Welcome to Cognosec's 2017 industry half-year review

Welcome to the Cognosec 2017 half-year review. We speak with consultant, industry speaker and Cognosec Non-Executive Director, Neira Jones who provides her industry thoughts on the year so far. You’ll also find our top cybersecurity news stories, infographics and interviews over the past six months.

 

Expert insights

Neira Jones - consultant, speaker & Non-Executive Director at Cognosec

neira-Jones.jpg

As part of Cognosec’s half-year review of 2017, we speak to Neira Jones and question whether organizations have changed their approach to cybersecurity procedures following high profile ransomware attacks. Neira also provides her industry predictions for the next six months.

Click on the button below to view the interview in full.

Read the interview

 

In the news…

Top cybersecurity stories of the year so far

Cloudbleed 

In February this year, Cloudflare revealed that it had discovered a bug in its platform. This resulted in an occasional leakage of potentially sensitive customer data. Cloudflare provides content delivery, performance and internet security services to millions of customer websites. The vulnerability occurred between 22 September 2016 and 18 February 2017 and was discovered by Project Zero and subsequently fixed by Cloudflare. The breach occasionally allowed the data to be indexed by search engines. According to the Huffington Post at time of reporting, nearly 4.3 million domain names may have been affected although experts believe it is unlikely that hackers used the data for malicious purposes.

Campaign hacked two days before French election

In early May, hackers targeted the then French presidential candidate Emmanuel Macron just two days before voters went to the polls. According to reports, hackers leaked 9GB of emails from En Marche! although a statement from the party said that not all data leaked was legitimate.

WannaCry

In May, WannaCry ransomware hit the headlines as it infected Windows operated computers across the globe. The ransomware affected thousands of companies and organizations including Spanish telecom provider Telefonica, Germany’s rail operator DB and the UK’s National Health Service, where patients were diverted and non-urgent activity was postponed.

WannaCry leverages a vulnerability within Windows operating systems and uses an exploit called EternalBlue to automatically target and propagate itself to vulnerable Microsoft Windows operating systems across the Internet. The attack occurs when a user clicks on a phishing email which contains a .zip file disguised as a fake invoice, job offer, security warning, or undelivered email. The ransomware then encrypts the user’s files using the AES cipher. This is then followed by a ransom demand in bitcoin.

Data of 200m US citizens exposed 

In June, reports emerged of a data breach in the U.S where personal details of nearly 200 million US citizens were accidently exposed by an analytics firm contracted by the Republican National Committee. Reports stated that the exposed data included birthdates, home addresses, telephone numbers and political views of 62% of the US population. The information was available on a publicly accessible Amazon cloud server for an unknown period of time. Deep Root Analytics who hosted the database, stated that the data was not accessed by anyone other than the researcher who discovered the breach.

Petya / NotPetya cyber-attack

On 27 June 2017, the Petya / NotPetya cyber-attack struck organisations globally just a few weeks after WannaCry ransomware affected thousands of Windows-based computers. The first wave of the attack was initially reported in Ukraine with the country’s national bank, state power company and airport all affected. This was later followed by announcements confirming that Russian energy firm Rosneft, Danish shipping company Maersk and the British advertising agency WPP were also affected by the cyber-attack.

Infected computers demanded payments of $300 or £235 in Bitcoin to recover access to encrypted files. The ransomware was later said to have originated from corrupted updates on a piece of accountancy software. Dubbed NotPetya by experts because of its likeness to Petya ransomware, this type of attack is also said to be a ‘wiper’ because of its aim to destroy data.

Parliamentary passwords compromised following cyber-attack

Up to 90 email accounts were compromised following a cyber-attack on the UK Parliament on 23 June. According to reports, the hack prompted officials to disable remote access to the emails of MPs, peers and their staff. A spokesperson said the attack was a result of "weak passwords". These passwords were reported to be for sale online. An investigation is currently underway by the National Cyber Security Centre and National Crime Agency.

 

Infographic

Ransomware action plan

With the recent WannaCry and Petya/NotPetya cyber-attacks hitting the headlines over the past few months, we’ve partnered with Cylance to provide an informative infographic that explains what you should do if your organization is under attack.

RansomwareRecoveryPlan_v3_A3-Small.jpg

Download infographic


We can help

Need advice on protecting your organization against ransomware? Cognosec has partnered with Cylance to deliver total endpoint security for your organization. Discover the benefits of deploying AI-driven Endpoint Detection and Response. Download the Datasheet and watch the case study video by clicking on the link below.

Find out how we can help

 

Expert Insights

Meet the team

Find out what’s been happening at Cognosec and the industry as a whole over the past six months. Our services team provides insight into how to improve your organizations cyber resilience and compliance.

Click on the links below to find out more...

Oliver Eckel
Cognosec CTO

Branimir Pacar
Director of PCI & Payment Services

Osaze Aigbe
Senior PCI Security Consultant
Oliver-Eckel.png Branimir_Pacar-1000x800.jpg Osaze-Aigbe2.jpg
Read the interview Read the interview Read the interview

 

Cognosec expert presentations

Watch the videos

Over the last six months, Cognosec’s expert team have presented informative and educational seminars at numerous high-profile events. Click on the videos below to view a selection of our key speaker presentations.

Oliver Eckel, Cognosec CTO
Securing the Future presentation at IPExpo Manchester 

Neira Jones, consultant, speaker & Non-Executive Director at Cognosec
GDPR – It’s the Little Things that Matter presentation at The Future of Cybersecurity Europe


Cognosec Partner Profiles Series

Read interviews with our partner organizations

Over the past few months Cognosec has carried out interviews with our partner organizations. Here, you can discover expert predictions for the future, reactions to news stories, why they decided to partner with Cognosec and more…

Read the interviews by clicking on the links below.

 

Lloyd Webb
Sales Engineering Director for EMEA
Cylance

Andrew Bushby
UK Director
Fidelis Cybersecurity

 Richard Walters
Chief Security Strategist
CensorNet
L_Webb_2.jpg Andrew-Bushby-landscape.jpg Richard-Walters.jpg
Read the interview Read the interview Read the interview
     

Joel Barnes
EMEA Sales Engineer Director
Tenable

Thomas Fischer
Global Security Advocate
Digital Guardian

Bill Dedrick
Chief Revenue Officer
Rsam
Tenable Interview Joes Barnes2.jpg Thomas-Fischer-Headshot2.jpg Bill-Dedrick-bio-photo-2.jpg
Read the interview Read the interview Read the interview

 

 

Sign up to receive our weekly newsletter

Keep up-to-date with the latest industry news, read interviews with key figures and be informed with our infographics and videos. All this and more in our weekly newsletter.

Sign up today!