Cyber crime is likely to increase, despite the best efforts of government agencies and cyber security experts. Its growth is being driven by the expanding number of services available online and the increasing sophistication of cyber criminals who are engaged in a cat-and-mouse game with security experts. With the right level of preparation and specialist external assistance, it is possible to control damages, and recover from a cyber breach and its consequences.
Do you own a pair of premium wireless headphone from Bose? Chances are your music, podcasts and other audio activities are being spied on by the company as claimed by a lawsuit. Kyle Zak, once an avid user of Bose headphones has filed a lawsuit at the federal court of Chicago seeking an injunction to stop Bose from breach of privacy laws by acquiring and selling consumer information without permission.
Hajime, an IoT malware strain discovered last October, appears to be the work of a vigilante who has set out to take over and neutralize as many smart devices as possible before other botnets like Mirai can get ahold of them. While Hajime was first observed last year, it only recently became apparent to researchers that the author of this malware had no intention of using infected devices for evil purposes.
A new kind of attack is targeting unsecured Internet of Things devices by scrambling their code and rendering them useless. Security firm Radware first spotted the newly found “BrickerBot” malware last month after it started hitting its own honeypots, logging hundreds of infection attempts over a few days. When the malware connects to a device with their default usernames and passwords — often easily found on the internet — the malware corrupts the device’s storage, leading to a state of permanent denial-of-service (PDoS) attack, also known as “bricking.” In other words, this attack “damages a system so badly that it requires replacement or reinstallation of hardware,” said Radware.
A new ransomware as a service (RaaS) called Karmen has been discovered by security researchers at Recorded Future. This service allows anyone, including novices, to set up an account and customize their own ransomware campaign. The Karmen RaaS costs $175 and lets buyers set ransom prices, determine how long to give victims to pay and offers multiple ways to communicate with targets. The console also acts as a dashboard allowing subscribers to keep tabs on the number of clients they have and how much money they have earned.
The Dark Web – The nefarious affairs of cybercriminals
The Dark Web is a term that refers specifically to a collection of websites that exist on an encrypted network and cannot be found by using traditional search engines or visited by using traditional browsers. The dark web is home to both high-profile cybercrime syndicates as well as low-level “script kiddies”. Some “exclusive” dark web communities require prospective members to cough up a fee, which could range from a few to thousands of dollars and even require current members to vouch for a new entry.
What happens to stolen data on the dark web?
Stolen credentials are generally listed on the dark web to be sold so hackers can make a quick buck. Different kinds of user credentials have different value to cybercriminals. For instance, banking credentials are considered the most valuable. “Such credentials provide the biggest financial return to criminals and are often monetized by hackers directly through unauthorized financial transactions,”
How are user credentials valuable to cybercriminals?
Cybercriminals are known to use stolen credentials to launch cybercrime campaigns as well as perpetuate crimes such as identity theft and scams. However, user data has other uses and can allow hackers entry into corporations.
Stolen credentials could be utilized as a staging point to infiltrate almost any online service that utilizes email and password as a login combination. Access to stolen emails is often used to launch large-scale spam campaigns, advertising shady goods and services or distributing malicious files.
Data tracking and recovery on the dark is very challenging
Despite the volume of stolen user data available on the dark web, tracking its flow and its recovery can be “very challenging”. Although recovering stolen data may be imperative to companies, it can pose as a “moral and legal dilemma”.
Intrusions happen, threats emerge and your security operation needs to be at its peak efficiency. Anglo African solutions can quickly intercept threats and thus help in avoiding data breaches. For more information about cyber security kindly contact Anglo African on 2331636 or by e-mail at contact@infosystems.mu
