Cyber Threat Landscape Update Fall 2018

Cyber Threat Landscape Update
Duration: 60 Minutes
Module 1Resources
Recorded on: 2018-10-16
Unit 1Slide Deck: 2018 Cyber Threat Landscape
Unit 2Recording: Fall 2018 Cyber Threat Landscape
Unit 3Workbook: Fall 2018 Cyber Threat Landscape Update

As our day-to-day becomes more and more intertwined with technology, staying updated is critical. Just as there are useful innovations, there are cyber threats that update, evolve, and shapeshift – the dangers are no longer confined to our files, devices, and network. Identities, financial information, and even our privacy are at risk as opportunistic cyber actors come up with ingenious ways to access and breach information.

Stacey Wright is back for the  Fall 2018 edition of her Cyber Threat Landscape Update. Stacey is the Director of CyberIntelligence at the CIS and is a regular Justice Clearinghouse resource speaker. Together with her Intel team at the CIS’ MS-ISAC, she shares information dealing with cyber intelligence, security, threats, and crimes.

On this course, Stacey discusses the current and emerging malware and threat trends, how these get into our network or device, and how to prevent and protect our systems from attacks. Some of the specifics covered include:

  • The overview of the MS-ISAC and the EI-ISAC, and the sources of their information and intelligence.
  • An update that discusses the patterns in the number of malware notifications and activity in the past months and the top malwares observed to attack and infect computers and networks.
  • The Cyber Crime Technical Desk Reference that MS-ISAC prepared as a primer to cybercrime activity that details into the variants of malwares, scams, and actors.
  • The top malware initiation vectors that look into how the malware is able to breach and access computers and networks.
  • Defining ransomware, its variants, initiation, and prevention tips.
  • A report on the confirmed ransomware infections observed in state and local governments and increasing in the education sector.
  • A closer look into Emotet, the number one malware for September 2018, describing its characteristics, initiation vectors, and network propagation.
  • How EternalBlue, reportedly developed by the NSA, turned into an exploit utilized in ransomware, trojan and cryptocurrency mining.
  • What Cryptocurrency mining is, how it is being abused, and its effects on the victims.
  • Office365 Bruteforcing, password spraying and preventive measures to not fall victim to this type of attack.
  • Data Breaches that target the education and local government sector and a case that affected thousands of government entities in 35 states.
  • The Business Email Compromise (BEC) technique that aims to deceive individuals into providing what the cybercriminals want, and guidelines to prevent and deal with BEC.
  • Fraud cases that create fake charities and fraudulent websites related to storms/hurricanes/typhoons and a chart showing domain registry of websites looking to exploit this opportunity.
  • The direct deposit compromise phishing campaign that seeks to harvest login credentials to modify direct deposit information for the cyber actor’s financial gain.
  • Hoax extortion schemes that deceive individuals into paying ransom to maintain the privacy of one’s personal information.
  • What organizations and individuals can do to prevent and protect themselves from cyber threats.
  • During the Q&A, Stacey clarified the attendees’ concerns relating to: 
    • The REN-ISAC – an ISAC for the education sector
    • Getting end-users onboard with cybersecurity measures
    • Trends on agencies being targeted
    • Spear phishing and likely targets
Additional Resources
2 years ago
After the Webinar: Cyberthreat Landscape (Fall 2018). Q&A with Stacey Wright
Webinar presenter Stacey Wright of the Center for Internet Security's MS-ISAC  answered […]
3 years ago
CyberThreat Landscape Update for Spring 2018: An Interview with Stacey Wright
Cyberthreats are fast moving and everchanging.  It can be hard for busy justice professionals to k […]
3 years ago
101 Introduction to How Cybercrime and Cyber Defenses Actually Work
These days, when almost everything we do is dependent on technology, it's as if damage to our device […]
4 years ago
Infographic: CyberThreat Landscape
Cybersecurity is quickly becoming a top concern for every sector in our country including law enf […]