Are you afraid of the dark (net)?

1 May 2017 Editor's Choice, Cyber Security

IT and business media are increasingly full of the threats posed by cybercrime. Based on my own extensive experience the threat is not exaggerated.

Many of the threats are underpinned by something called the Dark Web, or Dark Net. This term refers to an overlay network that exists in parallel to the Internet, which can only be accessed using specific software like a TOR (an application browser used on the dark web) browser, configurations or authorisation.

Dark nets are quite transient, appearing and disappearing at unexpected times. They contain a vibrant and thriving e-commerce sector in which participants trade in illegal goods and services. These markets offer goods like drugs, counterfeit money, stolen IDs, credit card details, and website and corporate access credentials.

Where do these thriving markets in this hidden cyber world get the goods they are selling in such quantities?

The answer is from you, or your network, often through a compromised device. Upon investigation, it is also clear that in almost every incident, the user and the people responsible for managing the computers and networks did not even know they had been compromised. In other words, they do not know to take post-factor remedial action.

An additional factor is that even a person with limited experience can quite easily access the tools and services needed to hack into sensitive data and credentials. In uncertain times, people look for new ways to make a little bit extra. These amateur hackers are compounding the already severe problem posed by criminal syndicates.

More attacks, more loot

As a result, we are seeing an unprecedented rise in the type and number of attacks on inexperienced and ill-prepared ecosystem users in an attempt to steal information or access records.

Here’s a typical scenario: a user innocently clicks on a link to view an ‘interesting’ news article. He or she is taken to a compromised advertising site and a piece of malware is surreptitiously delivered onto the user’s device. When this happens, users need to know instantly that something untoward has happened so they can react before too much damage is done.

The latest malware attacks typically do one or more of the following:

• Check Internet connection and security settings.

• Download and run malicious files or ransomware.

• Report status to the author or attacker.

• Execute instructions on the devices they have penetrated.

• Automatically upload information taken from devices and the networks to which they are connected.

• Change administration privileges and validate security certificates.

The only way to counteract these and similar threats is to commence with an approach and understanding that all networks are dangerous. By adopting this approach, you promote a culture of ‘secure thinking’, cognisance of the dangers which in turn leads to responsible usage by all staff and network administrators. But it is vital to also ensure that you have real-time visibility of anomalous activities on both the Internet and your devices connected to it.

Ask yourself, or better still, find out who can support you on your journey in terms of becoming a more informed member of the human firewall chain and ensure they ask:

• Do you know whether a new piece of software (or malware) has been loaded onto your device? Or any device on your network? Is data being copied to an external source in the background?

• Are new files being run that are collecting data in a central place on or off a trusted part of your environment?

If you do not have immediate visibility into unauthorised changes, you are most probably already at risk or even worse, are already a member of a growing member of the coalition of the compromised.

For more information contact J2 Software, +27 (0)11 794 8301, john@j2.co.za, www.j2.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Axis gives a brighter future to children
Issue 1 2020, Axis Communications SA , Editor's Choice
Fully networked camera solution provides visibility and accountability, letting orphanage focus on what’s important – its children.

Read more...
SFP Security & Fire becomes ISF SFP
Issue 1 2020, ISF SFP , Editor's Choice
SFP Security & Fire was sold to ISF in 2019, becoming ISF SFP and attaining Level-1 BEE status.

Read more...
Janu-worry or Twenty-Plenty?
Issue 1 2020 , Editor's Choice
If the available security spend right now is somewhere between limited and non-existent, here are just a few suggestions.

Read more...
CCTV surveillance needs are critical in defining types of camera deployment
Issue 1 2020, Leaderware , Editor's Choice
Cameras by themselves do not reduce crime; they need to be implemented as part of a considered strategy of crime prevention and detection.

Read more...
Trends 2020
Issue 1 2020, Technews Publishing , Editor's Choice
Hi-Tech Security Solutions asked a few people from diverse companies to join us in a round-table discussion about what they expect to see happening in their environments in the coming year.

Read more...
Seven key trends for 2020
Issue 1 2020, Hikvision South Africa , Editor's Choice
Hikvision looks at a few trends that will affect the security industry in 2020 and beyond.

Read more...
Hundreds of millions to reskill
Issue 1 2020 , Editor's Choice
By 2022 alone, 75 million jobs will probably be displaced across 20 major economies, while 133 million new ones will spring up in industries that are only just gaining traction.

Read more...
Slow and steady wins the access race
Issue 1 2020, ZKTeco, Technews Publishing , Editor's Choice, Commercial (Industry)
The commercial sector is slow in migrating to new access control technologies, with the majority of companies remaining with card and fingerprint solutions.

Read more...
Client property access integrity
Issue 1 2020 , Editor's Choice
Blind or unquestioned trust is something that we all seem to willingly and unconditionally give our security service providers and their reaction officers.

Read more...
2020 Residential Estate Security Conference in KZN
November 2019, Technews Publishing , Editor's Choice
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

Read more...