Are you afraid of the dark (net)?

1 May 2017 Editor's Choice, Information Security

IT and business media are increasingly full of the threats posed by cybercrime. Based on my own extensive experience the threat is not exaggerated.

Many of the threats are underpinned by something called the Dark Web, or Dark Net. This term refers to an overlay network that exists in parallel to the Internet, which can only be accessed using specific software like a TOR (an application browser used on the dark web) browser, configurations or authorisation.

Dark nets are quite transient, appearing and disappearing at unexpected times. They contain a vibrant and thriving e-commerce sector in which participants trade in illegal goods and services. These markets offer goods like drugs, counterfeit money, stolen IDs, credit card details, and website and corporate access credentials.

Where do these thriving markets in this hidden cyber world get the goods they are selling in such quantities?

The answer is from you, or your network, often through a compromised device. Upon investigation, it is also clear that in almost every incident, the user and the people responsible for managing the computers and networks did not even know they had been compromised. In other words, they do not know to take post-factor remedial action.

An additional factor is that even a person with limited experience can quite easily access the tools and services needed to hack into sensitive data and credentials. In uncertain times, people look for new ways to make a little bit extra. These amateur hackers are compounding the already severe problem posed by criminal syndicates.

More attacks, more loot

As a result, we are seeing an unprecedented rise in the type and number of attacks on inexperienced and ill-prepared ecosystem users in an attempt to steal information or access records.

Here’s a typical scenario: a user innocently clicks on a link to view an ‘interesting’ news article. He or she is taken to a compromised advertising site and a piece of malware is surreptitiously delivered onto the user’s device. When this happens, users need to know instantly that something untoward has happened so they can react before too much damage is done.

The latest malware attacks typically do one or more of the following:

• Check Internet connection and security settings.

• Download and run malicious files or ransomware.

• Report status to the author or attacker.

• Execute instructions on the devices they have penetrated.

• Automatically upload information taken from devices and the networks to which they are connected.

• Change administration privileges and validate security certificates.

The only way to counteract these and similar threats is to commence with an approach and understanding that all networks are dangerous. By adopting this approach, you promote a culture of ‘secure thinking’, cognisance of the dangers which in turn leads to responsible usage by all staff and network administrators. But it is vital to also ensure that you have real-time visibility of anomalous activities on both the Internet and your devices connected to it.

Ask yourself, or better still, find out who can support you on your journey in terms of becoming a more informed member of the human firewall chain and ensure they ask:

• Do you know whether a new piece of software (or malware) has been loaded onto your device? Or any device on your network? Is data being copied to an external source in the background?

• Are new files being run that are collecting data in a central place on or off a trusted part of your environment?

If you do not have immediate visibility into unauthorised changes, you are most probably already at risk or even worse, are already a member of a growing member of the coalition of the compromised.

For more information contact J2 Software, +27 (0)11 794 8301, john@j2.co.za, www.j2.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Data security and privacy in global mobility
Risk Management & Resilience Information Security
Data security and privacy in today’s interconnected world is of paramount importance. In the realm of global mobility, where individuals and organisations traverse borders for various reasons, safeguarding sensitive information becomes an even more critical imperative.

Read more...
Sophos celebrates partners and cybersecurity innovation at annual conference
News & Events Information Security
[Sponsored] Sun City hosted Sophos' annual partner event this year, which took place from 12 to 14 March. Sophos’ South African cybersecurity distributors and resellers gathered for an engaging two-day conference.

Read more...
Enhance control rooms with surveillance and intelligence
Leaderware Editor's Choice Surveillance Mining (Industry)
Dr Craig Donald advocates the use of intelligence and smart surveillance to assist control rooms in dealing with the challenges of the size and dispersed nature common in all mining environments.

Read more...
A long career in mining security
Technews Publishing Editor's Choice Mining (Industry) Risk Management & Resilience
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

Read more...
A constant armed struggle
Technews Publishing XtraVision Editor's Choice Integrated Solutions Mining (Industry) IoT & Automation
SMART Security Solutions asked a few people involved in servicing mines to join us for a virtual round table and give us their insights into mine security today. A podcast of the discussion will be released shortly-stay tuned.

Read more...
Risk management: There's an app for that
Editor's Choice News & Events Risk Management & Resilience
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Read more...
Integrated information platform for risk management
Editor's Choice News & Events Risk Management & Resilience
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Read more...
Unlocking Africa's AI potential
Editor's Choice News & Events AI & Data Analytics
Africa's AI market is set to grow exponentially; by investing in AI education, training, and ethical practices, African nations can harness the power of AI to transform the continent and create a brighter future for its people.

Read more...
The CIPC hack has potentially serious consequences
Editor's Choice Information Security
A cyber breach at the South African Companies and Intellectual Property Commission (CIPC) has put millions of companies at risk. The organisation holds a vast database of registration details, including sensitive data like ID numbers, addresses, and contact information.

Read more...
Global Identity Fraud Report revealing eight-month ‘mega-attack’
Editor's Choice Risk Management & Resilience
AU10TIX recently released its Q4 Global Identity Fraud Report, with the research identifying two never-before-seen attack patterns, with the worst case involving 22 000+ AI-generated variations of a single U.S. passport.

Read more...