cyber – Fabella Security

New Year, New Cyber Habits: Top 10 Cyber Hygiene Resolutions for 2023

Posted on January 5, 2023October 24, 2023 by Greg Price in Articles

As the year’s first rays dawned, many of us uncorked the champagne, reflected on the past, and scribbled down those classic New Year’s resolutions. From hitting the gym (or at least stretching once in a while) to finally reading that book gathering dust on the shelf – the New Year has always been a beacon of fresh starts and renewed commitments. But why not add a resolution that can protect something incredibly valuable yet often overlooked? Your digital well-being.

Given that more of our lives are entwined with the digital realm, ensuring your cyber hygiene is as refreshed and revitalized as your new workout plan becomes crucial. Let’s dive into the top 10 cyber resolutions you should consider adopting this 2023:

Password Perfect: No, “password123” is not a secure choice. Commit to strengthening and diversifying your passwords. Consider using a password manager, so you only need to remember one master password. With cyberattacks on the rise, this is akin to changing the locks on your front door.
Two Steps Ahead: If you’re not using two-factor authentication (2FA) on your crucial accounts, it’s time to embrace it. Yes, it’s an extra step, but it’s also an extra layer between your data and potential hackers.
Update and Elevate: Remember that pesky notification you’ve been swiping away for months? Updates aren’t just about introducing fancy new features; they often patch security vulnerabilities. Regular updates can be the difference between a smoothly running device and a malware-riddled one.
Declutter Digital Desks: Much like that closet you’re vowing to clean, your digital space likely needs some tidying. Delete apps you no longer use, especially if they have permissions that access your personal data. A leaner device is often a safer device.
Back It Up: Imagine spilling coffee on your device and realizing you’ve lost everything? Nightmare-ish, right? Regularly back up essential files to an external hard drive or cloud storage. If disaster strikes, you’ll have a digital safety net.
Wi-Fi Wisdom: Free public Wi-Fi is tempting, especially when you’re sipping a latte and browsing. However, they’re also a playground for snoopers. If you must use one, avoid accessing sensitive accounts or use a VPN to cloak your activities.
Email Enlightenment: Phishing scams are ever-evolving, but a touch of skepticism can go a long way. Questionable sender? Unsolicited attachments? When in doubt, don’t click. Think of it as digital stranger danger.
Social Media Savviness: We love sharing, but oversharing can be perilous. From vacation plans to your pet’s name (often used as security answers), be wary of what you post. And while we’re on the topic, review those privacy settings.
Educate and Advocate: Keep abreast of the latest in cyber threats and safety measures. Consider subscribing to a cybersecurity news outlet, the one you’re one is a good start. The more you know, the better you can protect yourself. And share the knowledge; after all, caring is sharing.
E-Commerce Caution: Online shopping is a delight, but not when your credit card details end up in the wrong hands. Use trusted websites, always look for the ‘https’ in the URL, and consider using a credit card over a debit card for better fraud protection.

Tying it up with a bit of cheer – while cyber threats might sound like the plot of a sci-fi thriller, with proactive steps and awareness, they don’t stand a chance against you. Let’s raise our glasses (or coffee mugs) to not just a year of personal growth and achievements but also to a year of robust digital health and fortified cyber barriers.

So, go on, adjust those New Year’s resolutions. Slide in a few from the list above. Here’s to making 2023 not just prosperous and fulfilling, but cyber safe!

Stay updated, stay secure, and remember – a moment of prevention in the cyber world can save hours of digital heartbreak. Cheers to a cyber-smart 2023!

Why is Education a Cyber Target?

Posted on February 13, 2020 by Greg Price in Articles

As a computer technologist, an innate bias envelops the word “technology”; whenever I hear the word, I immediately think of computers, software. Similarly, when a reference to security arises, instantly I think of cybersecurity.

Our modern-day society is predicated on many forms of technology and a collective desire to progress is inextricably intertwined with the advancement of technologies. Among those technologies, undoubtedly, are computers, applications and a fascinating blend of things yet-to-be contemplated.

So, for these comments, please share my predilection that technology inherently suggests some form of computer technology.

Our schools are reliant on technology. The business of learning and fostering knowledge is deeply steeped in efficient, reliable technology.

Computers provide access to boundless resources; we no longer refer to libraries as libraries, rather, they are media centers. I haven’t seen a card catalog in two decades – the physical volumes of the media center are cataloged within a database. Student ID cards reveal identity and serve as a digital passport for access to food services, secured structures, sporting events, the media center. Classrooms exhibit smartboards, digital displays, interactive media and mobile devices.

The hallways are guarded by closed-circuit television. Textbooks are often paperless. Computer labs are an anachronism – some schools issue tablets, laptops to students. With the proliferation of high-speed wireless networks, the students and faculty are always “plugged” in.

I doubt any of these comments are shocking to anyone.

How are these technologies sustained?

A new version of my cellphone appears every fall, every three weeks my software provider announces a new update, every day my computer installs new antivirus and anti-malware defenses, new firmware for my home router arrives, my wireless cameras exceed storage space, and on and on and on.

Take those individual pieces and multiply them by a few thousand, by several thousand. The annoying becomes overwhelming.

Yet, technology is easy, right?

Developers march forward, seeking greater expansion and application of the newer and the better. Vendors offer their wares as the next generation of the latest and greatest. Rapid development techniques and intuitive user interfaces suggest greater advancement coincides with simpler management, lowered costs and ease-of-use.

But, don’t be fooled.

Today’s technology is incredibly complex. The digital architectures upon which our devices operate, and information flows require constant observation and maintenance. The rapid development of software results in flawed, error prone products. Our penchant for chasing the connection of all things creates an awkward mash-up of inter-connected devices.

The requirements to manage thousands of digital devices and software and users requires resources.

Most organizations, including educational entities, do not have adequate information technology resources.

As Frankenstein networks emerge, combined with increasingly fragile software and high-speed cyber highways, the opportunity for security risks rise significantly.

Every school hasn’t replaced textbooks with tablets; every classroom isn’t equipped with a smartboard and digital display. Without a doubt, variability in the use of, and adoption of, technology exists among our schools. However, the single thing that exists among all entities is security concern.

Technology adoption will increase. With the growth, security concerns will flourish. Inadequate support resources coupled with frightening risk is a recipe for disaster.

And the bad guys know it.

Why do would-be bad actors target education?

Opportunity is abundant and the environment is ripe with desirable goods.

Educational organizations house treasure troves of personal information: employee and student biographical data, health data, financial data, performance data.

Data is the new currency. With data, a bad actor can buy, sell, trade for practically anything. With data, a bad actor can embarrass, attack, impersonate another.

Technology presents fabulous opportunity for students and teachers. Similarly, technology presents opportunity through unmanaged risk for exploitation and manipulation by those who endeavor to cause harm.

Recent events underscore the value of adequately addressing cybersecurity needs in our schools. Ransomware has crippled school systems, phishing scams resulted in lost funds, hijacked credentials ended in reputation ruin, and the list goes on.

In a recent discussion about computer resources being held hostage, a participant stated to the group that “we can teach without the computers.” I agree to an extent. We can also teach in temporary shelters following a natural disaster, but should we?

Technology isn’t going away; we must increase our awareness to the threats presented by technology and work to safeguard our students and employees from the effects of cyberthreats.

In order to close the gap in our defenses, the community must commit to supporting educational technologies comprehensively.

If you employ technology, you have risk. If you collect student and employee data, you possess a commodity desirable by those who have the knowledge and means to do “evil”.

What should we do?

Support is needed. A structured, pragmatic approach to managing and mitigating the cyber risk is here. Prescribing awareness and best practices are a solid foot forward. However, to achieve maximum effectiveness, we must provide the proper resources and guidance to ensure that adequate controls are in place.

Additionally, we need to expect and request more from our technology developers and integrators – we’re not alone in this voyage.

Charges Against Evil Corp

Posted on December 6, 2019December 6, 2019 by Greg Price in Uncategorized

I enjoy all manner of spy entertainment – books, movies, documentaries, whatever, the notion of spies has always captivated me.

Most of the materials, especially the fictional ones, spin wild yarns highlighted by incredible evildoers and complex backstories. Yet, contrastingly, the bad operators are often identified with rather simple, even silly names.

Think of the James Bond series. The cast of villains reads like a strange nursery tale: Dr. No, Goldfinger, Elektra, Mr. Big, Mr. White, and so on.

As we read or watch these tales, the names are often symbolic of the character – perhaps a personal flaw or some association with the antagonist’s endeavors. Nonetheless, the names seem overtly fake or contrived.

Often fiction becomes reality, especially in the cyberworld.

This week, the US Department of Justice brought charges against a Russian citizen. The charges include computer hacking and various fraud charges, totaling ten indictments.

The supposed Russian hacker, Maksim Yakubets, is reported to be the leader of Evil Corp.

What? Wait.

You read that correctly, Evil Corp. Those of you who are fans of Mr. Robot will likely recall the name.

Evil Corp is a Russia-based cybercrime organization that is well-known for the development of the malware Dridex. Dridex is a sophisticated application, designed with the intent of automating the theft of online banking credentials from computers infected by the malware.

Dridex spreads in a common fashion, via email. The phishing messages dupe readers into clicking a link or opening an attachment. The action launches the installation of Dridex, infecting the computer. The malware harvests user credentials for financial institutions and transfers funds from the victims’ accounts to accounts controlled by Evil Corp.

Some estimates suggest that Evil Corp, through its Dridex malware, has infected countless computers in 40 countries, accessing accounts held in over 300 banks. The US Treasury and Department of Justice estimate that Evil Corp has stolen at least $100 million over the past four years.

Evil Corp functioned as a business. Daily operations were overseen by Maksim Yakubets from Moscow. Yakubets managed the group’s cyber-activities through a network of experienced, trusted cybercriminals.

Some of the associates of Evil Corp are affiliated with other significant malware, including: Zeus, Jabber.

The criminal complaint against Yakubets is accompanied by a $5 million reward for information leading to his capture.

Additional information reveals that Yakubets also provided assistance to the Russian government. Russian intelligence agencies may have sought material assistance from Yakubets in the form of collection of confidential documents.

In addition to the charges against Yakubets, sixteen other Russian individuals were charged. They assisted in the maintenance of the malware software, identification of victims, and laundering of the stolen funds – all appear to be members of Evil Corp.

The indictment references Bugat as the original name of the malware; apparently the group worked on multiple iterations of the malware, and, changed the name along the way.

So, how did the US government identify the group and its leaders?

It all started with a name, or, more specifically, a handle.

Yakubets was known as “aqua” among his peer networks.

In chat transcripts related to the Zeus operations, “aqua” references appeared. The transcripts suggested that “aqua” managed various operations and facilitated bank transfers. Some online resources suggest the Russian government offered slight assistance in identifying Yakubets as well; however, those seem to contradict his alleged assistance with Russian intelligence efforts.

In addition to operating a massive malware operation, the Evil Corp facilitated franchises of their operation.

The court documents reveal that Yakubets provided a UK resident with access to Bugat malware for $100,000 up front, plus 50 percent of all revenues, with a minimum weekly guarantee of $50,000 for Yakubets. The arrangement also included technical support for the malware and transfer of stolen funds.

Given that some estimates indicate that Evil Corp operated for nearly a decade, stealing hundreds of millions of dollars from individuals and banks across the globe, one can’t help but wonder how did the collection of savvy hackers persist for so long.

Adaptation was the core of their lengthy success.

Over many years, Evil Corp changed their tactics from a centralized control design to an ad-hoc effort. In doing so, they forged a trail that was challenging to follow due to its seemingly disparate connections. Additionally, they altered the malware to accommodate changes in detection mechanisms, improved the phishing messages and converted from wire transfers to cryptocurrency for ferrying of the stolen monies.

A collection of online photos show Yakubets with supercars and other lavish items. Many wonder if the $5 million reward and US indictments will do anything to remove him from Russia and the comfort that tens of millions of dollars affords.

Unlike the common spy movies and characters that I mentioned earlier, there is little honor among cybercriminals. In particular, most notorious hackers relish anonymity and secrecy. Having one’s face displayed on wanted posters and highlighting major news outlets doesn’t foster a cloak and dagger lifestyle.

And, the promise of $5 million will definitely test the strength of perceived friendships among those who seem motivated by money. For now, I suppose we’ll have to wait and see if the spotlight shines on Evil Corp sufficiently to flush out the supposed evildoers.

In the meantime, watch what you click – you never know when a villain from a multinational cybercriminal organization is looking to take your hard-earned money.

Be safe and watch out for Dr. Phish.