Posts Tagged: "phishing"

When one thinks of cybercrime, it can be easy to imagine a mysterious figure in a dimly lit room sending out various phishing emails to unsuspecting victims. However, this is not always the most dangerous tactic used by hackers, according to the United Kingdom (UK) Government Communications Headquarters’ (GCHQ’s) cybersecurity arm. On June 14, the UK National Cyber Security Centre claimed that ransomware represented the biggest threat to online security for most people and businesses, with the number of incidents soaring worldwide in the last two years. And it is a problem and a threat that we must all be wary of.

On June 9, the full Senate Judiciary Committee held a hearing titled “COVID-19 Fraud: Law Enforcement’s Response to Those Exploiting the Pandemic.”  The hearing, which was led by Chairman Sen. Lindsey Graham, R-S.C., included testimony by William Hughes, Associate Deputy Attorney General United States Department of Justice, The Honorable Craig Carpenito, United States Attorney District of New Jersey, Calvin Shivers, Assistant Director Criminal Investigative Division Federal Bureau of Investigation, and Michael D’Ambrosio, Assistant Director United States Secret Service Department of Homeland Security. Following an acknowledgment of the tragic death of George Floyd by each of the witnesses, the testimony focused on the response to fraud that has resulted from the COVID-19 pandemic, including the sale of fraudulent personal protective equipment (PPE) and cyber-enabled fraud. In general, Hughes focused primarily on the Department of Justice’s response to criminal conduct relating to the COVID-19 pandemic, Carpenito focused on hoarding and price gouging, Shivers focused on fraud schemes and illicit finance activities that seek to exploit the COVID-19 pandemic, and D’Ambrosio focused on the U.S. Secret Service’s work to counter cyber and financial crimes exploiting the pandemic.

Ransomware attacks are on the rise, partly because of the ease and anonymity of crypto-currencies. In a typical ransomware attack, cyber criminals invade a computer system and encrypt key data, then threaten to destroy the data unless the victim pays the criminal a relatively minor sum (ranging from hundreds to thousands, or in rare cases, tens of thousands of dollars). Rather than trying to determine whether to agree to ransom terms, spend your time and energy preparing for an attack. Companies should consider a ransomware attack as you would any other cybersecurity breach. That is, it is going to happen, the only question is when. Sound preparation boils down to several key considerations.

Over the past few years we have seen a surge in cyber attacks against well-known organizations, each seemingly larger than the last. As cybercriminals look for innovative ways to penetrate corporate infrastructures, the challenges for brand owners to protect their IP has steadily grown… Most organizations have implemented stringent security protocols to safeguard their IT infrastructure, but conventional security measures don’t provide the critical intelligence needed to analyze cyberattacks that propagate in the Deep Web and Dark Web. It is fundamentally harder to navigate a medium where web pages are unindexed and anonymity can hide criminal activity.

During the recruiting process and job interviews, open dialogues and an exchange of ideas take place between the job applicant and the company. However, when intellectual property is involved, both employers and applicants must walk a fine line between building trust versus over-disclosure. Here are some guidelines every prospective employee and employer should know about intellectual property and the interviewing process.