Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 27 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

CyberInt Avengers Assemble!

by The Gurus
October 3, 2018
in Editor's News
Synopsys acquires WhiteHat
Share on FacebookShare on Twitter

Cybersecurity company CyberInt has been shortlisted for a Security Serious Unsung Hero award in the Security Avengers category

In an era where cybercriminals plan and orchestrate attacks in the anonymous recesses of the Dark Web, effective threat intelligence has to become increasingly pro-active and investigative.

To enable enterprises to extend their security perimeters to encompass the Dark Web forums where organised criminal gangs (OCGs) hide, CyberInt has assembled a unique team of cyber sleuths comprised of ex-CISOs, ex-8200 Israeli Intelligence Corps and white-hat hackers spread across Israel, New York, London, Singapore, and Manila in order to keep a watch on developing threats and threat actors around the globe. Their work involves infiltrating the encrypted forums where OCGs, black-hat developers and hackers congregate.

This can frequently lead to the arrest of criminals who have become adept at the skills needed to break into even the most highly defended enterprise networks. For example, earlier this summer, as a result of a co-ordinated investigation with leading cyber security vendor CheckPoint, CyberInt led Brazilian authorities to alleged cybercriminal Douglas Arrial, who allegedly created a DIY phishing kit he was selling on the Dark Web. The initial attack was automatically detected by CyberInt’s Argos™ digital risk protection platform, which drives real-time detection of cyber threats via its unique artificial intelligence and machine learning algorithms.

Once the attack was detected, the CyberInt analyst team performed deep-dive investigations on behalf of a major Brazilian supermarket chain – the attack was targeting the chain’s customers to obtain their credentials and personal information. Cyberint’s international team of analysts swiftly discovered a part of the code referring to a Douglas Zedn. They then traced it back to his digital identity, including his Twitter handle. Arrial used the same profile for both his personal and “professional” activities, so the team were was able to trace the attacks directly to Arrial before informing the authorities.

“Whenever our research teams find something critical, our policy is to notify law enforcement and the relevant enterprises – customers or not – to make sure we can prevent other people from being victimized,” says CyberInt CEO Amir Ofek. “It is always exciting to see our cyber activities come to life and help lead to suspected cybercriminals’ arrests.”

This kind of investigation also frequently exposes the latest techniques and tools being developed by cybercriminals – allowing enterprises to secure their networks effectively. The [A]pache phishing kit allegedly developed by Arrial, for example, makes it easy for even those cybercriminals with limited technical ability to carry out highly effective and sophisticated attacks. At $100-$300, the cost of the [A]pache phishing kit is higher than that generally charged for more standard phishing kits. But [A]pache’s next-generation product provides threat actors with a full suite of tools with which to carry out attacks. For instance, it offers cybercriminals an entire back-office interface with which they can create convincing fake online retail product pages for their fraudulent marketing campaigns.

The global cost of cybercrime is now estimated reached as much as $600 billion a year, roughly 0.8 per cent of global GDP, according to a report titled “Economic Impact of Cybercrime — No Slowing Down,” by McAfee and the Center for Strategic and International Studies (CSIS).

This has effectively transformed cybercrime from a fringe criminal activity into a burgeoning new global industry. As such it has started to create a whole raft of support services such as help desks and malware-as-a-service to help OCGs carry out their attacks with maximum effectiveness.

These highly supported and increasingly professional cybercrimes can range from phishing attacks supported by [A]pache-level kits to carefully planned ransomware attacks compromising the target organisation’s entire database and supported by criminal but highly professional software-as-a service products.

Earlier this year, CyberInt’s investigators also discovered that existing hacker groups never previously found to be associated with or sponsored by governments have started to use sophisticated tools and techniques formerly exclusively deployed by nation states such as Russia and China. For example, OCGs have been found to be utilising Saturn ransomware, a highly-sophisticated software that can be distributed via phishing or email as a Ransomware-as-a-Service (RaaS), which is now available on the Dark Web for free. Other former nation-state techniques now becoming more common in purely criminal circles include “watering hole” attacks exploiting weaknesses in the defences of third parties such as the target organisation’s suppliers, sub-contractors, partners, and clients. These types of attacks are not always aimed at short-term financial gain but are also ideally-suited for the intellectual property theft and corporate espionage for which they were originally designed.

“These new types of attacks, which started to appear in the latter half of 2017, can be particularly dangerous for corporates as this new breed of OCGs are in it for the long game and will sit within a compromised IT system, carrying out repeated fraud, siphoning off cash and carrying out cyber-espionage,” says Jason Hill, lead research analyst at cyber-security firm CyberInt.

Even major corporations are often totally unaware of the resources cybercriminals now have to hand to help them break into the most heavily secured corporate networks. For instance, for months prior to the major Tesco Bank attack where cybercriminals took £25million from customer accounts, hackers were openly referring to Tesco Bank as a “cash milking cow” and “easy to cash out” in posts on Dark Web forums.

Cyberint’s team of analysts found these early indications of an attack while carrying out a probe of hidden web pages.  They discovered that the cybercriminals were discussing the potential uses of a tool that tested thousands of login and password combinations, allowing access to Tesco accounts.

Monitoring the development of this fast-growing criminal underworld hiding in the shadows of the Dark Web is now essential not only in cyber security terms; it is rapidly becoming crucial to corporate survival as Twenty-First Century enterprises cannot afford to allow cybercriminals easy access to their most sensitive data without a potentially fatal loss of customer and investor confidence.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Janrain joins forces with Trusona

Next Post

Security Serious Unsung Heroes Awards 2018 Winners Revealed

Recent News

#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023
The Salt Security API Protection Platform is Now Available on Google Cloud Marketplace

The Salt Security API Protection Platform is Now Available on Google Cloud Marketplace

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information