Think Information. Think Security.
Small businesses are increasingly the target for cybercriminals. Here, one expert shares tips to ensure you stay protected

News articles are appearing every week reporting that consumers have been targeted by cybercriminals and have lost money or that a large organisation has been temporarily shut down.However, in the background these criminals are often targeting small businesses as they present a lucrative income and are easier to attack than larger organisations with dedicated IT professionals.

The majority of small businesses and Growing Business readers will do their banking and accounts online so by hacking into one machine, criminals can gain access to salary details, other critical passwords and bank accounts which can then be used to access money or sell to the cyber-underground.

These are done through key loggers on computers and by hackers monitoring key strokes. Every time you use the keyboard, hackers are able to analyse your movements and even take screen shots to see where you are going.

In about two weeks, hundreds of thousands of computer users are going to learn the hard way that failing to keep a clean machine comes with consequences. On July 9, 2012, any systems still infected with the DNSChanger Trojan will be summarily disconnected from the rest of the Internet, and the latest reports indicate this malware is still resident on systems at 12 percent of Fortune 500 companies, and roughly four percent of U.S. federal agencies.

In a bid to help users clean up infections, security experts won court approval last year to seize control of the infrastructure that powered the search-hijacking Trojan. But a court-imposed deadline to power down that infrastructure will sever Internet access for PCs that are not rid of the malware before July 9, 2012.

Cyber criminals in the past have already used cloud architectures to rent computational resources to involve in powerful cyber attacks. Since now these platforms have been used to organize social networks for “customer care”, to develope file sharing services or to arrange hacking platforms to conduct automated pen test against the victims.

Unusual is the discovery made by a group of experts of the AlienVault, led by Alberto Ortega, on a new service that offers cyber-attack tools and hosting as part ofmalware-as-a-service.

Once again cybercrime operates as enterprise, the products proposed are tools for the organization of cyber attacks such as spam of malware, malware hosting, and a to build up a complete command and control infrastructure (C&C) for the arrangement of botnets.

For years enterprises have been trying to control peer-to-peer (P2P) technologies inside their networks, and for good reason. The efficiency with which P2P technology move large files have made P2P networks key enablers of the Internet grey market by acting as the distribution mechanism of choice for pirated movies, music or applications. Aside from P2P being a source for pirated content, they are also a significant enabler of malware as both an infection vector and a command-and-control (C2) channel. These security risks have made controlling P2P traffic a priority for many security teams.

One approach to controlling the grey market usage of P2P would be to provide an alternative means for moving large files such as web-based file transfer applications YouSendIt!, Dropbox or These are just a few of many “digital locker” alternatives and their use is becoming so common that one might assume that P2P is on the decline.

June 27th, 2012
Paul Henry and Paul Zimski have a discussion regarding weaponized malware, while the threats that dominate headlines... Stuxnet (2009), DuQu (2010) and Flame (2011) seem like story lines that spy movies are made of, they are infact something enterprise should be concerned about. The weaponization of software has moved into a new age of cyber attacks. 

Like it or not, weaponized malware has become part of the mainstream. [Case in point: Google now notifies Gmail users when their accounts come under attack from an IP address that doesn’t match up.]

And while our nation’s critical infrastructure is likely your first thought when it comes to state-sponsored malware targets, you should also consider what that means for the enterprise and intellectual property. Now that the U.S. admitted its role in Stuxnet, “it’s safe to expect increased retaliation from any nation with an internet connection,” said  Paul Henry.

"If I were a gambling man, I’d also bet big on weaponized malware variants hitting enterprises around the world. Soon. Not that long ago, it was 13-year-olds working from their basements to impress their friends with a unique hack. Today, nation state funding exists for the development of very sophisticated, targeted attacks on other nations that then can be engineered by hackers to target your most valuable information".

We need to evolve our defenses. What we’ve always done is no longer good enough.

Cross-posted from: Richard Stiennon

Three attackers drove a van through the front of Microsoft’s offices just north of Athens on Wednesday, marched out security guards at gunpoint, and tried to burn the building to the ground.
It’s unclear who is behind the attack, but it’s a worrying sign for foreign multinational corporations, coming as Greece struggles under the weight of a collapsing economy.

No one but Hector Xavier Monsegur can know why or when he became Sabu, joining the strange and chaotic Internet collective known as Anonymous. But we know the moment he gave Sabu up. On June 7, 2011, federal agents came to his apartment on New York’s Lower East Side and threatened the 28-year-old with an array of charges that could add up to 124 years in prison. So Hector Monsegur, who as Sabu had become a mentor and icon to fellow members of Anonymous, surrendered his online identity to a new, equally faceless and secretive master: the FBI.

Jonathan Evans, director general of the U.K.'s security agency MI5, warns that Western nations are being targeted by an "astonishing " level of cyber espionage activity on an "industrial scale".

"The front line in cyber security is as much in business as it is in government. Britain’s National Security Strategy makes it clear that cyber security ranks alongside terrorism as one of the four key security challenges facing the UK. Vulnerabilities in the internet are being exploited aggressively not just by criminals but also by states. And the extent of what is going on is astonishing – with industrial-scale processes involving many thousands of people lying behind both State sponsored cyber espionage and organised cyber crime," Evans said.

Russian police authorities say that the botnet of a 22-year-old hacker they arrested last Thursday comprised more than 4.5 million computers – making it the largest publicly known botnet to date. Reportedly, the hacker used banking trojans to steal 150 million roubles, almost £2.9 million, from private individuals and organisations.

Each year, security experts and IT experts take a hard look at the threats that dominated in years past in an effort to prepare for the future. While hacker groups and technology are evolving faster than ever, there are still trends we can spot if we take a far and wide enough step back to see the whole picture. The annual Verizon Data Breach Investigations report shines some holistic light on what’s been happening in the world of cybercrime. Here’s a look at the past two years of this report, summarizing the movement of threats and how they’ve changed between 2010 and 2011.

Isolating Threat Sources

External agents are now the biggest security threat, and much more powerful and prevalent than in years past. Companies of all sizes are wising up to how real security threats are, and taking measures internally to prevent breaches. More organizations are developing, auditing, and enforcing more encompassing internal security policies including more stringent electronic use policies covering mobile devices and further locking down remote access to sensitive data. Because of this, internal threats greatly decreased from 2010 at 12 percent, to 2011 at just 2 percent, leaving most recent data breaches occurring from external sources. 86 percent of data breaches were perpetrated by external sources in 2010, compared to 98 percent in 2011. Let’s not forget partners, whose systems integrations led to 2 percent of data breaches in 2010, but less than 1 percent in 2011. As attack trends change, it’s an advantage to know where most threats reside.