Quote of the Week
Insider threats are not viewed as seriously as external threats, like a cyber attack. But when companies had an insider threat, in general, they were much more costly than external incidents… The insider that is smart often has the right skills to hide the crime, sometimes forever.
— Dr. Larry Ponemon, on the impact of IT security threats from company insiders
Terry Petrill was supposed to be working on cybersecurity for his employer. But according to court documents, he was working on his personal financial security instead—and now he is headed to jail. Petrill was the IT security director for Horry County, South Carolina. His sentencing records say he got into a criminal routine that made him a successful insider threat for more than three years. “Petrill ordered 41 Cisco 3850 switches that were to be installed on the Horry County Network. When the switches would arrive, Petrill would maintain custody of the switches and advised that he would handle the installation.” But instead of installing them, he advertised them for sale… Read more
Remember the old days when high school kids came up with creative ways to get out of taking a test? Some of them would pull the fire alarm. Then came the “phone in a bomb threat” trick, which led to criminal charges in a few cases. And now, with many schools going virtual, the get out of school tactics are moving into the cybercrime realm. Just ask the Miami-Dade County Public School District… Read more
Sudhish Ramesh was an engineer at Cisco. Like engineers at a lot of companies, he resigned and moved on. But a few months later, he gained unauthorized access to Cisco’s cloud environment and caused more than $2.4 million in damage. Ramesh just pleaded guilty to the crime in a Silicon Valley courtroom. The U.S. DOJ published details of his plea which specifically targeted Cisco’s WebEx Teams app… Read more
Original release date: September 4, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business organizations worldwide. A DoS attack is accomplished by flooding the targeted host or network with traffic until the target cannot respond or simply crashes, preventing access for legitimate users. In a DDoS attack, the incoming traffic originates from many different sources, making it impossible to stop the attack by blocking a single source. These attacks can cost an organization both time and money while their resources and services are inaccessible.
If you think you or your business is experiencing a DoS or DDoS attack, it is important to contact the appropriate technical professionals for assistance.
- Contact your network administrator to confirm whether the service outage is due to maintenance or an in-house network issue. Network administrators can also monitor network traffic to confirm the presence of an attack, identify the source, and mitigate the situation by applying firewall rules and possibly rerouting traffic through a DoS protection service.
- Contact your internet service provider to ask if there is an outage on their end or if their network is the target of an attack and you are an indirect victim. They may be able to advise you on an appropriate course of action.
For more information, see CISA’s Tip on Understanding Denial-of-Service Attacks.
Almost anything with an internet connection can be hijacked and used in a malicious botnet attack–IoT devices are especially popular targets. Learn how to spot and prevent this malware threat.