Quantcast
Channel: Kayla Matthews – IT SECURITY GURU
Viewing all 22 articles
Browse latest View live

Russia Suspected in German Energy Firm Hacks

0
0

Last fall, energy companies in several countries, including Germany and the United States, found out via a cybersecurity report from Symantec that hackers had figured out a way to breach their infrastructures.

These hackers could potentially switch off the power grids at those establishments and wreak havoc on their computer systems.

Now, more recent news includes allegations that Russia was the country behind the scheme.

 HansGeorg Maassen is the president of the Federal Office for the Protection of the Constitution, which is Germany’s domestic intelligence agency. He says there are numerous aspects about the incident — including the way it was carried out — that indicate potential involvement by the Russians.

The Berserk Bear Attack

This June, Germany’s cybersecurity agency, BSI, called the German power company attack “Berserk Bear.” Although BSI only named the issue recently, it became aware of it last year and said it had only managed to break inside the networks of a few companies related to German energy and electricity. Moreover, BSI says those previously infiltrated networks are now locked down.

Maassen declined to specify how many companies the hackers initially targeted when carrying out their attempts.

Russians Deny Involvement

In light of this development, Dmitry Peskov, a spokesman for the Kremlin, said he didn’t know what Maassen was talking about regarding the links to Russia when asked to comment on the matter.

Similarly, Maria Zakharova, a person associated with the Russian foreign ministry, seemed to take issue with the vagueness of Maassen’s stance. She stated: “(Germany) should give facts.”

This isn’t the first time Germany has had its eye on Russia in association with suspected hacking. After the alarm was raised about Russian interference in the U.S. presidential election, German officials began pondering if the same thing could happen in their country.

Unlike the United States, Germany does not use voting machines with internet connections. Even so, representatives knew it was necessary to remain vigilant against possible manipulation of the democratic process from outside influencers.

However, details have not emerged about whether the attack on the energy companies was similar to what happened in the U.S. elections.

Lying in Wait

Information from Symantec about the Berserk Bear attacks mentioned they were concentrated in Ukraine and Turkey.

They involved tricking energy company employees into opening Word documents that acted as harvesters for sensitive details, including email addresses and credentials that could be used for access to a company’s energy grids.

Specifics also clarified there was no evidence of the hackers modifying the machines they broke into. The goal was seemingly to gather insights about system operations that hackers could later use to orchestrate massive attacks and those motivated by political events, in particular.

The hackers collectively referred to under the Berserk Bear moniker are also sometimes called Dragonfly, and cybersecurity groups, including CrowdStrike, also brought up Russia as a country possibly behind the attacks. They said there could be a desire to get information about the energy infrastructures of countries to use that knowledge for diplomatic gain.

Adam Meyers, vice president of intelligence at CrowdStrike, pointed out that if Russia was involved in some of the energy company hacks in other nations, the Dragonfly hackers might have set their sights on Turkey. This is because representatives in Ankara shot down a Russian plane believed to be in its airspace.

Details Are Still Scarce

Maassen has not gone into depth about his beliefs about Russian involvement in the Berserk Bear attacks, which means all people can do until he reveals more specifics about his allegations is speculate.

This is not the first time Maassen has connected Russia to a suspicious attack. However, he’d likely not have stepped into the spotlight by giving a public statement about his beliefs without something substantial to back them up.

Hopefully, that means people will know more details soon.

The post Russia Suspected in German Energy Firm Hacks appeared first on IT SECURITY GURU.


12% of Security Professionals Have Considered ‘Black Hat’ Activity

0
0

Numerous studies focus on aspects of cybercrime aftermath, such as a company’s lost reputation or its struggles to obtain future clients after incidents.

However, Malwarebytes commissioned Osterman Research to determine the direct costs of cybercrime associated with three areas: the costs of major event remediation, expenses for security budgets and cybercrime caused by so-called “gray hats.”

The rest of this piece not only reveals the growing prominence of gray hats but, primarily, how common it is for security professionals to get approached about black hat hacking.

The Three Main Types of Hackers

A gray hat is a type of hacker that probes a company’s products or networks for vulnerabilities. When the person finds some, they contact the company and typically expect a financial reward for their revelations.

Gray hat hackers keep their day jobs as security professionals but engage in their less publicized activities outside typical work hours.

There are also white hat hackers. Companies knowingly hire them to probe for vulnerabilities and find them before cybercriminals use them for damaging purposes.

Then, of course, there are the black hat hackers, who solely infiltrate systems for malicious means.

Worrying Conclusions About Black Hat Hacking

Worldwide statistics collected for this study indicate that 41 percent of respondents either know or have known someone who took part in black hat hacking.

Worse still, 12 percent of people polled admitted they’d personally considered taking the approach. Perhaps that’s because the allure to do so is seemingly always there.

Overall, 22 percent of people reported being asked to perform black hat hacking.

Those kinds of opportunities most often presented themselves in the United Kingdom, with 21 percent of people there saying they were asked, and least likely to happen in the United States, where only eight percent of individuals got approached with such offers.

Possible Frustration From Workers at Mid-Sized Companies

Data from the study ordered by Malwarebytes showed that mid-sized organizations — those with 500-999 employees — are feeling the pinch of increasing security threats. The number of attacks they deal with is on the rise, but the number of employees on hand to deal with them and the available financial resources aren’t.

Some cybersecurity professionals ultimately decide it’s time to move on and find other organizations that devote more resources to keeping networks secure. Over 36 percent of people polled for Malwarebytes said they agree there is more earning potential in defending against cybercriminals as opposed to becoming one.

However, people could easily decide it’s worthwhile to do both, especially if trying to save extra cash before leaving an organization that doesn’t have adequate cybersecurity resources. If so, employees could put their workplaces at risk, especially if the black hat hacking exploits involve conflicts of interest or leaking confidential details to entities on the dark web.

Money May Not Be the Primary Motivator

The poll also highlighted how 49 percent of the professionals at mid-level companies suggested it’s possible to get into black hat hacking without getting caught. Plus, over 50 percent of global respondents from companies of all sizes said that the challenging aspect of the activity was a perceived reason to give black hat hacking a try.

So, if cybersecurity professionals don’t feel their employers adequately utilize their talents during their day jobs, they might look for excitement and engagement elsewhere.

Companies are also under threat if their current or former employees have grievances. Over 53 percent of the respondents in the United States who weighed in for the Malwarebytes survey identified employer retaliation as a reason to become black hat hackers.

A Common Perception of Gray Hat Hacking Activity

One surprising finding of the Malwarebytes study not related to black hat hacking was that people in the security industry suspect when their peers delve into the gray hat realm. It’s becoming more and more likely for people to think co-workers are hacking in this way.

The survey found that around the world, one out of 22 security professionals are perceived by their peers to act as gray hat hackers, and that perception is even more likely in the United Kingdom.

This perception could be another reason these specialists decide to diversify their earnings through unauthorized activities. If people think the majority of their coworkers are already working as gray hat hackers, they probably won’t hesitate to do the same.

Additionally, once people are already working as gray hat hackers, making the transition to black hat hacking isn’t as hard.

Cybersecurity Professionals May Not Stay Loyal to Their Employers

This study shows that when cybersecurity professionals want to do more challenging work, need to earn money on the side or perceive that illegal hacking is common among their colleagues, they’re more likely to do it.

Other reasons exist too, but companies that want to discourage it should focus on their employees by not spreading them too thin and otherwise tempting them to secretly share their talents elsewhere.

The post 12% of Security Professionals Have Considered ‘Black Hat’ Activity appeared first on IT SECURITY GURU.

Viewing all 22 articles
Browse latest View live




Latest Images