Enter The Blockchain 2.0
The complex structure of the Blockchain technology provides one of the most innovative tools to protect our data as we head into the Fourth Technical Revolution. Blockchain introduces a level of trust that could be leveraged as a core technology for highly regulated industries including Space Travel; Health Care; Financial Markets; Supply Chains; Presidential Voting and The Internet of Things (IoT) networks to name a few.
As the world becomes ever more data-driven, data breaches become more intense and more frequent with data records exposed on an almost daily basis with potentially devastating consequences. Everyone is at risk. Today’s organizations have to shift their focus toward technologies that inherently protect and secure data. Enter the Blockchain technology.
The Blockchain technology was introduced as a way to store and send the cryptocurrency Bitcoin. However, it now has the potential to radically secure data ensuring that it is verifiable, auditable, and tamper-proof.
Blockchain effectively cuts out the middle-man
At its core, Blockchain technology is not stored on a central database; instead, it’s stored in a “distributed ledger of blocks.” As its name suggests, Blockchain is a linked set of records that includes a hash-based data structure used in distributed systems for efficient data verification that links it directly to the previous block, a timestamp for authorship and the…
View original post 577 more words
Do Not Fear Subnetting Your Network. Embrace it!
The growth of your business has increased substantially over the last several months; however, the rapid growth has also increased the network congestion resulting in slower speeds and reduced performance which are affecting end-users directly; While maintenance and problem resolution have become extremely time consuming and arduous.
Do not fear; there is a solution- ‘Subnet Your Network.’
Often, the mere mention of subnetting evokes the ‘fight or flight’ response in many individuals or is dismissed too quickly because it is considered ‘too time-consuming,’ or ‘too complicated,’ ‘the math is too difficult,’ or ‘it is only useful for extensive networks.’
In reality, the benefits are wide-ranging for a subnetted network; From the troubleshooting of network issues to having a birdseye-view into the utilization of bandwidth, traffic patterns, network efficiency and atypical activity that can drain resources, it allows for more streamlined allocation of critical resources to vastly improving network security by…
View original post 417 more words
As A Service Expands, Buckle Your Seatbelt.
Cybercrime is a thriving high reward low-risk business model, and it can be summed up easily with just-$.
In the past, there were various obstacles to overcome in order to get into the cybercriminal game. The ‘original cybercriminals’ ran a centralized operation which 
owned the servers and constructed malicious software (malware) from scratch.
This business model proved to be incredibly expensive to operate and exceedingly time-consuming; in order to make a substantial profit, large organizations were the only option.
However, similar to other ecosystems, the cybercriminal ecosystem continues to evolve. 
Today, it is a distributed system where anyone with an agenda can simply rent, lease or purchase an ‘as a Service,’ services and ‘cash in’ on their crimes.
Some of the more of the well-known as a Service, services include:
- Malware as a Service (MaaS)
- Distributed Denial of Service as a Service (DDoSaaS)
- Ransomware as a Service (RaaS)
- Hacking as a Service (HaaS)
- Money Laundering as a Service (MLaaS) to name a few.
The distributed system requires less effort because the criminals take advantage of the current ‘trends’ including the ‘human factor,’ where one in three individuals within an organization, regardless of training, will click on a phisher’s email and/or ‘low-hanging fruit’ otherwise known as the persons or organizations that despite all the warnings incur the risks with sub-par security, found easily by an exploit kit. Rather than deploying sophisticated and expensive Zero-Day attacks, now, any endpoint becomes a potential source of revenue.
As a Service, services is a flourishing business model run on the black markets found on the DarkNet such as the TOR network. TOR is a technological revolution in the 
facilitation of cybercrimes, because of the anonymity under which groups are able to operate.
Cybercriminals commit crimes directly against individuals, organizations, or governments through means such as malware attacks.
Direct methods are when resources are taken directly from the victim including
- Emptying bank accounts
- Stolen Financial Information
- Stolen Access Credentials
- Phishing
- Malware, i.e., Viruses, Worms, Trojans, and RATs
The criminals also attack in indirect manners including identity theft and fraud.
Indirect methods involves information obtained covertly from the victim which can be sold on the DarkNet including
The introduction of the cloud computing as a Service, services paradigm has brought abundant 
advantages to the information technology industry but also greater opportunities for cybercriminals.
Cybercriminals no longer need to rely on their own skills and assets to carry out exploits.
Several of these services include
- Infrastructure as a Service (IaaS) provides the rental of servers and storage devices.
- Software as a service (SaaS) provides the infrastructure enabling the dynamic production of applications.
- Data as a Service(DaaS) Data is stored in the cloud and is accessible by a range of systems, and devices.
- Platform as a Service( PaaS) allows users to develop, run and manage applications without the complexity of building and maintaining expensive infrastructure and the space required to develop and launch applications.
These cloud-based technologies afford cybercriminals with greater flexibility, greater resource management and agility in the furiously-paced technological environment allowing for even-more-dangerous and aggressive exploits.
Cybercriminals have taken full advantage of these services because they eliminate the need to maintain their own infrastructure, they can facilitate better operational security (OpSec) which adds a layer of obfuscation between the cybercriminals and the organizations hunting them while efficiently creating and distributing their malware attacks.
Another fuel for as a Service is the rise and popularity of cryptocurrencies. Cryptocurrency is
digital money that utilizes a decentralized, peer-to-peer (P2P) payment network thus making it harder to discover criminal activity.
The most utilized form of cryptocurrency is Bitcoin.
Bitcoin is used globally for legitimate organizations but is better know for the criminal exploits.
The topic of Bitcoin would not be complete without addressing the processes of Tumbling. Tumbling essentially adds an additional layer of anonymity to block attempts to track and uncover Bitcoin transactions. There are multiple ways to Tumble Bitcoins including
- Multiple Wallets Cybercriminals creates a wallet via TOR and adds Bitcoins to it. A
second wallet is created, again, utilizing TOR, and moves the funds into the second wallet. Last but not least, a third wallet is created, and the funds are moved again, thus confusing the trail of transactions between the three wallets making attribution almost impossible.
- Third Party Services DarkNet organizations offer services in order to launder
bitcoins which add a ‘proprietary obfuscation technology’ that breaks the link to the source of the funds and prevents any blockchain analysis tracking bitcoin transactions.
The DarkNet is an encrypted network built on top of the DarkWeb. Two typical DarkNet 
types are P2P used for file sharing and networks such as TOR for anonymity.
TOR which is short for ‘The Onion Router,’ provides anonymity to its users by bouncing the user’s communications around a distributed network of relays worldwide; TOR also prevents tracking of what sites are visited, prevents the sites visited, from learning the user’s physical location, and allows access to .onion sites ranging from legal to absolutely illegal. TOR can be used on Windows, Mac OS X, or Linux without any additional software.
As with all things as a Service, where there is a need, service providers seem willing to satisfy it. Moreover, as long as the return on investment (ROI) remains high, the expectation for continued investment into even more resources in order to unleash greater numbers of cybercrimes on the broadest possible range of targets will continue. Buckle up your seatbelt.
Prevention Guidelines
- Use strong passwords- Eight characters. Include upper and lower case letters, Numbers and Special Characters (!@#$%^&*(
- Adding just one capital letter, and one special character changes the Brute Force processing time for an 8 character password from 2.4 days to 2.10 centuries. Think about that!
- Adding just one capital letter, and one special character changes the Brute Force processing time for an 8 character password from 2.4 days to 2.10 centuries. Think about that!
- Never write your password on a sticky for an intruder to find.
- Group the sites you visit into categories, i.e. business, personal, sensitive, and use a password for each category.
- Activate your Firewall- it is the first line of defense.
- Use your Anti’s
- Anti-Virus
- Anti-Malware
- Anti-Spyware
- Secure your Mobile Devices-They are just as vulnerable as your computer.
- Install the latest OS updates.
- Download Applications and Attachments FROM TRUSTED SOURCES ONLY.
- Delete all unknown e-mails.
- Use encryption for all your sensitive data.
- Use HTTPS for all your transactions.
- Backup your data frequently and store it in multiple locations.
Hacking The Human 