Security is a critical concept for organizations and individuals – it is even in Maslow’s hierarchy of need. As technology comprises a substantial lump of our day-to-day, we also view cybersecurity as essential. Our data and resources are important, and somewhere, a cybercriminal is on the lookout to access this information and exploit our vulnerabilities.
Cybersecurity is an ever-evolving area. With every defensive means that cybersecurity experts employ, cybercriminals come up with a couple more ingenious ways to get through and around the defenses. This is why Stacey Wright and her team at the MS-ISAC is constantly on the lookout, studying, and creating solutions so fraud, hoaxes, breaches and other criminal activity done through the massive network of computers around the world are prevented.
As MS-ISAC’s Intelligence Program Manager, Stacey joins Justice Clearing House to speak about the current trends and give us an update on some of the cyber threats that state, local, tribal, and territorial (SLTT) government agencies and even individuals have been encountering or may encounter.
Specific subjects covered in the discussion today include:
- What the Multi-State Information Sharing and Analysis Center (MS-ISAC) is, their members, and the solutions and services they provide.
- A list of the top malwares monitored by the MS-ISAC.
The top two malwares that have always been in the top 10 list for 2017 and how the volatility of malwares in made it more difficult to defend devices and networks.
- Zeus that works as a keylogger and information stealer that aims to get critical credentials like bank logins.
- Kovter as a trojan-type clickfraud malware that slows down devices by using the victims’ resources while the cybercriminal profits from it.
- The malware trends so far for 2018 with Financial as the most common type and Malspam as the most popular means.
- WannaCry as one of the most publicized malware and how Microsoft aimed to resolve this threat through a system patch the released recently.
- Ransomware which can be prevented through vigilance, patching, and effective backup procedures.
- Emotet, a banking trojan that uses macros, links or attachments to gain access to one’s contacts, spread the malware to a network, and use this as an entry point for data breach.
- Ways to prevent banking trojan malwares by tracing back the source of the message and immediately informing the IT of such.
- Cryptocurrency Mining as another technique that gained traction with the increase of bitcoin prices, and how it uses your device or network to do the cryptocurrency mining to make money for cybercriminals.
- The two top initiation vectors for malware which are Malspam and Malvertising.
- How malvertising infections were mostly observed in the wee hours of the morning in unmanned computers, thus preventable by shutting down devices and closing browsers.
- Data breaches experienced by SLTT governments through the Business Email Compromise (BEC) scam.
- How hoax extortion works by employing various scare tactics to organizations or individuals to extort money.
- Preventing data breach, hoax extortions and BEC scams by training personnel of 2-factor authentication and building a culture of transparency in organizations where personnel can clarify with executives certain matters without jeopardizing their job.
- How Google Chrome is working towards securing their users by adding a notification for non-secure, non-https websites.
- The strategies being employed by offenders, from opportunistic, strategic to a hybrid model that exploits individuals’ and agencies’ vulnerabilities.
- Supply chain risks posed by software and devices as in the case of Russian Kaspersky Lab and Chinese Huawei and ZTE.
- Other forms of cryptocurrency crimes as cryptojacking.
- Ways to prevent these cyber threats through risk and role expansion.
- What agencies can do to tackle the low hanging fruit through vigilance, training, and the help of MS-ISAC.
- Poll questions gauged the composition of the attendees and their reason for joining, as well as their perception of the presentation.
The Q&A covered inquiries from the audience concerning:
- The infrastructure of MS-ISAC and if it is a hardware or software-based system
- Working with law enforcement agencies on cybercrime investigations and prosecutions, and the process for joint investigations
- The success rate of apprehending cybercrime offenders
- Fileless malwares, its initiation vector, prevention, and defense against it
- The particulars of Chrome 68’s security
- Using text messaging as an initiation vector
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is the focal point for cyber threat prevention, protection, response and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments. MS-ISAC membership is free for all SLTT governments as the MS-ISAC is funded by the U.S. Department of Homeland Security (DHS). To join MS-ISAC please fill out the application and mention you heard about them through the Justice Clearinghouse.