Tag: cybersecurity threat

1
A phishing pandemic – Part I
2
Don’t let coronavirus get your system infected
3
Could your ERP system make you a victim of cybercrime?
4
Technology mightier than the Sword: US Military’s Secret Cyber Strike stifles Iranian Forces
5
AI (Adverse Inferences): AI Lending Models may show unconscious bias, according to Report.
6
Interlopers in Things? IoT devices may be used as backdoors to your network
7
US, Russia and China don’t pledge to fight cybercrime
8
Cyber-attackers could exploit security flaw found in the embedded video function of Microsoft Word
9
Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?
10
Research reports say risks to smartphone security aren’t phoney

A phishing pandemic – Part I

By Cameron Abbott, Michelle Aggromito and Rebecca Gill

It’s upsetting to report, but should come as no surprise, that scammers are seeking to take advantage of organisations during the COVID-19 pandemic.

The Australian Competition and Consumer Commission’s Scamwatch website reports that phishing attacks are on the rise, with scammers impersonating the World Health Organisation and other agencies. Scams include anything from offering victims a vaccine for COVID-19 to investment opportunities created by the pandemic.

Read More

Don’t let coronavirus get your system infected

By Cameron Abbott and Allison Wallace

You’ve all likely seen various news reports and online posts about the coronavirus epidemic – you may have even received email alerts on how you can protect yourself from being infected.

It turns out cyber criminals are using our curiosity to bait us with fake documents purporting to inform us about coronavirus while actually infecting our systems with malware.

Read More

Could your ERP system make you a victim of cybercrime?

By Cameron Abbott and Allison Wallace

We frequently blog here about incidents where companies, government agencies or public have suffered data or security breaches at the hands of hackers. They’re often incidents that come to light because they affect the public in some way – by shutting down hospitals, exposing sensitive personal information, or threatening government security. But what about hacks that, while not having wide-reaching public implications, go to the core of a business’ operations?

Read More

Technology mightier than the Sword: US Military’s Secret Cyber Strike stifles Iranian Forces

By Cameron Abbott and Max Evans

Everyone knows the saying “the Pen is mightier than the sword”. The famous saying has been used for centuries to describe the ultimate power of words and communication over forms of violence. However, the rapid implementation and use of technology as a “combat” method doubts whether this saying is correct in a modern technological era, and begs the question as to whether technology is in fact mightier than the sword!

This dilemma is highlighted through the recent cyberstrike conducted by the United States. According to a Report by the Washington Post, in June of this year the Cyber Command of the US Military utilised a technology cyberstrike to target a significant Iranian database in the Persian Gulf. The relevant database was alleged to have been used by the IRGC, Iran’s elite paramilitary force, to damage oil takers and shipping traffic in the Persian Gulf. According to the Pentagon, the operation was in the works for weeks after Iran’s alleged attacks on two US tankers in the Gulf of Oman earlier in June, and following an attack by Iranian forces on an unmanned U.S. Surveillance drone hours earlier, the cyber-strike was immediately given the go-ahead.

Read More

AI (Adverse Inferences): AI Lending Models may show unconscious bias, according to Report.

By Cameron Abbott and Max Evans

We live in an era where the adoption and use of Artificial Intelligence (AI) is at the forefront of business advancement and social progression. Facial recognition technology software is used or is being piloted to be used across a variety of government sectors, whilst voice recognition assistants are becoming the norm both in personal and business contexts. However, as we have blogged previously on, the AI ‘bandwagon’ inherently comes with legitimate concerns.

This is no different in the banking world. The use of AI-based phishing detection applications has strengthened cybersecurity safeguards for financial institutions, whilst the use of “Robo-Advisers” and voice and language processors has facilitated efficiency by increasing the pace of transactions and reducing service times. However, this appears to sound too good to be true, as according to a Report by CIO Drive, algorithmic lending models may show an unconscious bias.

Read More

Interlopers in Things? IoT devices may be used as backdoors to your network

By Cameron Abbott and Karla Hodgson

This month Microsoft reported that its Threat Intelligence Center discovered that IoT (internet of things) devices – a VOIP phone, a printer and a video decoder – were used to gain access to corporate networks in April.

Microsoft have identified Strontium – also known as Fancy Bear or APT28 – as the culprit, a hacker group associated with the Russian government who appear to be targeting government, IT, military and defence, engineering, medical and education sectors. Strontium has been linked to the hacking of Hillary Clinton’s presidential election campaign and of the email accounts of researchers investigating the missile strike on MH17 and the Skripal poisonings. In the last 12 months alone Microsoft has delivered almost 1,400 notifications to those targeted or compromised by Strontium.

Read More

US, Russia and China don’t pledge to fight cybercrime

By Cameron Abbott and Wendy Mansell

Fifty countries including Japan, Canada and many EU nations have come together with over 150 tech companies, pledging to fight against cybercrime. United State’s tech giants such as Facebook, Google and Microsoft have also joined the party.

The United States, Russia and China however have decided not to sign on. Each has no doubt very different reasons for this – the disappointment is mostly directed to the US. However it is a shame that Russia and China did not also feel the weight of the international community pressure to accept these principles.

The effort to combat cybercrime is being led by France, with French President Emmanuel Macron claiming that it is urgent that the internet is better regulated.

The countries and companies involved are fighting against illegal online activity like censorship, cyber interference in elections, hate speech and trade secrets theft.

The pledge has been made in a document titled the “Paris call for trust and security in cyberspace”.

Cyber-attackers could exploit security flaw found in the embedded video function of Microsoft Word

By Cameron Abbott and Colette Légeret

Cymulate, a leading provider of Breach and Attack Simulation solutions and a Gartner 2018 Cool Vendor, announced last week that its Security Research Team had uncovered a security flaw in the Microsoft Office Suite (Office) that may affect Microsoft Word (Word) users.

The Office security flaw identified is a JavaScript code execution within the embedded video component of Word. This has the potential to impact all users of Office 2016 and users of older Office versions. Cymulate noted that no configuration was required to reproduce the issue and no security warning is presented while opening the document with Word.

Read More

Cyber-criminals outspend organisations more than 10 times in bid to find cybersecurity weaknesses – who says cyber-crime doesn’t pay?

By Cameron AbbottRob Pulham and Colette Légeret

Cyber attackers are able to search for that one weak link in corporations defences whereas corporates have to create a completely strong chain of defence against every possible scenario.  This asymmetrical fight would you think mean organisations would have to outspend attackers by many multiples.

However, according to software company, Carbon Black, the situation is worse than that because it appears that cyber criminals are outspending corporation!  Cyber-crime is big business, and as such, cyber-criminals are spending an estimated $1 trillion each year on finding weaknesses in the cyber defences of organisations and developing new ways of attacking them, in comparison to the $96 billion spent by organisations in an attempt to secure themselves from these cyber-attacks.

Read More

Research reports say risks to smartphone security aren’t phoney

By Rob Pulham, Warwick Andersen and Sarah Goegan

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.