Cyber Security Trend Week in Review: Fraud Detection, Cyber Criminal Sophistication, NSA
This week in the Cyber Security Trend Community featured a series of items of concern for skilled IT security professionals to consider. Topics ranged from how mobility is a growing vector of vulnerability to the sophistication of cybercriminal networks, with some additional insights in between.
The emergence of the mobile sphere as an increasingly attractive attack plane is not exactly news. What is, however, as noted in a recent report from Juniper Research is just how seriously organizations are finally taking it. Juniper is forecasting annual spending should hit $9.2 billion by 2020, which represents a rise of almost a third—30 percent—over current levels. And, if one thinks about it, this spending is going to be precipitated by what is expected to be increased targeting of mobile networks and devices by the bad guys. What this should signal to our readers looking at where they need to be better trained and certified is clearly in becoming knowledgeable about the threats and tools in this arena.
One of the things we like to make community members aware of is the latest news those who are watching hacker activities can share with the community on what to be alert to in terms of bad actor trends. This week saw the release by RiskAnalytics of the report, Dark Cloud Network Facilitates Crimeware. It is worth a download. It describes an extensive fast flux network, known as Zbot that is every bit as sophisticated as any commercial-grade cloud network. This network has been used to sell stolen credit card information and host malware like ransomware, credential stealers, and other software that facilitates fraud.
We had a special guest contribution this week from Paul Kraus is CEO, Eastwind Breach Detection, titled, A Deeper Look into the NSA's Talk of Network Taps and Smart Sys Admins. As he notes, here in the U.S., putting NSA recommendations into practice to secure networks from prying eyes isn't hard, but takes persistence. It also takes having and using a state-of-the-art breach detection system. In fact, if you are an IT security executive with a wish list of capabilities you would like upper management to invest in; hopefully this is on that list.
The final item this week is solutions-related. It deals with an area of utmost concern, securing the supervisory control and data acquisition (SCADA) systems used by industries across many sectors as an automation control system. Indeed, the most noteworthy use is in the use of SCADA by electric utilities around the world. The new SCADAShield 5.0 by CYBERBIT provides advanced security and operational continuity and if this is your field of responsiblity, or if you are just interested given how important protecting national infrastructure has become, you might wish to check this out .
Weekend ReadingThe Cyber Security Trend home page has links to valuable resources. This includes not just the feature articles and news but also white papers and profiles of certifications that can help you keep up with the bad guys and advance your career. The Official (ISC)² OnDemand Training and The Rise of the Cloud Security Professional Whitepaper are just two of several that standout. In addition our companion Cloud Security Resource site, is also a source of valuable security insights and news