ncsc cybersecurity awareness hacked hacker security shield

NCSC’s Shield Against Cybercrime

The NCSC organized an effort as “Know the Risk, Raise Your Shield” to raise awareness on cybersecurity practices for businesses.

Cyber-Crime On A Rise

Cybersecurity security ncsc password phish email

The Trump administration developed a public awareness campaign for the U.S. private sector. Their intention is to get businesses to better defend themselves against online threats that may attempt to obtain their sensitive data or wage supply chain attacks.

NCSC Effort

National Counterintelligence and Security Center cybersecurity security ncsc

The National Counterintelligence and Security Center is in charge of this effort to improve security practices. At the very least, NCSC is urging all businesses to “review supply chain security, safeguard against spear-phishing emails, beware of social media deception and expect that, when traveling abroad, their equipment will be subject to surveillance or interference.”

“Know the Risk, Raise Your Shield”

The NCSC developed the effort as “Know the Risk, Raise Your Shield” by creating videos, posters, brochures, and flyers on their website. They aim to promulgate strategies to help protect data, assets, technology, and networks.

Advice from National Counterintelligence and Security Center

“To enhance private sector awareness, we’re arming U.S. companies with information they need to better understand and defend against these threats,” says NCSC.

Major Threats

Release in July, the U.S. NCSC’s 2018 Foreign Economic Espionage in Cyberspace report singles out China, Russia, and Iran. As these are the largest nation-states known for their hacking abilities, they are a threat to the U.S. private sector. Laws in these states allow government agencies to compel firms to assist in their efforts.

cyberthreat world wide cybersecurity security real time analytics awareness training education

“Make no mistake, American companies are squarely in the cross-hairs of well-financed nation-state actors, who are routinely breaching private sector networks, stealing proprietary data and compromising supply chains,” Evanina says. “The attacks are persistent, aggressive, and cost our nation jobs, economic advantage, and hundreds of billions of dollars.”

Nation-State Cyber Charges

NCSC pointed to the numerous charges that have been filed in the past 12 months against alleged nation-state hackers to warn private businesses to take information security more seriously.

  • China: “In December 2018, the U.S. Department of Justice charged two Chinese citizens, associated with China’s Ministry of State Security, with perpetrating online attacks designed to infiltrate IT managed service providers, which serve large numbers of IT customers. It followed the Justice Department last October charging two Chinese intelligence officers and eight others with economic espionage.
  • North Korea: In September 2018, the Justice Department charged a North Korean national with having helped perpetuate the WannaCry ransomware outbreak, the Sony Pictures Entertainment breach as well as the theft of $81 million from Bangladesh Bank.
cyberthreat world wide cybersecurity security
  • Russia: In June 2018, the U.S. government imposed sanctions on multiple Russian individuals and organizations for their alleged “destabilizing cyber activities,” including intrusions against the U.S. energy grid and global compromises of routers and switches.
  • Iran: In March 2018, the Justice Department charged nine Iranian nationals with stealing more than 31 terabytes of data from 320 universities in 22 countries – including 144 U.S. institutions – as well as multiple businesses and government agencies.”

Shield Against Online Attacks

Spear Phishing Scams

Do not underestimate the power of a convincing scam email. Since a lot of private information can be found on social media platforms, getting someone to click a link or downloading an attachment has been made easy by adding a few personal details.

spear phish phishing email credentials hacker hacked cybersecurity security

For instance, a hacker can find out who you work for on your LinkedIn profile and create an email to you, posing as your boss, requiring you to send back sensitive material, downloading an attachment with malware, or going to a malicious site.

Security experts say that spear-phish attacks are the entry point for the majority of hacks conducted by remote hackers.

Friending People on Social Media

Be sure to only add people you know personally on your social media platforms. It is recommended to limit personal information on these sites, or at least only viewable to your friends which you approved their request.

friend request cybersecurity threat

Foreign intelligence service recruiters use social media as a tool to their advantage. “China’s intelligence services use social media platforms to spot, assess and target Americans with access to business or government secrets,” NCSC warns. For instance, last year a Chinese intelligence operative posed as a job recruiter and approached a former CIA officer who was ultimately convicted of espionage.

Travel Without Devices

The NCSC insists to avoid traveling abroad with smartphones, laptops, and other mobile devices whenever possible.

“If possible, leave your electronic device at home,” NCSC says. “If you bring it, always keep it with you; the hotel safe isn’t really ‘safe.'”

travel abroad no privacy foreign cybersecurity

The NCSC advocates that WiFi access points are typically montiored by domestic government agencies, spyware, or malicious software pushed to devices that connect to the network. The NCSC advises organizations to issue “burner” devices, especially to executives, with minimum functionality when traveling to foreign countries.

“When abroad, don’t expect electronic privacy,” NCSC concludes.

Original Article Found Here.

  • 2