Fish hack, no seriously..

Image result for fish face

Credit: Getty Images. NB. not the actual fish involved

We have talked about phishing before and warned you of the dangers of phishing emails that spread malware, ransomware and other toxic payloads. Today however we are talking fish. Actual fish.

It was never going to be long before the obsession with web-enabling everything from air conditioning to kettles, caused a bit of a problem. In this case, a web-enabled fish tank (stay with us) was hacked and using this fish tank’s connection, criminals managed to move through the network and steal data from the fish home a ‘smart tank’  in a casino…

If you consider the use web-enabled equipment, including any animal enclosures, please risk assess it thoroughly and please protect it properly from fishers, phishers and other cyber botherers. Criminals will head for the point of least resistance every time and you need to know where that is before they do.

If you want to view some free content of ours on cyber protection, head over here.



Understanding the motives in attacks

ddos attacklReading a recent story about the sentencing of a UK teen for carrying out a Distributed Denial of Service (DDoS) attack on an online casino, we were reminded of how important it is to understand and scope all of the motivations for carrying out cyber attacks.

An apparently disaffected young person, with no other intent other than to gain notoriety or ‘see if they can’, is as real a threat to an online casino as a determined criminal seeking to harvest credit card details. It has cost the business money and inconvenience, the only good thing to be said about it is that apparently no customer details were compromised.

generic_jail_prison_barsOther details of the teen in question included his collection of weaponry bought over the internet from China. His sentence may have been suspended but interest in him and his online habits are unlikely to be…

If you would like to read the whole story click here.

Four Winds casino hit by hackers

Stack of Chips(US) Michigan casino Four Winds has discovered that cardholder data including all of the data stored on the mag strip, has been stolen by hackers and the casino is warning users between October 2014 and October 21, 2015 , that their information may have been compromised and/or stolen.

Cybercrime knows no geography, so it is important not to be distracted by the location of the crime. This may have happened in Michigan, but the criminals could be anywhere.

phishThere are no details available yet on how the hackers managed to upload the code that allowed this information to be copied from the casino system. Phishing of employees is one of the most popular and successful routes into a business and ensuring employees are able to spot phishing and its more aggressive and successful big brother, spear phishing, is imperative. Employees are always going to be the Achilles heel of a security strategy and that is why businesses that handle personal information, need to ensure they place enough importance on training and re-training them with security awareness and the latest threats.

Advent IM HMG accreditation concepts trainingInsider threat is often a worry for many businesses too and it is the other end of the human threat; when the nefarious individual is already on the inside. Obviously, we don’t know what happened in this instance but this offers all such businesses a warning to review security training, vetting and overall strategy.

Watch out for those iPhone/iPad phishing emails

ID-10067364For reasons far too dull to expand upon, there were no Apple products in my stocking this year. I have however, had a mountain of email telling me to click through various links in order to re-register my iPad, to download a free app or piece of music, and a variety of other things. Also for my iPhone (that I don’t have) a variety of free apps and other vital pieces of software I must have/register or otherwise obtain. I hope that you have not been subjected to any of this opportunistic phishing. For that is what it is.Given that Apple products dominated Christmas this year in terms of phones and tablets, it looks like a safe bet for a phisher. Add to that some of the recipients might be kids/inexperienced/slightly merry on Christmas day and therefore more likely to click an unexpected link or file and thereby deliver the toxic payload or whatever the email was designed to do..

At this point I would refer you to my previous post about making sure you are allowed to use your device on your employers networks, before you actually do. Especially if you have not been careful about what you have clicked on when you had your party hat on…

Happy 2015 everyone.

Multi million dollar poker game halted by cyber attack

1,937 participants in Winning Poker Tournament (WPN) mega event have been left disappointed as a cyber attack has caused the tournament to be stopped.

The Distributed Denial of Service (DDoS) attack swamped and disrupted initial games and WPN had no choice but to shut down and refund early players. No responsibility for the attack has been established as yet.

The event has been re-scheduled for February.

More details and original story can be found on the online casino reports website.

ddos attackl

IFSEC top 40 most influential in Security – Mike is at Number 8!

Well done to our MD, Mike Gillespie for making into the Top 10 of the Most Influential in Security 2014.

This has been a great week at IFSEC for Mike. His presentation on UK Cyber Security Posture was very well received and we will be voicing over a version for the website and youtube soon. Getting into the top ten of this prestigious list is a great achievement.

Cork Shot Out From a Bottle of Champagne

Cryptolocker – what you can do- right now

The National Crime Agency (NCA) yesterday issued a warning about Cryptolocker 

This is a malicious program called ransomware. Most ransomware will effectively lock your computer up then demand payment to unlock it. Cryptolocker is a bit different as it basically encrypts everything on your system: images, document files, databases,  but the encryption key is not stored anywhere on the system, it is held by the cybercriminal attacking your system and you cannot unlock and decrypt your files without them. Unfortunately you will not be aware that your files are being encrypted in front of your eyes, until it is already done. While it is not a self replicating virus, so it won’t spread across a network unaided, it does search for files to encrypt so your network is at risk if there is an infection.

According to the notice from the NCA, some ISPs will be contacting users if they suspect they have an infected system. Of course this does raise the issue of potential fresh exploitation by those scammers who like to phone people up claiming to be from Microsoft and telling people their machine is affected by viruses and they must pay to have it cleaned. So people are going to need to be very wary and well informed when going through this process.

CryptoLocker-thmbThis is a crime and if it happens to you report to Action Fraud  Do not hand over any money or Bitcoin.

According to the NCA there is a two week (13 days from today) window in which you can rid your operating system of GoZeus (aka P2PZeus) and Cryptolocker.

What to do now:

  • Ensure your operating system and security software are regularly updated.
  • Ensure anti-virus tools and definitions are up to date. If you don’t have these tools then rectify that. These are security basics.
  • There are Cryptolocker prevention kits on the market, if you decide to go this route choose carefully.
  • Phishing and spear phishing: Don’t open attachments from unknown sources or from emails that appear to be from a legitimate source but you do not fully trust. The same applies for links it asks you to click. Examples might be bank emails that tell your account has been locked down or accessed suspiciously. Use your normal method of reaching your bank, do not click the links.
  • Regularly back up important data and keep it within unconnected storage. If you do get attacked you should be able to restore your data if you back up properly. Its a pain but its better than losing everything.
  • Businesses should check incident response and resilience protocols to monitor for infection.
  • Ensure staff are educated in good security practices and how to spot threats and phishing. Run regular update sessions and keep up to date on current threats and methods being used by attackers. Ensure good security hygiene across your organisation.
  • Use software to identify if a computer is infected. If so, disconnect it from networks immediately and seek professional advice.
  • If you believe you have been compromised, change online account passwords and network passwords after removing the system from the network.
  • Don’t share passwords, don’t reuse passwords and keep work and personal passwords distinct and separate.
  • Block .exe files over email, including within ZIP files. This can usually be done using an anti-spam system.