A hacking and cyberespionage group is currently targeting industrial control systems at energy companies. According to a survey by Symantec they have broken into 27 corporate networks so far. The Dragonfly group, also known as Energetic Bear is using spear phishing campaigns and malware-infected websites to collect credentials for corporate networks. Dragonfly has been active since at least 2011 and was exposed by security analysts in 2014. Afterwards, the group seemed to go underground and has only recently emerged again in the public eye. Symantec researchers refer to the current attacks as “Dragonfly 2.0” because they replicate many aspects of the previous attacks. The attacks target industrial control systems (ICS) which belong to companies that operate pipelines, generate electricity, and other energy-related companies. The Dragongly group appears to be particularly active in Switzerland, Turkey and North America.
Sometimes it’s hard to believe the stories we read. In the case of CEO fraud incidents, cybercriminals earn double-digit sums in the millions by persuading employees that they are acting on behalf of the CEO or another senior manager. Employees then transfer the required amount to an alleged account of a partner or supplier, based only on an e-mail or telephone request without seeking reassurance. CEO fraud follows a similar method to telephone cons targeting the elderly but causes significantly higher financial damage. In mid-2016, an international network was unraveled which was alleged to have earned USD 60 million through the cybercriminal methods of Business Email Compromise (BEC) and CEO fraud. Similar attacks are now occurring on a daily basis in Germany, with similar dramatic consequences.
Smartphones are part of everyday life, either for private or professional use. However, while many users have taken basic measures to protect their desktop PC or laptop, this is not the case for mobile devices. A study by Consumerreports.org showed that in 2014 one third of all American smartphones did not have a single security measure, neither a PIN code, nor anti-virus software, let alone encryption. This may look different for professional and enterprise managed devices, but many use their personal mobile device at least partly for professional purposes. This means that links, files, photos, contacts and other internal company data are stored on personal smartphones. This makes easy pickings for a thief or digital attacker.
President Donald Trump’s recent decision to overturn rules set by the Obama administration to stop Internet service providers (ISPs) from selling everyone’s browsing data to advertisers and other third parties has re-opened the Internet privacy debate. The development adds to existing concerns about the potential for hackers to intercept sensitive data when communicating with the office from home or out on the road. A Virtual Private Network (VPN) provides an encrypted connection for remote network access. This is a very effective way for businesses and individuals to prevent outsiders from intercepting sensitive data. There are a number of key business benefits for VPN.
The U.S. space agency NASA uses a network of high powered communications antennae and transmitters around the world to track and exchange data with dozens of man-made probes and satellites travelling through space. Known as the Deep Space Network, the infrastructure is responsible for managing and monitoring the general health and safety of spacecraft currently engaged in valuable scientific research projects. Perhaps less widely known is the fact that Virtual Private Networks (VPNs) form a vital component – providing secure and reliable communications for machine-to-machine (M2M) and telemetry data passing across the network.
In recent years, the way we work has transformed. The rise of ever more powerful mobile devices has freed us from our desks. Our Internet-enabled smartphones and tablets allow us to remain constantly connected even while we are on the move. Sensing a business opportunity, carriers have responded by providing Wi-Fi hotspots for our convenience in public spaces everywhere – from coffee shops, restaurants, shopping malls, hotels and exhibition halls to trains, airports and even airplanes. Tempting as it may be to use them to reduce any idle time, public Wi-Fi hot spots are not without risks. There are over 100,000 unsecured public Wi-Fi hotspots around the world. Furthermore, employees often fail to follow best practices. It only takes one mistake for sensitive company data to be jeopardized. However, by deploying VPNs and following some simple guidelines it is possible for organizations to overcome these risks and ensure all employees are equipped to secure their mobile client connections.