobile users, particularly mobile banking users, can protect and be protected from the cyber-attacks only if there is a guided and supervised legal framework. It is quite evident from the Mobile Threat Report that cybercriminals have sharpened their skillsets and creativity for mobile attacks, determined to evade detection while keeping their malware persistent and effective. Threat actors are stepping up their efforts and, as a result, mobile attacks are likely to increase in future.

 Mobile malware comes in a variety of forms

 Much like malware families developed for traditional desktop computing platforms, mobile malware can take a variety of forms, depending on the capabilities and motivations of the developer and those deploying the malware. While some state-aligned actors may seek to establish long-term persistence on a device to gather intelligence on a target over a period of time, criminally minded groups are more likely to focus on malware to intercept banking credentials in order to provide a quick route to financial gain. Meanwhile, less sophisticated criminal actors may seek to repurpose existing revenue-generation models, such as ransomware and cryptomining, although often with limited results.

Motivations of various threat actors differ — from financial gain to intelligence gathering or disruption, their tools and objectives depend on the class of threat actor involved.

How to strengthen your mobile security

 Increasingly more than ever before, organisations need to now contend with not only the ubiquitous use of mobile devices in their environments but the fact that they may hold significant amounts of corporate data, as a result of the proliferation of the BYOD culture in India, primarily driven by a vibrant startup culture. On the other end of the spectrum, mobile threats will continue to proliferate as both nation-state and eCrime groups innovate and refine their mobile attacks in their efforts to evade these organisations’ security defences.

Some key recommendations that will help organisations better secure mobile devices in a corporate environment include:

Only download applications from trusted sources, such as official app stores: The majority of mobile malware is distributed from third-party sources that don’t perform comprehensive checks of the applications they provide.

Be on the lookout for phishing messages: Users should be wary of messages being delivered by SMS or email that prompt them to install applications from untrusted sources, because this mechanism is often used by attackers to trick their targets into installing mobile malware.

Regularly apply security patches to mobile operating systems and installed applications: Flaws in operating system software can be exploited by malicious actors to install mobile malware and escalate operating privileges to obtain greater access to data and capabilities on the device.

Establish security around solid mobile device management processes: Corporate management of mobile devices can provide protection against mobile malware by restricting which applications can be installed, and allowing for the automatic deployment of security patches. However, this capability can also provide opportunities to an attacker, who may be able to leverage their own MDM servers to deploy malware.

Maintain physical security of physical devices: Enabling strong passwords, or biometric authentication measures such as fingerprint or facial identification, in addition to ensuring that mobile devices are not left unattended, can reduce the risk that a malicious actor may be able to install malware manually during so-called ‘evil maid’ attacks.

Michael Sentonas is Vice President, Technology Strategy, at CrowdStrike.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow

Cybercriminals targeting employees’ wage and tax data, says Verizon

KV Prasad Jun 13, 2022, 06:35 AM IST (Published)

Listen to the Article (6 Minutes)

Ransomware has become the most prevalent type of malicious software — found in 39% of malware-related cases — as cybercriminals are now targeting HR departments to obtain personal data for the filing of fraudulent tax returns, a new report said.

According to US wireless communications service provider Verizon’s 2018 Data Breach Investigations Report (DBIR), ransomware attacks have doubled since 2017 and now target business critical systems rather than just desktops.

“Pretexting has increased over five times since 2017, with 170 incidents analysed this year (compared to just 61 incidents in 2017). Eighty-eight of these incidents specifically targeted HR staff to obtain personal data for the filing of fraudulent tax returns,” the report, now in its 11th edition, said.

Pretexting is defined as the practice of presenting oneself as someone else in order to obtain private information.

“HR departments across multiple verticals are being targeted in a bid to extract employees’ wage and tax data, so criminals can commit tax fraud and divert tax rebates,” the report added.

The ransomware attacks are moving into critical systems which encrypt file servers or databases, inflicting more damage and commanding bigger ransom requests.

“Businesses find it difficult to keep abreast of the threat landscape, and continue to put themselves at risk by not adopting dynamic and proactive security strategies,” said George Fischer, President of Verizon Enterprise Solutions.

Employees are still falling victim to social attacks.

Financial pretexting and phishing represent 98% of social incidents and 93% of all breaches investigated – with email continuing to be the main entry point (96% of cases).

“Companies are nearly three times more likely to get breached by social attacks than via actual vulnerabilities, emphasising the need for ongoing employee cybersecurity education,” the report emphasised.

The 11th edition of the report included data from 67 contributing organisations, with analysis on over 53,000 incidents and 2,216 breaches from 65 countries.

While, on average, 78% of people did not fail a phishing test last year, 4% of people did for any given phishing campaign.

“A cybercriminal only needs one victim to get access into an organisation,” the report said.

“One breach can have multiple attackers and we found the following: 72% of attacks were perpetrated by outsiders, 27% involved internal factors, 2% involved partners and 2% feature multiple partners,” it added.

“Ransomware remains a significant threat for companies of all sizes,” said Bryan Sartin, Executive Director, Security Professional Services, Verizon.

Companies need to continue to invest in employee education about cybercrime and the detrimental effect a breach can have on brand, reputation and the bottom line, he added.

Elon Musk forms several ‘X Holdings’ companies to fund potential Twitter buyout

3 Mins Read

Thursday’s filing dispelled some doubts, though Musk still has work to do. He and his advisers will spend the coming days vetting potential investors for the equity portion of his offer, according to people familiar with the matter

KV Prasad Journo follow politics, process in Parliament and US Congress. Former Congressional APSA-Fulbright Fellow