Coronavirus Being Exploited By Hackers

Coronavirus

Coronavirus is sweeping the world with hackers taking advantage of people’s vulnerability and the uncertainty that exists in this situation.

The cyber threat landscape remains the same as do the techniques and methods that hackers utilize but hackers are also being more inventive and praying on innocent victims.

Phishing Attacks

This remains one of the most common forms of cyber attacks. The National Fraud Intelligence Bureau (NFIB) has announced that they are seeing cases of fraud where Coronavirus has been an avenue for cyber attacks. The losses are understood to be in excess of £800,000. Emails are inadvertently opened to trick individuals which leads to personal information being accessed by the hackers who then use this for illegal means.

This could include the impersonating of third party suppliers or the provision of business services. Another method is the bulk selling of face masks and hand sanitiser.

Also being seen are vishing (voice calls) and smashing (SMS) messaging. Everyone needs to be alert even more so to these dangers.

Hacker Scams 

Another pattern emerging is bogus emails coming from research agencies who are affiliated to bodies such as the World Health Organisation (WHO). The e-mail content pretends to be able to divulge information on individuals  who may have the infection.

https://www.bbc.co.uk/news/technology-51838468

Remote Working 

A large proportion of the work force is now working from home and with this comes an increased exposure to cyber risks. Good housekeeping is therefore important and should include the following:-

  • Ensure that communications are secure
  • Ensure that strong passwords and multi factor authentication
  • Raise awareness of cyber attacks within the organisation
  • Make sure laptops are kept secure and in a safe location
  • Be careful not to disclose personal credentials
  • Log – off when not using the network
  • Review the Remote Desktop Protocol (RDP)
  • Impose stricter procedures for financial processes and monetary transfers

Managing The Cyber Risk 

All organisations are facing a huge challenge with this infectious disease and the consequences that it brings with  business interruption being one of the main threats.

Cyber insurance includes incident response services which can assist with cyber attacks that may befall a company these include forensic investigation costs , public relations consultants and legal assistance. In the current climate it is even more important to have access to these specialist vendors.

 

Image : Shutterstock

What is Cryptomining?

Cryptomining

So what is Cryptomining ? 

This is an emerging cyber threat to businesses where hackers gain access to cryptocurrencies by utilizing a computers’ processing power .

A recent report by Checkpoint Research revealed that 20% of companies are the subject of cryptoming attacks every week and a leading source of malware attacks.

https://www.checkpoint.com/press/2019/cryptominers-hit-10x-more-organizations-than-ransomware-in-2018-but-only-1-in-5-it-pros-aware-of-infections-shows-check-points-2019-security-report/

How is Cryptomining carried out ?

This involves the use of a computers’ processing power to solve very complexed mathematical equations in order to confirm that cryptocurrency transactions are as they should be. As a sign of reward the cryptocurrency provides a specific amount of the cryptocurrency to the user who has verified the transaction the quickest.

The more computers utilized the quicker that it is possible to mine the cryptocurrency in question, this however does generate an enormous amount of actual processing power and bandwidth which in turn requires a great deal of electricity to facilitate this.

Out of the 21 million bitcoins available, 17 million have already been mined leaving just 4 million.

How do Hackers infiltrate the computer system?

  • Hackers can fool a user to download a cryptomining code to their computer system via a phishing attack normally disguised in an e-mail where a link is innocently clicked upon. This will then be activated so that the code can access the computer.
  • An alternative to this is where a user visits a website that contains a code which operates in the background to mine cryptocurrency.
  • Similarly a user could click on an ad pop up where again it operates without the user knowing whilst the code takes advantage of the processing power of the computer.

The principle concern with cryptomining is that these forms of cyber attacks can go undetected for sometime without the user being aware of what is happening to their computer system.

Proactive Risk Management 

When a cryptomining incident has been discovered it is of course too late to do anything about but measures should be put in place to avert a reoccurrence these can include:-

  • Ensure all computer systems are effectively and regularly patched
  • Make regular back-ups are carried out.
  • Improved training of users so that a potential attack can be identified.
  • Implementation of zero day prevention techniques
  • The cloud is a common threat vector for cryptomining and focus should be given on the latest security protection available.

Cyber Insurance

This form of specialist insurance can provide coverage for cryptomining where a business suffers a financial loss arising from this type of cyber attack. Just as important is the vendor services that this policy provides which includes forensic investigation and the use of legal assistance in managing and mitigating this form of cyber attack. 

 

 Image : Shutterstock

The Good,The Bad and the Dark Web

The Dark Web

So what is the Dark Web?

We have all heard of the dark web but it is unlikely that we actually know what it is…..

The Dark Web is part of the world wide web and requires specific software in order for it to be accessed, once this is in place its websites and other services can be readily accessed. Not all sites are visible and can be hidden because they have not been indexed by a search engine and can only be accessed if the precise address of the website is known.

The dark web sits below the “Surface Web” i.e.Google and Yahoo and the “Deep Web” which includes scientific and government reports and subscription-only information.

Certain markets operate within the dark web and are known as “darkest markets”which tend to sell illegal goods such as drugs and firearms, the currency of which is bitcoin where it is difficult to trace the source of the recepient.

Individuals and groups can seek total anonymity as these are generally groups who wish to stay hidden on line from the police and governments.

Let’s go Dark….

This is possible by downloading software such as Tor known as the “Onion Router” where users can be idenitified by the domain name “onion” and focus in providing anonymous access for users. Whilst 12P  the “Invisible Internet Project” permits the anonymous hosting of websites. It is not possible to identify the IP address and track dark net users due to the layered encryption systems that are in place. Intermediate servers are also used which helps in making identification impossible.

The Dark Side 

Hackers exist here to sell their services offering services such as :-

  • Tools for DDoS attacks
  • Fraud services
  • Phishing of websites
  • Scams
  • The recruitment of hackers

The Impact on Cyber Insurance 

The insurance industry focuses on loss prevention and it is important therefore that they are alive to new and developing threats which can in the first instance be discovered on the dark web.

Stolen data can appear in the dark web which can include for example names , addresses, credit card and bank account details rails  and medical records, these will be for sale from various sources.

An innovative step by CFC Underwriting Limited has been launched with RepKnight whereby they offer a dark web monitoring tool called BreachAltert for its policyholders that provides alerts in real time should their data become exposed on the dark web. This can be configured for e-mail domains server IP addresses, employee login credentials and lists of clients and employees. This will enable policyholders to be the first to know if their information has been leaked.

https://www.repknight.com/cfc-underwriting-cyber-policyholders-set-to-benefit-from-free-dark-web-monitoring-in-industry-first/

Image : Shutterstock

How is Cyber Crime Policed ?

cyber crime

How is Cyber Crime policed ?

The emergence of cyber crime in the UK with 53% of all crime relating to this form of criminal activity, the need for this to be addressed has called for the adoption of specialist crime units.

Throughout the UK there now exists Regional Cyber Crime Units (RCCU) which have been set up by the National Crime Agency to help combat and manage the effects of cyber crime.

With cyber criminals becoming increasingly sophisticated the RCCU’s have a very important role to play in our society and the business environment.

What is the role of a RCCU?

They normally consist of two main teams :-

Cybercrime Investigation Team  

This team is involved with investigating all forms of cyber related crime that occur within their designated region

Cyber Protect Team 

Advice on to protect individuals and businesses is provided by this team . This is carried out with input and presentations on cyber crime and cyber security.

Within these teams the following is also provided :-

  • The provision  of law enforcement set up and response
  • Advice on current trends and threats that the RCCU is experiencing

Cyber Briefings

Cyber Briefings are published on a monthly basis and distributed to businesses that provide details of current threats, advise and news.

http://www.zephyrswrocu.org.uk/userfiles/Regional%20Cyber%20Briefing%205th%20June%202017.pdf2.pdf

These areas of activity provide invaluable support to those affected by cyber crime and its prevention.

The RCCU look to work with other ancillary cyber related businesses whether they be cyber security firms, risk managers within the insurance industry and their counterparts in other parts of the world. The exchange of data is invaluable in assessing future cyber risks and offering preventative advice and updated guidelines on cyber threats.

The RCCU’s also work closely with a number of bodies that already are helping raise the awareness of cyber risks and share knowledge of emerging threat vectors such as the following:-

Get Safe Online

https://www.getsafeonline.org/

Cyber Aware

https://www.cyberaware.gov.uk/

Cyber Information Sharing Partnership ( CiSP)

https://www.ncsc.gov.uk/cisp

The challenge that these cyber crime police units face far out weigh the resources that each region has and this represents a stiff challenge with the cyber landscape constantly changing on a daily basis.