You are a SPECIAL Librarian! You are a Military Librarian!

Tag Archive | "cybercrime"

RAND: Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar

Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar
Source: RAND Corporation

Criminal activities in cyberspace are increasingly facilitated by burgeoning black markets for both tools (e.g., exploit kits) and take (e.g., credit card information). This report, part of a multiphase study on the future security environment, describes the fundamental characteristics of these markets and how they have grown into their current state to explain how their existence can harm the information security environment. Understanding the current and predicted landscape for these markets lays the groundwork for follow-on exploration of options to minimize the potentially harmful influence these markets impart. Experts agree that the coming years will bring more activity in darknets, more use of crypto-currencies, greater anonymity capabilities in malware, and more attention to encrypting and protecting communications and transactions; that the ability to stage cyberattacks will likely outpace the ability to defend against them; that crime will increasingly have a networked or cyber component, creating a wider range of opportunities for black markets; and that there will be more hacking for hire, as-a-service offerings, and brokers. Experts disagree, however, on who will be most affected by the growth of the black market (e.g., small or large businesses, individuals), what products will be on the rise (e.g., fungible goods, such as data records and credit card information; non-fungible goods, such as intellectual property), or which types of attacks will be most prevalent (e.g., persistent, targeted attacks; opportunistic, mass “smash-and-grab” attacks).

Posted in Current Events, LinksComments Off

RAND: Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar

Markets for Cybercrime Tools and Stolen Data: Hackers’ Bazaar
Source: RAND Corporation

Criminal activities in cyberspace are increasingly facilitated by burgeoning black markets for both tools (e.g., exploit kits) and take (e.g., credit card information). This report, part of a multiphase study on the future security environment, describes the fundamental characteristics of these markets and how they have grown into their current state to explain how their existence can harm the information security environment. Understanding the current and predicted landscape for these markets lays the groundwork for follow-on exploration of options to minimize the potentially harmful influence these markets impart. Experts agree that the coming years will bring more activity in darknets, more use of crypto-currencies, greater anonymity capabilities in malware, and more attention to encrypting and protecting communications and transactions; that the ability to stage cyberattacks will likely outpace the ability to defend against them; that crime will increasingly have a networked or cyber component, creating a wider range of opportunities for black markets; and that there will be more hacking for hire, as-a-service offerings, and brokers. Experts disagree, however, on who will be most affected by the growth of the black market (e.g., small or large businesses, individuals), what products will be on the rise (e.g., fungible goods, such as data records and credit card information; non-fungible goods, such as intellectual property), or which types of attacks will be most prevalent (e.g., persistent, targeted attacks; opportunistic, mass “smash-and-grab” attacks).

Posted in Current Events, LinksComments Off

WEF — Increased Cyber Security Can Save Global Economy Trillions

Increased Cyber Security Can Save Global Economy Trillions
Source: World Economic Forum

Failing to improve cyber security could cost the world economy and lead to more frequent cyberattacks, according to a new report released today by the World Economic Forum in collaboration with McKinsey & Company.

The Risk and Responsibility in a Hyperconnected World report addresses options that institutions can take to improve cyber resilience and mitigate the economic and strategic impact of such attacks. With the recent proliferation of cyberattacks, corporate executives need to devote increasing attention to protecting information assets and on-line operations.

The report notes that major technology trends, including massive analytics, cloud computing and big data, could create between US$ 9.6 trillion and $US 21.6 trillion in value for the global economy. However, if attacker sophistication outpaces defender capabilities – resulting in more destructive attacks – a wave of new regulations and corporate policies could slow innovation, with an aggregate impact of approximately US$ 3 trillion by 2020.

Posted in Current Events, LinksComments Off

CRS — The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress

The 2013 Cybersecurity Executive Order: Overview and Considerations for Congress (PDF)
Source: Congressional Research Service (via Open CRS)

The federal role in cybersecurity has been a topic of discussion and debate for over a decade. Despite significant legislative efforts in the 112th and 113th Congress, no major legislation on this topic has been enacted since the Federal Information Security Management Act (FISMA) in 2002, which addressed the security of federal information systems. In February 2013, the White House issued an executive order designed to improve the cybersecurity of U.S. critical infrastructure (CI). Citing repeated cyber-intrusions into critical infrastructure and growing cyberthreats, Executive Order 13636, Improving Critical Infrastructure Cybersecurity, attempts to enhance security and resiliency of CI through voluntary, collaborative efforts involving federal agencies and owners and operators of privately owned CI, as well as use of existing federal regulatory authorities.

Posted in LinksComments Off

Cyber Risks Extend Beyond Data and Privacy Exposures

Cyber Risks Extend Beyond Data and Privacy Exposures
Source: Marsh

Although data privacy issues may be top of mind for many organizations in managing cyber risks, they may be overlooking a potentially more severe threat: the impact of technology failures on supply chains and general operations. Technology outages and software failures resulting in supply chain and operational disruptions can cause significant loss of income, increase operating expenses, and damage an organization’s reputation.

According to “Cyber Risks Extend Beyond Data and Privacy Exposures”:

  • Unplanned information technology (IT) or telecom outages are the most debilitating source of supply chain disruption, outpacing adverse weather, earthquakes, product contamination, and transportation disruptions.
  • Although cyber insurance policies have historically been triggered primarily by data breaches and hacking attacks, many now provide coverage for a broad range of technology failures and outages.
  • The purchase of cyber insurance should be just one part of a well-planned and effective risk management program that also includes policies and protocols to prevent and mitigate technology risks.

Posted in LinksComments Off

Introducing ThreatWatch: A New Way to Explore the Evolving World of Cyber Dangers | NextGov

 

A new way to track the evolving threats in cyberspace. By Aliya Sternstein

View article…

Posted in LinksComments Off

Blog Archives