As our day-to-day becomes more and more intertwined with technology, staying updated is critical. Just as there are useful innovations, there are cyber threats that update, evolve, and shapeshift – the dangers are no longer confined to our files, devices, and network. Identities, financial information, and even our privacy are at risk as opportunistic cyber actors come up with ingenious ways to access and breach information.
Stacey Wright is back for the Fall 2018 edition of her Cyber Threat Landscape Update. Stacey is the Director of CyberIntelligence at the CIS and is a regular Justice Clearinghouse resource speaker. Together with her Intel team at the CIS’ MS-ISAC, she shares information dealing with cyber intelligence, security, threats, and crimes.
On this course, Stacey discusses the current and emerging malware and threat trends, how these get into our network or device, and how to prevent and protect our systems from attacks. Some of the specifics covered include:
- The overview of the MS-ISAC and the EI-ISAC, and the sources of their information and intelligence.
- An update that discusses the patterns in the number of malware notifications and activity in the past months and the top malwares observed to attack and infect computers and networks.
- The Cyber Crime Technical Desk Reference that MS-ISAC prepared as a primer to cybercrime activity that details into the variants of malwares, scams, and actors.
- The top malware initiation vectors that look into how the malware is able to breach and access computers and networks.
- Defining ransomware, its variants, initiation, and prevention tips.
- A report on the confirmed ransomware infections observed in state and local governments and increasing in the education sector.
- A closer look into Emotet, the number one malware for September 2018, describing its characteristics, initiation vectors, and network propagation.
- How EternalBlue, reportedly developed by the NSA, turned into an exploit utilized in ransomware, trojan and cryptocurrency mining.
- What Cryptocurrency mining is, how it is being abused, and its effects on the victims.
- Office365 Bruteforcing, password spraying and preventive measures to not fall victim to this type of attack.
- Data Breaches that target the education and local government sector and a case that affected thousands of government entities in 35 states.
- The Business Email Compromise (BEC) technique that aims to deceive individuals into providing what the cybercriminals want, and guidelines to prevent and deal with BEC.
- Fraud cases that create fake charities and fraudulent websites related to storms/hurricanes/typhoons and a chart showing domain registry of websites looking to exploit this opportunity.
- The direct deposit compromise phishing campaign that seeks to harvest login credentials to modify direct deposit information for the cyber actor's financial gain.
- Hoax extortion schemes that deceive individuals into paying ransom to maintain the privacy of one's personal information.
- What organizations and individuals can do to prevent and protect themselves from cyber threats.
During the Q&A, Stacey clarified the attendees’ concerns relating to:
- The REN-ISAC – an ISAC for the education sector
- Getting end-users onboard with cybersecurity measures
- Trends on agencies being targeted
- Spear phishing and likely targets