Ethical Hacking

Wade Mackey

Week 4

Ex-U.S. Intelligence Officers Admit to Hacking Crimes in Work for Emiratis

by 2 Comments

I found this trending article about how three former American intelligence officers hired by the United Arab Emirates to carry out sophisticated cyberoperations admitted to hacking crimes and to violating U.S. export laws that restrict the transfer of military technology to foreign governments.

The men helped the Emirates, a close American ally, gain unauthorized access to “acquire data from computers, electronic devices and servers around the world, including on computers and servers in the United States.

The three men worked for DarkMatter, a company that is effectively an arm of the Emirati government. They are part of a trend of former American intelligence officers accepting lucrative jobs from foreign governments hoping to bolster their abilities to mount cyberoperations.

Link: https://apnews.com/article/technology-united-states-hacking-5700a1fa8b1b4612477658b883e58f31

Bank digitisation is not all it’s cracked up to be

by 2 Comments

Article: Rapid digitisation of banks invites cyber risks as well. What are the risks, and what should banks do?
Author: Ishwari Chavan
Published: September 20, 2021, 09:24 IST
Site: CIO.com The Economic Times
Link: Article

Going digital without care is not the way to go for financial institutions. This article reports an increase in cyberattacks focused on banking institutions to a whopping 238% between Feb 2020 and April 2020 (VMWare Carbon Black). Anywhere from phishing, network scanning and probing (Recon work), viruses and website hacking has been methods used in the attempt to penetrate organizations. PII containing applications are particularly vulnerable due to the simple fact that they have “minimal to no security”. With everything moving to some kind of cloud, the boundaries have been deleted and hackers have new ways of “getting in”. Increasing the vulnerable points of an application has increased the risk. Even if the banks are secure, think about the third party applications that interface – Venmo, Facebook, Zelle, and Paypal to name a small few. The article encourages a collaborative effort for financial institutions to counter against these attacks and vulnerabilities. “Banks are required to reimagine some of their own technology and adapt to a three-year or four-year journey.”