ICYMI: Uni-DDoS; AI detection; Dentists hit; Nuke strategy, NCSC opens
ICYMI: Uni-DDoS; AI detection; Dentists hit; Nuke strategy, NCSC opens

University attacked by its own vending machines and other IOT devices

An unnamed University was attacked by some 5,000 campus devices, from its vending machines to light sensors, “and all IOT devices” according to the Verizon 2017 Data Breach Digest (DBD) released this month.

Talking to SCMediaUK.com, Laurance Dine leader of Verizon's digital forensics team in Europe, explained that a primary facilitating factor was that the University's administrative network was inadvertently connected to its IoT device network.  The attacker appears to have come in through the admin network and changed the default credentials on the devices, and given them new passwords. More...

Signature-based malware detection not as good as AI, says ICIT paper

Signature and behavioural based anti-malware are no match for next generation adversaries who use mutating hashes, sophisticated obfuscation mechanisms, self-propagating malware and intelligent malware components, according to the findings of a new report.

The report, published by the Institute for Critical Infrastructure Technology (ICIT), said that it is “no longer enough” to detect and respond  to cyber-attacks and that artificial intelligence (AI) is necessary to offer the predictive quality that can give organisations a “much-needed edge on their more sophisticated, less burdened, and more evasive adversaries”. More...

Ransomware: could dentists and GPs be the next victims?

Cyber-criminals could be focusing their attention on smaller targets in the healthcare sector with Ransomware the number one security concern for organisations.

Ransomware is becoming so lucrative for cyber-criminals that the FBI believes it could become a US$1 billion dollar industry very soon. In 2015, the FBI reported losses of US$24 million (£19 million), but in the first quarter of 2016 alone, losses of US$209 million (£171 million) were reported – an extraordinary increase in such a small space of time. More...

Nuclear industry gets new cyber-security strategy from UK government

Addressing fears that critical nuclear facilities could fall foul of a cyber-attack, a new Civil Nuclear Cyber Security Strategy has been issued by the Department for Business, Energy and Industrial Strategy in the UK.

BEIS says the strategy helps ensure the UK has a secure and resilient energy system “by ensuring that the civil nuclear sector is able to defend against, recover from, and is resilient to evolving cyber threats”.More...

Queen opens NCSC headquarters, ushering in new era in cyber-security

The National Cyber Security Centre (NCSC), which has been operational since October 2016, was officially opened by the Queen.

The Centre will disseminate best practice on cyber-security and act as a clearinghouse for threat intelligence. The NCSC remit includes providing support and guidance to both public and private sectors on cyber-threats as well as consulting on and helping deal with attacks on critical infrastructure and large institutions. It has offered trial services in discovering vulnerabilities and worked with critical infrastructure providers to bolster their security. It will also be helping to train young people in the field and devoting resources to research and development. According to its CEO, Ciaran Martin, its job in a nutshell is “to make the UK the safest place to live and do business online”. More...