PGI Cyber Bytes
Your weekly Cyber Snapshot
Cyber Security doesn’t need to be complicated.
Throughout 2018 we will be sharing with you the down to earth A-Z of Cyber Security, so if you want to know your Bitcoins from your Botnets, this series of articles are just for you!
Backup
I’ve talked about these in a previous post, but essentially backups are copies of your data or computer which you can use to replace files which are inadvertently deleted, or as an alternative to paying the ransom in a ransomware attack…
Fappening – A fourth man has been charged with hacking into over 250 Apple iCloud accounts belonging to celebrities – Security Affairs
|
“A fourth hacker, George Garofano (26), of North Branford, has been charged with hacking into over 250 Apple iCloud accounts belonging to celebrities. Garofano had been arrested by the FBI and a federal court has accused him of violating the Computer Fraud and Abuse Act. From April 2013 through October 2014, Garofano used phishing attacks against the victims to obtain their iCloud accounts credentials, access the accounts and steal personal information, including private photographs and videos. “According to the plea agreement, from April 2013 through October 2014, Garofano engaged in a phishing scheme to obtain usernames and passwords for iCloud accounts. Garofano admitted that he sent e-mails to victims that appeared to be from security accounts of Apple and encouraged the victims to send him their usernames and passwords, or to enter them on a third-party website, where he would later retrieve them.” reads the press release published by the DoJ. “Garofano used the usernames and passwords to illegally access his victims’ iCloud accounts, which allowed him to steal personal information, including sensitive and private photographs and videos, according to his plea agreement. In some instances, Garofano traded the usernames and passwords, as well as the materials he stole from the victims, with other individuals.” As part of the Fappening case, nude pictures of many celebrities were leaked online, the list of victims is long and includes Kim Kardashian, Kate Upton, and Jennifer Lawrence…..” PGI says… The “fourth man” used phishing attacks to obtain user credentials and steal data. This is by far the single most common social tactic in use to cause a data breach. It is so easy to click on an email link, although perhaps not so forgivable to actually reply to one and provide important personal data. All smartphone and computer users must understand that no genuine organisation whether it is a bank or a software vendor is ever going to ask them for a password via an email request. They must be on their guard at all times. This is now fundamental 21st century personal security awareness.
Cyber security is not an option: Five industries most vulnerable to attacks online – Firstpost
|
|
“The many and varied cyber attacks that have thrown the global online universe into a tizzy bring light to the fact that advanced cyber security is now a necessity rather than a consideration. These attacks moved the discussion for the need of cyber security in a company from the offices of the IT department to the board room. The number of security incidents in India have also been increasing gradually year-on-year. According to data from CERT-In, there were 50,362 cyber security incidents in 2016. In comparison, there were 27,482 incidents in 2017 until June 2017. We have seen several cyber security incidents in 2017 like the Mirai botnet Malware, Petya, data breaches and WannaCry. Like most things, not all cyber attacks are equal. There are a few industries that are the more vulnerable than others. Hackers look to gain two things from cyber attacks – political advantage (threats towards a country) and financial fraud, the latter of these being the most common motivation. Their access point then becomes PII. Personally Identifiable Information – PII – records are usually transacted on the dark web, where cyber criminals use the information to commit cyber theft. Bulk PII data is purchased and mined for valuable accounts. Often, single purchases of PII lead to enhanced access of other personal accounts as passwords that are stolen from one PII data are often used for multiple accounts. Therefore, although it may seem too easy to be true, utilising strong and unique passwords is a must. Let’s look at some of the industries that are most affected by cyber threats. If you happen to run businesses in any of these industries, you might want to use these measures to safeguard your cyber space…” |
| PGI says… |
| Of the top 5 most vulnerable industry sectors, Financial Services, Healthcare, and government / public sector agencies are definitely up there at the top. Whilst we may not completely agree with the other 2 categories, as for example, the accommodation / hospitality, and manufacturing sectors also factored strongly in 2017 breach reports; what is undoubtedly true is that cyber crime is rife, it is hitting all business sectors (none are immune), and executive management at the board level must engage pro-actively with the subject of cyber security in order to provide appropriate support and leadership.
Hyperlink Tip of the week ! Be careful about clicking on links without revealing the destination first. You can hover over the link to reveal the URL so you know where it is taking you to, prior to clicking. For more information on the exclusive services Halcyon Super Yacht Security provide click here |