Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label IT Industry. Show all posts
Security
cyber attack Cyber Attacks FBI IT Industry Passwords Ransomware Security

IT Manager Faces Charges for Locking Computers to Demand Money


 

A recent case has highlighted that ransomware threats can sometimes come from within an organisation. Daniel Rhyne, a 57-year-old IT administrator from Kansas City, Missouri, has been accused of holding his own company hostage by locking down their systems and demanding a ransom to restore access.

The incident occurred in November last year when Rhyne was employed at an industrial company based in Somerset County, New Jersey. According to the Federal Bureau of Investigation (FBI), Rhyne allegedly took control of the company’s network by resetting the passwords of network administrator accounts as well as those of hundreds of employees. He then proceeded to delete critical backups and locked out both servers and workstations, crippling the organisation’s operations.

An hour after initiating the attack, Rhyne allegedly sent an email to the company's employees informing them of the situation and demanding a ransom in exchange for unlocking the systems. The FBI claims this was an attempt at extortion, with Rhyne threatening further damage if his demands were not met.

Rhyne’s actions were investigated by the FBI, and he has been charged with multiple counts, including extortion, intentional damage to a protected computer, and wire fraud. Should he be convicted of all charges, he faces up to 35 years in prison and a $500,000 fine, as reported by The Register.

Several pieces of evidence were gathered by the FBI to support their case against Rhyne. For instance, he allegedly used a tool known as PsPasswd, a Windows Sysinternals utility, to reset user passwords. The new password set for the accounts was "TheFr0zenCrew!", a telling detail that investigators believe connects him directly to the attack. Rhyne also reportedly kept a hidden virtual machine (VM) on his company-issued laptop, allowing him to maintain remote access to the network's administrative controls.

Adding to the case, the FBI noted that Rhyne's digital activities prior to the attack were suspicious. He allegedly used his work laptop to search for ways to alter administrator passwords via command-line tools, which are often used by IT professionals to manage networks remotely. Investigators claim that on the day of the attack, Rhyne was seen logging into his work laptop, conducting these searches, and reviewing company password spreadsheets while also accessing the hidden VM.

The fact that he used his company-issued laptop to perform these actions leaves a strong digital trail linking him to the crime. The FBI’s detailed investigation paints a clear picture of how the attack was executed, utilising common IT tools to gain unauthorised control over the company’s systems.

If Rhyne is found guilty, his actions could serve as a warning to organisations about the potential for internal threats. It highlights the need for companies to have strong security protocols in place, not just to defend against external hackers but also to safeguard against malicious insiders who have privileged access to sensitive systems.

This case illustrates how cyberattacks are evolving and how attackers, even those within the organisation, can exploit their knowledge and access to launch devastating attacks. Organisations must remain vigilant and continually monitor for suspicious behaviour, no matter the source, to protect their critical digital infrastructure.


Read more »
Privacy
Business Cloud Computing Cloud Services data security Healthcare IT Industry Privacy

Rethinking the Cloud: Why Companies Are Returning to Private Solutions


In the past ten years, public cloud computing has dramatically changed the IT industry, promising businesses limitless scalability and flexibility. By reducing the need for internal infrastructure and specialised personnel, many companies have eagerly embraced public cloud services. However, as their cloud strategies evolve, some organisations are finding that the expected financial benefits and operational flexibility are not always achieved. This has led to a new trend: cloud repatriation, where businesses move some of their workloads back from public cloud services to private cloud environments.

Choosing to repatriate workloads requires careful consideration and strategic thinking. Organisations must thoroughly understand their specific needs and the nature of their workloads. Key factors include how data is accessed, what needs to be protected, and cost implications. A successful repatriation strategy is nuanced, ensuring that critical workloads are placed in the most suitable environments.

One major factor driving cloud repatriation is the rise of edge computing. Research from Virtana indicates that most organisations now use hybrid cloud strategies, with over 80% operating in multiple clouds and around 75% utilising private clouds. This trend is especially noticeable in industries like retail, industrial sectors, transit, and healthcare, where control over computing resources is crucial. The growth of Internet of Things (IoT) devices has played a defining role, as these devices collect vast amounts of data at the network edge.

Initially, sending IoT data to the public cloud for processing made sense. But as the number of connected devices has grown, the benefits of analysing data at the edge have become clear. Edge computing offers near real-time responses, improved reliability for critical systems, and reduced downtime—essential for maintaining competitiveness and profitability. Consequently, many organisations are moving workloads back from the public cloud to take advantage of localised edge computing.

Concerns over data sovereignty and privacy are also driving cloud repatriation. In sectors like healthcare and financial services, businesses handle large amounts of sensitive data. Maintaining control over this information is vital to protect assets and prevent unauthorised access or breaches. Increased scrutiny from CIOs, CTOs, and boards has heightened the focus on data sovereignty and privacy, leading to more careful evaluations of third-party cloud solutions.

Public clouds may be suitable for workloads not bound by strict data sovereignty laws. However, many organisations find that private cloud solutions are necessary to meet compliance requirements. Factors to consider include the level of control, oversight, portability, and customization needed for specific workloads. Keeping data within trusted environments offers operational and strategic benefits, such as greater control over data access, usage, and sharing.

The trend towards cloud repatriation shows a growing realisation that the public cloud is only sometimes the best choice for every workload. Organisations are increasingly making strategic decisions to align their IT infrastructure with their specific needs and priorities. 



Read more »
USA officials
Artificial Intelligence Bot Cyber Security IT Industry USA officials

House GOP Considers Robot Dogs for Border Patrol

 

The deployment of modern robotic technology to improve border security was the focus of a recent House GOP meeting. The discussions centered on the prospective use of robot canines to patrol US borders, which would be a significant advancement in the continuing campaign to safeguard the country's frontiers.

The House GOP's consideration of this cutting-edge technology follows a series of debates on bolstering border security and immigration control. The proposal aims to leverage the capabilities of robot dogs to supplement the efforts of law enforcement agencies in monitoring and safeguarding the vast stretches of the US borders.

One of the primary motivations behind exploring this initiative is the robot dogs' ability to access remote and difficult terrains, where traditional border patrol methods may encounter challenges. By deploying these agile and adaptable machines, authorities hope to increase their presence in areas that are not easily accessible by human agents, thereby enhancing overall surveillance and response capabilities.

The tech industry has made significant strides in the development of sophisticated robotic devices, and the deployment of robot dogs for border security is gaining traction worldwide. These robots are equipped with state-of-the-art sensors, cameras, and artificial intelligence, allowing them to detect and track movement with impressive accuracy. Additionally, their non-threatening appearance enables them to blend into their surroundings, making them less likely to be detected or targeted.

The debates have brought up ethical and privacy concerns despite the possible benefits of utilizing robot dogs for border patrol. The use of sophisticated surveillance tools, such as robot dogs, is criticized as having the potential to violate people's right to privacy and expand the monitoring of border communities. These issues highlight the demand for a fair strategy that protects the border while upholding the rights and dignity of locals.

Representative Alexandria Ocasio-Cortez (AOC) has tweeted her opposition to the measure. She emphasized the significance of dealing with privacy concerns and establishing responsibility and openness in the usage of such technology. Her position matches the general public's opinion on the use of robotic surveillance equipment.

The House Oversight Committee has scheduled a hearing titled "Using Cutting-Edge Technologies to Keep America Safe" in response to issues brought up by politicians and the general public. This hearing seeks expert advice on developing a strategy that strikes a balance between safety and privacy concerns while delving deeper into the possible advantages and hazards of using robot dogs for border patrol.
Read more »
IT Industry
Cyber Security cyber security teams Cyber Staffers Cybersecurity industry Gartner IT Industry

Stress May Drive Half of the Cyber Staffer to Leave Their Jobs


We are all aware of the significance of cybersecurity sector and how it is short of vacancies and skills. It is yet unfortunate that their may not be an immediate relief, research firm Gartner's estimates come true that a full quarter of security leaders completely leave the cybersecurity industry by 2025. 

The new report suggests that almost half of the cybersecurity experts will end up switching their professions, and that by year 2025, lack of skills and human failure would ultimately be the reason for over half of significant cyber incidents in the coming future. 

Do Not Ask Cyber Staffers “Why So Serious”? 

According to Deepti Gopal, director analyst at Gartner, professionals who are currently leading in the field of cybersecurity are in fact burning the candle at both ends to balance technology, business and environmental requirements in an attempt to maintain and improve their firm’s security. 

“While they are in the rush to achieve this they are really spread thin[…]If you look closely at today’s world, the hybrid work environment is everything; that also impacts the cybersecurity leaders, adding complexity to their work and the way they strategize,” she says. 

The "work life harmonization" employed by IT, she continued, dissolves the line separating work and non-work, especially given that both are located in the same place. 

“If you listen to cybersecurity leaders, you’ll hear things like ‘I start my day with work, emails, alerts, and coffee,’ and ‘I work with a group of All Stars who are always available, they don’t complain about the workload. These are all elements that indicate the presence of high stress, high demand,” Gopal said. 

“But, there is a loss of control or inability to have a sense of control on their work-related stress — the inability to protect their time for the things that matter the most. I like to ask leaders to jot down the things that they absolutely do in the coming week and then look at their calendars, most often they tell me that they haven’t carved out any time for the tasks on their list!” she adds. 

Cybersecurity Teams Undervalued at Companies That Move Fast and Break Things 

Gartner research illustrates how the compliance-based cybersecurity programs, low executive support and subpar industry-level security are all signs that a company does not consider security risk management to be essential for commercial success. 

According to Gopal, such enterprises are likely to lose cybersecurity talent to businesses where they are valued and are better recognized. “When the organization is charged to move fast, there will be situations where security is not top of mind; that needs to change,” Gopal said. “We need to see cybersecurity as intrinsic to digital design.” 

With Rise in Insider Risk, Talent Continues to Plunge 

According to Paul Furtado, vice president analyst at Gartner, the 'talent churn' of cybersecurity professionals as well as other professionals in the IT industry is a security risk since it gives rise to the possibility of insider misconduct. 

“The cybersecurity workforce is a microcosm of society and made up of individuals who respond differently to different stress triggers[…]For some, they will leave their employment gracefully without any disruptions,” Furtado said. “Others may feel that the artifacts they’ve created or contributed to are their personal intellectual property, and therefore, they take a copy. Some may feel that they want to exfiltrate some data that may assist them in their next role with a different employer,” he continues. 

Moreover, there also exists a possibility that individuals may well attempt actions, beyond theft to commit acts of sabotage or complete disruption of system or data, regardless of the position they hold in an organization. 

“The reality is that security leaders must be prepared for each of these occurrences; there are numerous examples where these behaviors have occurred[…]The scary part: In some cases, insiders won’t wait for a layoff or resignation to start some of these behaviors,” Furtado says. 

Furtado further advises that an organization must be well prepared against insider risks, since it is critical to prevent it from becoming an ‘actual insider threat event.’  

Read more »
security goals
Cyber Security Exabeam IT Industry IT Security IT security experts Prevebtion over Detection Research security goals

A Majority of Security Experts Prioritize Prevention Over Detection


As per a recent report finding, a majority of organizations prefer prevention over detection when it comes to safeguarding their systems. However, a large number of businesses are consequently witnessing data breaches and other cyberattacks, with the severity of these incidents worsening day by day. 

In a survey of 500 IT security experts, Exabeam researchers discovered that nearly two-thirds of their respondents (65%) prioritize prevention over detection as their number one endpoint security objective. For the remaining third (33%), detection remained their utmost priority. 

Late to the Party 

To make the situation worse, the businesses actually act on this idea. The majority (59%) allocate the same amount to detection, investigation, and response, while nearly three-quarters (71%) spend between 21% and 50% of their IT security resources on prevention. 

According to Steve Moore, chief security strategist at Exabeam, the issue with this strategy is that the businesses concentrate on prevention while threat actors are already there, rendering their efforts useless. 

“As is well known, the real question is not whether attackers are on the network, but how many there are, how long they have had access and how far they have gone[…]Teams need to raise awareness of this question and treat it as an unwritten expectation to realign their investments and where they need to perform, paying due attention to adversary alignment and response to incidents. Prevention has failed,” says Moore. 

The majority of responders said yes when asked if they are confident, they can prevent attacks. In fact, 97% of respondents indicated they felt confident in the ability of their tools and processes to detect and stop attacks and data breaches. 

Only 62% of respondents agreed when asked if they could easily inform their boss that their networks were not compromised at the time, implying that over a third were still unsure. 

Exabeam explains that security teams are overconfident and have data to support it. The company claims that 83% of organizations experienced more than one data breach last year, citing industry reports. 

Among the many approaches implemented in order to combat security affairs, most organizations appear to be inclined towards the prevention-based strategy. The reason is, it strives to make systems more resistant to attack. Contrary to detection-based security, this approach is more effective in a variety of situations. 

Implementing a preventive approach could aid a company in significantly reducing the risk of falling prey to a potential cyberattack if it applies appropriate security solutions like firewalls and antivirus software and patches detected vulnerabilities.

Read more »
Subscribe to: Posts (Atom)