Presentation is loading. Please wait.

Presentation is loading. Please wait.

January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED.

Published byRudolph Lambert Modified over 8 years ago

Similar presentations

Presentation on theme: "January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED."— Presentation transcript:

1 January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED

2 Current Threats  Teenage Cyber Crime Awareness  Investigation Update  Malware  Ransom32 Action Fraud Reports from the South West Region  PBX/Dial Through Attack Miscellaneous  CiSP  New non-protectively marked briefing NOT PROTECTIVELY MARKED

3  The SWRCCU are dealing with increased incidents in relation to teenage cyber crime. Help your children make the right choice and stay clear of cyber crime.  Please full screen to watch the video. NOT PROTECTIVELY MARKED

4 Investigation Updates: Ransomware  We are currently investigating a ransomware attack against an organisation in which a laptop holding sensitive information was infected.  This attack may be linked to the new Ransom32 malware. NOT PROTECTIVELY MARKED

5 Malware: Ransom32  New easy-to-use ransomware code has been discovered – it has been named Ransom32 and is believed to be a first of its kind. It is known to affect Windows, Mac and Linux.  The malicious code and administration system are written in the web languages HTML, CSS and JavaScript, which are commonly used on mainstream websites. It manipulates the JavaScript framework to infiltrate the victim’s computer.  The Ransom32 code is freely downloadable from one dark web site and can be downloaded by anyone who pays with Bitcoin.  Ransom32 has been designed for users who lack technical skills to create their own brand of ransomware. NOT PROTECTIVELY MARKED

6 Malware: Ransom32 (continued…) Infection:  The main method of distribution is currently via email, though it is also possible to unknowingly download the malware from a compromised website.  The malware arrives embedded in a self-extracting RAR (compressed) file.  Ransom32 will connect to a command-and-control (C&C) server over the TOR anonymised network.  Once the malware has infected a system, victims can be locked out of their computer and asked to pay a ransom via Bitcoin currency to regain access.  The malware looks for and scrambles a huge variety of files including images, movies, documents and data archives.  It is highly unlikely that any encrypted files will be recoverable. Paying the ransom is no guarantee of getting the files back. NOT PROTECTIVELY MARKED

7 Malware: Ransom32 (continued…) Prevention:  Make sure anti-virus and malware scanners are running and up-to-date.  Be very cautious of unexpected emails in your inbox and do not open any attachments from unknown sources.  Keep your web browsers and Java installations up-to-date.  Do not open an executable files that may appear randomly on your computer, unless you are familiar to it.  Make regular backups. Backup all sensitive data and personal files and store them offline on a different media such as an external hard drive.  Avoid surfing “questionable” sites. NOT PROTECTIVELY MARKED

8 Hacking PBX/ Dial Through We have received a report of a PBX/Dial Through attack on a dental lab based in Devon. The telephone system was compromised and calls were placed to premium rate numbers resulting in a financial loss of £343. In order to prevent yourselves becoming the next victim:  Use strong pin/passwords for your voicemail system, ensuring they are changed regularly.  If you still have your voicemail on a default pin/ password change it immediately.  Disable access to your voice mail system from outside lines. If this is business critical, ensure the access is restricted to essential users and they regularly update their pin/ passwords.  If you do not need to call international/ premium rate numbers, ask your network provider to place a restriction on your line.  Consider asking your network provider to block outbound calls at certain times eg when your business is closed.  Ensure you regularly review available call logging and call reporting options.  Regularly monitor for increased or suspect call traffic.  Secure your exchange and communications system, use a strong PBX firewall and if you don’t need the function, close it down!  Speak to your maintenance provider to understand the threats and ask them to correct any identified security defects. NOT PROTECTIVELY MARKED

9 CiSP - Cyber Crime Threats Shared The Cyber Security Information Sharing Partnership (CiSP), which is run by Cert-UK, is an information sharing platform used to share and publish cyber crime threat information. The aim of the platform is to allow members to take remedial action and modify their organisations to prevent cyber attacks. If you would like to join the CiSP then please sign up at www.cert.gov.uk/cisp and contact us as we can sponsor you.www.cert.gov.uk/cisp A regional South West CiSP is in place and will formally launched in March 2016; more details will be shared in due course. NOT PROTECTIVELY MARKED

10 Additional Briefing Dissemination This document has been given the protective marking of NOT PROTECTIVELY MARKED and may be disseminated outside law enforcement with no restriction. If you know anyone else who would like to receive this, please send us their e-mail address and we will add them to the distribution list. Any comments or queries please email South West Regional Cyber Crime Unit at: swrccu@avonandsomerset.pnn.police.uk 0117 372 2446 NOT PROTECTIVELY MARKED

Download ppt "January 07 th 2016 Intelligence Briefing NOT PROTECTIVELY MARKED."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Cyber security refers to the technologies and processes designed to protect computers, networks and data from unauthorized access and attacks delivered.

Cyber security refers to the technologies and processes designed to protect computers, networks and data from unauthorized access and attacks delivered.
INTERNET SAFETY FOR EVERYONE A QUICK AND EASY CRASH COURSE.

INTERNET SAFETY FOR EVERYONE A QUICK AND EASY CRASH COURSE.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
INTERNET SAFETY FOR EVERYONE

INTERNET SAFETY FOR EVERYONE
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.

THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.

Similar presentations

Ads by Google