Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, March 26, 2013

Preparing major Israeli companies against Anonymous attacks on the 7th of April

What distinguishes this plan when compared to previous attacks is that it really seems to be organized by Anonymous-affiliated groups from around the world in what looks like a joining of forces. It was reported that as part of this “operation,” details of some 600,000 users of Walla’s email were exposed in addition according to the then finance Minister Yuval Steinitz “Israel deflected 44 million cyber-attacks on government websites. On Wednesday 20 March 2013, cyber-attack crippled TV stations and banks in South Korea, some for a few hours and some are still trying to come back from this attack. As many as 30,000 PCs in Shinhan Bank, Jeju Bank, Nonghyup Bank, the Munhwa Broadcasting Corporation, YTN and the Korea Broadcasting System (KBS) had their hard drives wiped when a virus was activated at 14.00 local time on Wednesday 20 March.

A cyber-attack on this scale on Israel would have serious consequences; therefore major companies are already preparing themselves for these cyber-attacks by using Bot-Trek™, initially as a test pilot.

On the example of the ISPs, it will provide tons of cyber intelligence information on infected machines within IP ranges including public and private sector, including Socks-, spam- and DDoS-bots IP-addresses and Data leaked from corporate domains or IP-ranges (e.g. corporate e-mail accounts, intranets, etc.).

Group-IB, one of the leading computer security companies, specializing in the investigation of computer crime, information security breaches, and computer forensics organized several pilot projects on Bot-Trek which will help to reduce the level of harmful and malware activities by proactive monitoring of ASN/BGP and 24/7/365 cyber intelligence. Group-IB CERT-GIB operates as the first private computer emergency response team in Russia and is internationally known for bringing down several of the biggest Botnet masters around the globe.

Previously, several largest botnets were found and blocked by Group-IB Bot-Trek system, such as Origami (4 000 000 infected PCs) in joint operation with Ministry of Interior of Russian Federation, Dragon, Grum, Virut together with SPAMHAUS, Australian CERT and , and many others. Last year Group-IB prevented theft from over 30,000 customers of various banks, and the number of identified and analyzed information is constantly growing.”, and more than “1.2 million infected PCs were found within the leading ISPs of different countries, which helped to stop malware, SPAM and DDOS activities”.


Posted on 03/26