Cybersecurity Blog: The Cyber Scene is evolving, are you?

Please see links below to Case Studies in Financial Services Cybersecurity:

Overview

Critical infrastructure is not limited to just the energy and utilities sectors. The Financial Services sector is just as critical to a country's security as any nuclear power plant or energy delivery system. It is a hard to imagine our lives with an impaired or disrupted financial commerce system. To address this threat the Financial Services Information Sharing and Analysis Center (FS-ISAC) was launched in 1999. It is the global financial industry's go to resource for cyber and physical threat intelligence analysis and sharing. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non-profit entity. Leidos Cyber, Inc. is proud to be an “Affiliate Member” of FS-ISAC.

Read more

Overview

On March 15 2018, the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) – TA18-074A providing information on Russian government actions targeting U.S. critical infrastructure organizations including energy, nuclear, water, aviation and critical manufacturing sectors. The TA includes the Indicators of Compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks.

Read more

Spear Phishing
noun

The fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.
"spear phishing represents a serious threat for every industry"

How does this serious threat effect your organization? We’ve built a detailed analysis of how one adversary takes a very personal approach to the classic supply chain attack. It analyzes the attack end to end, using the Cyber Kill Chain® analysis framework, including review of how a targeted email was delivered and weaponized.

Note: All names are fictional, and any resemblance to real people or companies is unintentional.

Read more

On June 27, 2017, a new cyberattack spread across the globe, starting in Europe.  This attack is similar to a 2016 virus called “Petya,” but its spread is reminiscent of the “WannaCry” attack of May, 2017.  This “2017 Petya Attack” is already affecting thousands of computers and is spreading quickly.  Its full impact on businesses, governments, and people is yet to be determined.

Read more

WannaCry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a ransomware targeting Microsoft Windows operating system. On Friday May 12, 2017 a widespread attack using this ransomware was launched affecting IT organizations worldwide. The ransomware encrypts files changing the extensions to: .wnry, .wcry, .wncry and .wncrypt.  The malware then presents a window to the user with a ransom demand.

Read more

The remark “never a dull moment” is rarely an expression used to indicate joy.  Instead, it’s a semi-sarcastic way of lamenting unwelcome excitement.  While no one wants to have a boring job, spending one’s time fighting ransomware outbreaks that disrupt business operations and put one’s job at risk are not the kinds of exhilarating challenges that most Chief Information Security Officers (CISO) pine for.  The recent WannaCry outbreak has all the hallmarks of this unwelcome excitement.  The ransomware infects computers by exploiting a vulnerability that Microsoft patched two months ago.  It propagates through a network port that every enterprise should be locking down.  It exhibits malicious behavior that should be relatively easy to detect and mitigate.  By some accounts, it was arguably a poorly executed attack that did a mediocre job of accomplishing what appears to be its most important objective - extracting money from its victims. 

Read more

Since January of this year, ransomware has emerged as a popular attack impacting large corporations, small businesses, schools, hospitals and home users. This malicious type of crimeware encrypts, locks, or obfuscates digital files, then demands a ransom to return the files. An ill-prepared user or organization can experience catastrophic damage if the data encrypted includes months of work or critical business information. Far worse is when the data encrypted includes financial, legal, or medical records for which retention is required by law. In some cases, these users have no choice but to pay the ransom and hope for the best. Some who pay have their files returned, while others are not as lucky.

Read more

Misspelled word thwarts cyber-heist but not before $81 million is syphoned from Bangladesh Central Bank

This past February, hackers were able to steal $81 million from the systems of the Bangladesh Central Bank. Funds were moved from its account at the Federal Reserve Bank of New York to private accounts in the Philippines via wire transfers using the SWIFT payment network. Although this registered as one of the largest cyber heists in history, the damage could have been upwards of $1 billion if not for the attacker’s misspelled word in one of the fraudulent requests. The mistake tipped off an employee at Deutsche Bank and ultimately saved millions of dollars.

Read more

Organizations in the financial services sector have a lot on their plates these days. From dealing with smaller profit margins and challenging regulations, to grappling with higher customer expectations and evolving technologies, there is no shortage of challenges. This includes facing an increase in cyberattacks on the financial services industry.

Read more

Everywhere you turn it seems as though there is another article or blog about ‘Big Data’.

Given the importance of data and the opportunities it provides to businesses—to fuel better business decisions, facilitate more meaningful customer interactions, and develop new products and services—the topic is worthy of much discussion.

Read more