Login

Register

Login

Register


Organized crime groups are increasingly looking at ways to physically access IT infrastructure via insiders in contracting firms, police cyber-chiefs have warned.

Shelton Newsham, manager of the Yorkshire and Humber Regional Cyber Crime Team, reportedly told the SINET Global Cybersecurity Innovation Summit last week that gangs are placing their own people in cleaning companies, in order to target corporate networks.

“Exploitation of staff is a key area”, Newsham said, according to CBR.

“Organized crime groups are planting ‘sleepers’ in cleaning companies that a procurement team may look at bidding for. There’s no way of auditing their vetting. They’ll also using people in painting and decorating firms; anyone who has out-of-hours access to a building is fair game.”

Jake Moore, cybersecurity specialist at ESET, argued that both cyber and physical security are crucial to maximizing protection of corporate assets, but that it’s a difficult message to get through to the board, especially given the costs involved.

“The best way to realize a business’s own flaws is to conduct a basic penetration test that involves both physical and cyber-threat vectors, and this will easily highlight where those risks lie,” he added.

“It would be arrogant to think that your business does not have weaknesses, so it is best to test these out using red team professionals who will acknowledge any weak points that need addressing.”

The warnings from Yorkshire police echo those made at Infosecurity Europe last year, when Holly Grace Williams, technical director at Secarma, argued that physical intrusions too often go unreported by staff.

CISOs don’t just have to worry about cyber-criminal gangs exploiting physical access to target IT systems. Last year a former college student pleaded guilty to vandalizing computer equipment at his alma mater, the College of St. Rose in Albany, New York.

Vishwanath Akuthota used a “USB Killer” device he bought online to destroy IT kit with an electrical charge.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW