Category: cyber security

What is Doxing

Doxing means to analyse information posted online by someone in order to identify and later harass that person. It is typically used to shame or punish people who would rather stay anonymous, because of their controversial beliefs or because they are making trouble in some way.

Doxing can be called a cyber attack involving uncovering the real-world identity of an Internet user. The attacker then reveals that person’s details online. This can then lead to other people attacking the ‘victim’  online and this can be malicious.

However much we may wish to hide out r identity online, we all leave a trail of breadcrumbs that the determined investigator can use to try to find out our real identity.

Typical methods used to determine someone’s identity may include:–

  • searching publicly available databases
  • searching social media websites
  • hacking
  • social engineering.

The key point of doxing is to find and publish personal information about the victim but it can be done for a wide range of reasons, including: harassment, online shaming, extortion or vigilantism.

Examples

  1. Newsweek writer Leah McGrath Goodman revealed the identity of the anonymous creator of Bitcoin, Satoshi Nakamoto although she was heavily criticized by some for her actions.

Some believe a journalist using doxing is crossing the legal line into harassment, by publishing information about an individual’s private life against their wishes.

  1. The Des Moines Register published racist tweets made by a 24-year-old Iowa man whose beer sign on ESPN College GameDay resulted in over $1 million in contributions to a children’s hospital, readers retaliated by sharing social media comments previously made by the reporter, Aaron Calvin, which contained racial slurs and condemnation of law enforcement.

The newspaper later announced that Calvin was no longer an employee.

3.   In July 2016, WikiLeaks released 300,000 e-mails called the Erdoğan emails (named after the Turkish leader). However, Included in the leak was a lot of personal information about Turkish citizens. The files were removed due to privacy concerns, as they included spreadsheets of private, sensitive information of voters.

If you have any experiences with these scams do let me know, by email

Fightback Ninja Signature

Man United Ransomware Attack

Manchester United football club experienced a ransomware attack in late 2020. They were held to ransom for millions of pounds by cyberhackers who targeted the club’s computer systems and demanded payment to stop them from releasing sensitive data.

It is a difficult decision for any business – pay up or risk seeing highly sensitive information being wiped out or leaked into the public domain.

The club were clear from the start that the attack was very serious but it did not impact on their schedule of matches.

United brought in a team of technical experts to contain the attack and they informed the Police and the National Cyber Security Centre (NCSC).

The NCSC revealed that in 2019 an English Football league club was hit with a £5m ransomware demand. They were unable to access their CCTV or use entry turnstiles, but its’s not believed that they paid anything.

It took weeks of effort to get things back to normal following the attack and United could face fines of up to £18 million or two per cent of their total annual worldwide turnover from the Information Commissioner’s Office if the attack is found to have breached their fans’ data protection.

The NCSC has previously warned that there is a growing threat to sports clubs.

It took roughly 2 weeks for United IT staff and outside experts to regain control of the situation. It is believed they did not pay the attackers.

The episode was embarrassing for United and they are still under investigation by the Information Commissioner’s Office.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

723 Serious Cyber Attacks Stopped

The job of the National Cyber Security Centre (NCSC) is to protect the UK against cyber threats, whether that’s from hostile nations and groups or simply criminals.

Since it became operational in 2016, GCHQ’s cyber crime defence centre has defended the UK against 1,167 serious such threats.

The majority of the attacks were carried out by hackers “directed, sponsored or tolerated” by foreign governments, according to NCSC chief executive Ciaran Martin.

“These groups constitute the most acute and direct cyber threat to our national security,” he said.

In these days of coronavirus, NSCSC has also had to help protect scientists working on a vaccine, NHS hospitals, essential infrastructure and more.

The Wannacry ransomware in 2017 did huge damage to the NHS hospitals caught out.

NCSC also work to stamp out phishing and similar scams and what they call ‘high commodity attacks’ including the removal of 138,398 phishing sites between September 2017 and August 2018.

Cyber attacks are increasing in volume, scale and range of targets every year so business and all organisations need to take this seriously and protect themselves accordingly.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Drive-by Downloads

Generally on web pages, you have to click a link or a button or do something to enable the page to download malware to your device.

But, if your software is sufficiently out of date or missing security updates, then  it may be possible for a web page to initiate a download of malware without you taking any action and it may not warn you of the download.

This can be very dangerous.

Anti-malware services can generally spot such danger and block the download but the key is to always keep your software fully up to date.

Common drive-by exploits

Hackers looking to create drive-by malware, generally look at the following:-

  • Old operating systems
  • Browsers such as FireFox, Chrome, Opera, and others, especially out of date versions
  • Out of date browser plug-ins
  • Early versions of Microsoft Office
  • Adobe/Shockwave Flash (ActiveX)
  • Adobe Reader
  • WinZip compression

The types of drive-by malware commonly found include:-

  • Trojan horses – these take remote control of the user’s device
  • Ransomware—allows the attacker to encrypt or threaten to destroy data on the device unless a ransom is paid
  • Botnet toolkits—attackers may install a botnet application that on many devices which can then be controlled as one to carry out actions such as sending spam email or participating in DDoS attacks
  • Man in the Middle tools—enables attackers to eavesdrop on the user’s communications
  • Keyloggers—capture keystrokes and feed them back to the hacker.

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

Cyber Security Checklist

https://www.itgovernance.co.uk/blog/5-essential-controls-to-include-in-your-cyber-security-checklist

IT Governance is a leading global provider of cyber risk and privacy management solutions, with a special focus on cyber resilience, data protection, PCI DSS, ISO 27001 and cyber security.

  1. Staff awareness training

Human error is the leading cause of data breaches, so you need to equip staff with the knowledge to deal with the threats they face.

Staff awareness training will show staff how security threats affect them and help them apply best-practice advice to real-world situations.

  1. Application security

Web application vulnerabilities are a common point of intrusion for cyber criminals.

As applications play an increasingly critical role in business, it is vital to focus on web application security.

  1. Network security

Network security is the process of protecting the usability and integrity of your network and data. This is achieved by conducting a network penetration test, which scans your network for vulnerabilities and security issues.

  1. Leadership commitment

Leadership commitment is the key to cyber resilience. Without it, it is very difficult to establish or enforce effective processes. Top management must be prepared to invest in appropriate cyber security resources, such as awareness training.

  1. Password management

You should implement a password management policy that provides guidance to ensure staff create strong passwords and keep them secure.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

What is Cyber Security

Cyber Security, (also known as Information Technology Security) is the protection of computer systems and networks from interruption of their service, theft or damage to their software, hardware or data.

Cyber attacks can cost organisations huge sums of money (including fines) but also cause damage to their business and loss of confidence by their customers and partners. There can also be loss of sensitive data relating to their business or customers and that can spread damage very widely.

The EU GDPR (General Data Protection Regulation) and the DPA (Data Protection Act) 2018 require organisations to implement appropriate technical and organisational security measures to protect personal data – or risk substantial fines.

Cyber security covers:-

  • Network security
  • Application security
  • Information security
  • Operational security
  • Disaster recovery and business continuity
  • User training

The technology is always changing and all organisations need to ensure they have the correct technology for the job and that it is kept up to date and protected against all threats.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature