Tag: cyber criminals

Cyber Attack

The Ever-Expanding Threat of Cyber Criminals

The Dark Overlord, a dangerous group of cyber criminals, have made a name for themselves over the past several years. We’ve covered some of their illegal activities in the past targeting healthcare and financial institutions, and unfortunately, they’ve continued to make news. Their latest attacks open a new front into cybersecurity, signaling a shift all organizations should have on their radar. Here’s what you need to know. Real-Life Ransom As you likely know, when it comes to ransomware and cyberattacks, everyone from the FBI to security professionals like us advise that you never pay the demanded ransom. This only emboldens cyber criminals and there’s no guarantee that you’ll actually receive your stolen data. Instead, the best protection is to have

Read More »
cyber attacks

Spear Phishing: How to Avoid the Newest Tax-Based Scam

In a past blog post, we discussed how cyber criminals will often use tax season as a cover to attack unsuspecting organizations. Usually this is done via a phishing method where the attacker poses as a member of a particular organization’s C-Suite and requests sensitive information be sent their way – like W2 forms, for example. This trick relies on the fact that some HR employees do face requests similar to this, and in such a tense period (tax season), are more likely to slip up and fail to fully verify these requests. With tax season now firmly in the background, one might think that cyber criminals would lay off this method of attack for the time being. Unfortunately, this

Read More »
Cyber Attack

Anonymous FTP: Crippling Healthcare Organizations

If you’ve ever had to share a large number of files with people working remotely, odds are you’ve used a file transfer protocol (FTP) server to accomplish this. It’s an easy way that you and others can access and upload information with a username and password, without taking up your own valuable internal storage space. Unfortunately, most of these FTP servers are operated by only a few companies. I say unfortunately because it means they are large targets for hackers. A recent bulletin released by the FBI details how FTP servers used by healthcare organizations have seen a sharp jump in attacks by cyber criminals. Here’s what we know so far. Anonymous FTP These attacks, the FBI noted, are carried

Read More »
cyber criminals

Cybercriminals Leave Trails

While we think it’s important to profile the crimes of cybercriminals and the threats they pose to organizations of all shapes and sizes, it’s also essential to remind ourselves time and time again that they are people and they do get caught. Previously, we looked at one British man who was caught running an online banking fraud system. Today, we’re going to analyze another banking fraudster who was recently apprehended. Of Fraud and Mules The US Department of Justice announced that Vyacheslav Khaimov pleaded guilty on February 3rd for running an international cybercrime operation which stole $1.2 million from at least 30 victims. The attack involved a sophisticated form of malware which gained access to the victim’s bank accounts. After

Read More »
Breach

The Anatomy of an Attack

Many times in this space we have discussed the results of an organization suffering a breach. These have included the fines an organization receives due to lackluster security practices, or the long-term damage a breach could potentially inflict on an organization’s reputation. Today, we’re going to move our gaze from the aftermath of an attack to it’s beginnings. What does a breach in real time look like, and what are the immediate steps an organization can take to remedy this attack? Meet the Attacker Since the summer of 2016, a hacking group known as “TheDarkOverlord” has been attacking businesses in the healthcare and financial sectors, grabbing private information and using it as a means of extortion. For example, in September

Read More »
Banking

Catching Cyber Criminals

We have a habit of profiling major cyber crimes in this space. The breaches that grab our attention, foreshadow coming doom – and so on and so forth. It’s important to remember, however, that there are real people behind these attacks. Real people who can be caught red-handed. The Crime The London Metropolitan Police’s Falcon cybercrime unit recently announced the arrest of a British man for stealing up to £840,000 ($1 million) in an online banking fraud scheme. Tomasz Skowron launched a malware attack in December 2014, targeting computers around the world. Notably, several companies in Australia were affected and forced to make payments. To facilitate this, Skowron set up a “money mule” system of bank accounts to which the

Read More »
Compromise Assessment

Compromise Assessment: Rooting Out Hidden Attackers

We often think of data breaches as these big, climactic events. Something like the bank robberies you might see in big budget movies. One minute, everyth is fine. The next, YaPostTypes Permalinkshoo or Target’s doors are being kicked down; they’re under attack. Millions of passwords, bank account info and more are made off with in an instant. Of course, it’s not really like that. There aren’t any getaway cars out front or dramatic fight scenes as the criminals steal information. Cyber-attacks don’t normally set off alarms – it’s in cyber criminals’ best interest to quietly sneak in so they can steal as much information as they can for as long as possible. These are stealth attacks that can linger, sometimes for years. To combat

Read More »