Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Wednesday, 1 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Beating the cyber criminals at their own game

by The Gurus
December 3, 2015
in This Week's Gurus
Share on FacebookShare on Twitter

Beating the cyber criminals at their own game

By James Chappell, Chief Technology Officer and Co-Founder at Digital Shadows
The age of digital business has, for the most part, been positive. It has increased the ease and speed of communication while at the same time as reducing the cost. But with more than 3 billion individuals interacting across social media, mobile and cloud services every day it means that digital footprints are increasing. With this comes the increased risk that some of this information can be inadvertently exposed and may be used maliciously.
The information at risk, we refer to as a ‘digital shadow’. This is a subset of a digital footprint but consists of exposed personal, technical or organisational information that is often highly confidential, sensitive or proprietary. Adversaries can exploit these digital shadows to reveal weak points in an organisation and launch targeted attacks.
Adversaries cast a digital shadow too
A digital shadow is not necessarily a bad thing. Adversaries also cast a shadow similar to that of private and public corporations. These ‘shadows’ can be used to better understand the threat businesses face. This includes attacker patterns, motives, attempted threat vectors, and activities. Armed with this enhanced understanding, organisations are better able to assess and align their security postures.
The chief aim of cyber criminals is to make money. Tracking a digital shadow begins with this understanding. The anonymity offered by the ‘dark web’ is often (but my no means exclusively) used as a safe-haven by these criminals. By observing activity on the dark web it is possible to gain a better understanding of how cyber criminals behave. For instance, it’s possible to monitor what is being sold on online marketplaces and gain a view of the latest tools, such as attack kits which are being used and which vulnerabilities criminals are looking to exploit. This provides an attacker’s eye view of how these criminals might look at our own organisation and means we can be better positioned when it comes to our own security defences.
Learning from hacktivist groups
As stated, the so-called ‘dark web’ is not the only place where it’s possible to exploit the shadows of adversaries. With ‘hacktivist’ activity, for example, more typically uses social media such as Twitter and Facebook, and sharing sites such as Pastebin are used. Hacktivists tend to be more visible and easy to track because a primary motivation is to be heard and cause disruption and embarrassment. Their activity can be broken down into three main parts:

  1. Indication and warning – social media is a useful tool for monitoring hacktivist operational announcements. The use of operational hashtags, which are prevalent, aids this process. Groups will invariably provide operation names and specify target lists. If a hacking group name you on a target list, you are going to want to know.
  2. Evidence of attack – organisations should monitor for claims of defacements, DDoS attacks and breaches. This may occur on social media, often Twitter, but also on code-sharing sites such as Pastebin. Getting there first can help to reduce the reputational impact on your organisation. But it also helps from a historical view; understanding what tactics, techniques and procedures (TTPs) have used in the past help you to gauge how to best prioritise defence spending.
  3. Significant activity – Organisations can monitor social media and news sources for significant activity. While more mature organisations may use Activity Based Intelligence (ABI) to draw this information out, this approach need not be that complex. This approach may simply include observing arrests, reference to new techniques, declaration of links to other groups or actors.

Defence through understanding
The dark web can be a useful place to find out about the latest TTPs of cyber criminals, but firms should not underestimate the power of social media and sharing sites. These can provide a valuable insight into the activities, motivations and TTPs of attackers. Simply put, those who possess an understanding of these will be in a stronger position to defend themselves.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Hackers Using Social Media to Execute Attacks

Next Post

UK’s top teenage code breakers battle it out in Cyber City games

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information