10.6.19 – Cyber Intelligence News

Welcome to the CyberCure Bi-Weekly podcast transcript.

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

North Korea

Hackers from North Korea are making headlines again, this time for going after the funds of users of South Korean cryptocurrency exchange UpBit using a clever phishing method.

The hackers allegedly sent a phishing email to UpBit users earlier this week. The email falsely claimed that the exchange needed additional customer information to process a nonexistent sweepstakes’ payout for tax purposes, according to information obtained by security firm East Security.

It’s reported that a file was attached to the email which claimed to contain more information about the payout but would in fact run malicious code when opened.

running this file displayed what looked like a normal document but would activate malicious code. It would then send data about the user’s machine as well as exchange logins to the hackers and then connect the machine to a command-and-control system for later remote access.

In a clever move, the hackers password-protected the malicious file, This means that traditional anti-virus tools would not be able to detect the malicious code.

This type of attack and its characteristics was seen before and was associated with North Korea.


Ireland

Cricket Ireland, The sporting organisation was targeted in a sophisticated invoice redirect fraud in which more than €4.5m has been stolen from several businesses, clubs and individuals in Ireland this year.

Criminals hacked into the organisation’s email system and then used the information to send an email to a commercial partner giving them new bogus bank details.

Detection and recovery have proved complex due to the cross-border nature of much of its business, and the multiple currencies involved. “It’s a quagmire, and a nightmare,” said chief executive Warren Deutrom.

This type of attacks is trending among hackers lately, this attacks are usually falls under the category of Advanced Persistent Threat also known as APT , the hackers usually perform reconnaissance and intelligence gathering on specific organization and use the information gained to send an email to the organization suppliers with a request to change the bank address and transfer some amount of money.

Executing such attacks are many times easier than other types of cyber attacks as once the relevant information was gathered its enough for the attacker to open a fake email address and use it to send the emails pretending to be manager in the organization.

The only way to avoid such attacks is to make sure to implement proper procedure related to money transfers, if each transfer above certain amount needs to be reviewed by 2 saparate people, its usually enough to stop such attacks.

When designing the cyber security of networks, the right combination of security awareness and implementation of proactive and reactive cyber tools can stop most of the cyber attacks exists today and save money for the organization.

That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.cybercure.ai for the latest podcasts on cyber intelligence.

Leave a Reply