Microsoft 365 servers contain extremely sensitive information and most organisations simply cannot do without it for an extended period of time. Zero-day attacks – those attacks that take advantage of a vulnerability in software or firmware, and found by cybercriminals before a vendor can issue a fix – are one of the cybercriminal’s greatest advantages.
Often providing privileged access, zero-day attacks become the means for a single cybercriminal group to potentially gain access to literally tens or hundreds of thousands of organisations in every geography, industry vertical, size and country. There are even posts on the dark web by cybercriminal gangs offering as much as $3 million for a zero-day remote code execution exploit.
According to a recent analysis, there were 80 zero-day vulnerabilities exploited in 2021, a 166% increase from 2020, with Microsoft, Apple and Google products most frequently targeted.
Over the last month the J2 Software team have noticed an increase in an evolved method in change of bank details or payment fraud. While this might sound like old news, this now more directly involves the CEO.
Traditional payment fraud has been rife for some time where the cyber criminal impersonates the CEO, or other senior members of staff, to convince the finance department to make an urgent payment to either a new supplier or update their bank details. The change of bank detail fraud uses fake banking confirmation letters and the trust of finance people to update an existing supplier’s details. The growing number of successful attacks have proven to be very costly to businesses of all sizes. Owing to this, many businesses have now implemented stronger verification processes to verify supplier bank details changes, which means that the criminals have had to change their approach and tactics.
This trend involves an internal change of bank details, mostly for the CEO. The cyber criminal impersonates the CEO by using an external email address, claiming that it is their private email address, and requests that their bank details for payroll is updated. All of these use similar wording and it is usually done a week before payroll, to stress the urgency. To make sure that they pay their CEO, many of these changes have been successful. The finance or HR team update the details and the cyber criminal is paid, after which they rapidly get the money out before anybody notices.
Cyber criminals constantly adapt their approach to deceive their targets and increase their success rate. The J2 cyber security team have seen a new trend developing that speaks directly to this phenomenon.
Our team have been involved in several investigations in the last few weeks and uncovered an adapted approach to completing a successful change of bank details fraud. The attack method is not new, the execution has simply evolved.
Many people have seen and encountered the standard approach to change of bank details fraud, also known as Invoice fraud, where an attacker pretends to be one of your suppliers, creates fake change of bank details letters and emails the accounts department to get bank details updated and then makes off with your heard earned cash…
This article is aimed primarily at those security operation center operatives who believe they are ready to move to a higher tier in their work but find themselves imprisoned in entry level roles. Alcatraz was a legendary prison encircled by guards, a cold sea, and hungry sharks. It was terribly boring to live there, and difficult to leave.
My purpose in writing this is two-fold, firstly to help you identify if you are a tier 1 thinker, and secondly to offer some suggestions on how you might elevate yourself into a more desirable role. I’m breaking up this article into two parts. This first article is the reality check. The second article will suggest some tangible learning paths and provides practical examples, texts, blogs and/ or training pathways.
Let me preface this article by making the point that a marine biologist at Alcatraz would have a quality of life that is far higher than other prisoners. They have an opportunity to grapple with sharks directly. The best marine biologist would dispense with dreaming of access to labs and spend their time with basic tools, taking notes and classifying type, studying behavioral anomalies, and preparing texts to publish.
‘Not every prisoner is a marine biologist’. To this I respond, “Every prisoner in Alcatraz had the opportunity to become one.” Some of you are working in second languages, come from backgrounds where your exposure to computers at home was limited or non-existent, or face other challenges.
You can be great at what you do, overcome your limitations, and achieve your goals, but it requires time, energy, and commitment. It requires more than doing one thing well and ticking boxes.
We have recently seen an increase in these types of cyber attacks. The cyber criminal bypasses your email security by using a trusted service and website (in this example they use Survey Monkey, with a free account). The email is made to look like a notification from the South African Post Office. This tells the user that they have a parcel for delivery, which requires a payment to be delivered.
Attack on credit bureau exposes 24 million South African's personal details By Cybersecurity expert and J2 Software CEO John Mc Loughlin
South Africans now have another thing to worry about, their personal information has been lost to a fraudster who has gained access to 24 million people’s information. The information in question is the exact detail required to access banking information, access accounts and steal identities. The exact end game is not clear, but the possibilities are endless.
The initial hype around Experian mentioned they had been hacked and data was stolen. With additional detail it seems that none of the systems were breached and the personal information of 24 million South Africans was lost due to an internal failure.
Today is bittersweet. 14 years ago today I walked into my first day at a new job. The first day of J2 Software. After months of planning, setbacks, re-planning, negotiation, doubt and confidence the first day in our “office” was here.
3 April 2006 and I proudly walked into the warehouse area of E-Bis armed with 2 laptops, a laser printer and a 3G data card the size of my left hand. Jason still had a month’s notice to complete at his previous employer so it would be a few more weeks before we got to share that desk and 3G card to get our message out there. Jason and I would have to talk on the telephone after hours as the first days flew by. Those were great times, difficult times, exciting times. We were freezing in winter and melting in summer. Driving in panic to Vereeniging for damage control and celebrating some amazing wins.
We had customers who bought from us so that they could stop people going to Facebook or playing Farmville and watching YouTube at work. This was a time when the cost of bandwidth meant that it should be saved at all costs. The world has changed so much.
Now 14 years later, I proudly walked into my home office as the world is such a different place and our entire team is spread across the country safely holed up in their houses. The excitement to “go to work” remains the same and the passion to build a proudly South African security focused technology business burns stronger than ever.
Days like today give me reason to reflect and I have to say that even with all the setbacks, economic crises and challenges along the way, I am so proud of what J2 has achieved in 14 short years. We have endured several global downturns and now we are living through a pandemic, but I am sure of one thing – we will not only survive this, we will thrive through it. The human tragedy unfolding around us has caused me to revaluate many aspects about the business and the relationships we have with our team members, suppliers and customers. J2 is focused on being part of a massive bounce back and explosion of South African business. The next 12 months will be good, we will make sure of it.
I remember every small victory and every single difficult decision. The stresses around cash flow and gut-wrenching difficulties through chemotherapy and radiation. All of this made us champions of resilience.