The Learning Awards 2018

Cyber Pulse: Edition 1

Read the latest edition of Cyber Pulse, our roundup of Cyber news.


9 February 2018

Inevitable change but stuck in the past: Moving to the Cloud

Stuck over migrating to cloud can be daunting for businesses – and as technology continues to grow – the changes are inevitable and soon most business, if not all, will migrate their system, application and architecture over one component at a time. Regrettably, most cybersecurity firms are halt to a fault with what they know and are tuned to dealing with data center environment and technology. As a result, this amounts to security architects being the biggest area of concern when moving to the public cloud. So far, companies boarding on the cloud initiative almost always first attempt to port their data center security tools over to the cloud, rather than working on embracing a different deployment model. To move to the cloud quickly and effectively, companies need to focus on loosely-couple architectures. For example: Forget the past; Focus on your future, adapt to cloud-native tools, deal with licensing Issues.

Air Gaps, Faraday Cages Can't Deter Hackers After All

Conventional wisdom says that if something isn’t connected to the outside, it can’t be hacked. However, research shows that Faraday bags and air-gapped computers that are disconnected from the internet will not deter sophisticated cyber-attackers. Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically sealed Faraday bags, which prevents electromagnetic signals from leaking out and being picked up remotely by eavesdropping adversaries. However, researchers utilized malware keystrokes on an air-gapped computer to transfer data to a nearby smartphone via its magnetic sensor. Attackers can intercept this leaked data even when a smartphone is sealed in a Faraday bag or set on airplane mode to prevent incoming and outgoing communications. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any devices.

ShurL0ckr Ransomware Evades Malware Detection in Cloud Services

As organisations have adopted cloud services to increase their productivity and agility, so have hackers who see cloud services as the next big target for distributing malware and stealing sensitive data from businesses and individuals. Google Drive and Microsoft Office 365, both of which have built-in malware protection, failed to identify a new form of Gojdue ransomware called “Shurl0ckr”. ShurL0ckr is a zero-day ransomware that works the same way as the Satan ransomware. Staying safe in the cloud is no easy task and inventive hackers will always find a new way to distribute malware and ransomware. However, now that the ShurL0ckr ransomware has been identified, security and cloud providers can better protect their customers from falling victim to it.

Adobe Flash Player Zero-Day Exploit Spotted in the Wild

Another reason to uninstall Adobe Flash Player—a new zero-day Flash Player exploit has reportedly been spotted in the wild by North Korean hackers. South Korea's Computer Emergency Response Team (KR-CERT) issued an alert for a new Flash Player zero-day vulnerability that's being actively exploited in the wild by North Korean hackers to target Windows users in South Korea. To exploit the vulnerability, all an attacker need to do is trick victims into opening Microsoft Office documents, web pages, or spam messages that contain a maliciously crafted Adobe Flash file.

Crypto-Mining Botnets Could Make £70m Annually

Criminals have progressively turned to crypto-mining malware to generate revenue. Cryptocurrency mining involves a zero-touch approach, once the victim is covertly infected with the mining malware. The Internet of Things (IoT) devices offer a relatively unprotected target without direction victim oversight which is minimal effort and maximum reward. To put this into perspective, an average system would likely generate about £0.2 of Monero per day, meaning that adversary who has enlisted 2,000 victims, could generate £300 per day. Therefore, in theory, botnets consisting of millions of infected system, which using our previous logic means that these systems could be leveraged to generate more than £70 million per year.

No Silver Bullet for GDPR Compliance

Elizabeth Denham, the UK’s information commissioner, has warned that many organisations will not be fully compliant when GDPR comes into effect in May. Denham added that organisations should be more concerned about the cyber threat posed by hackers in their bedrooms than those working on behalf of nation states. “We make a mistake if we throw up our hands and worry about state sponsored attacks – we know those are rare,” she said. “You should be worrying about the malicious kid in his bedroom who hacks into your system because he can. Or the opportunistic thief who understands the value of the data you hold and knows how to get his hands on it. Because you left the door wide open.” Everyone is concerned about GDRP because it includes potentially huge financial penalties – and ignorance will be no defense. Everyone has an opinion, but in truth there is no single certification or qualification that can inform any enterprise on both what the GDPR regulation requires and how-to re-engineer organizations to efficiently meet those demands.

Useful links:

Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.

Take a look at QA's state-of-the-art Cyber Labs, which provides a unique, immersive learning experience.

 

Edited and compiled by

 

James Aguilan

James Aguilan

Cyber Security Specialist

James has worked on many high complexity eDiscovery Projects and Forensic Investigations involving civil litigation, arbitration and criminal investigations for large corporation and international law firms across UK, US, Europe and Asia. James has assisted on many notable projects involving: one of the largest acquisition and merger case of all time – a deal worth $85 billion, multijurisdictional money laundering matter for Government bodies, and national cyber threat crisis including the more recent ransomware, phishing campaigns, and network intrusion. James has comprehensive knowledge of the eDiscovery lifecycle and forensic investigation procedures in both practise and theory with deep focus and interest in Forensic Preservation and Collection and Incident Response. In addition, He holds a first class bachelor’s degree in Computer Forensics and is accredited as an ACE FTK certified examiner.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.