Cryptojacking, and Farewell for Now!
The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created the world of cryptojacking, a form of cybercrime that remains completely hidden from the target and can infect millions of computers with cryptojacking malware. Which brings us to the fundamental question: What can organizations do to protect themselves? In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft senior software engineer Amitrajit Banerjee and senior staff architect at Intel Rahul Ghosh to discuss the history and prevalence of cryptojacking. The push behind a cryptojacking attack is almost always motivated by money. Mining cryptocurrencies can be very lucrative, but making a profit is challenging unless you cover high costs. They discuss the importance of understanding the actual concept of mining, how victims' CPU power and computing resources can be used, and why it isn't easy in general to detect crypto miners.
Ransomware attacks have never been so successful. The returns from these attacks are soaring and only becoming easier to conduct. In chapter two of the Microsoft Digital Defense Report, the growing threat of cybercrime is covered in great detail. As we continue to go over the MDDR, it's more apparent than ever that the cybercrime economy and services it provides are stronger and more complex than ever. Cryptocurrency, malware, and adversarial machine learning are just a few of the topics we believe need to be covered in more detail. In this episode of Security Unlocked, host’s Natalia Godyla and Nic Fillingham are joined by Jason Lyons, principal investigator in the digital crimes unit at Microsoft. Jason is an experienced investigator specializing in computer investigations. He is trained and experienced in hacker methodology/techniques, computer forensics, and incident response. Jason joined the show to discuss Chapter two of the Microsoft Digital Defense Report, which focuses on the state of cybercrime. He also speaks on how cryptocurrency has created new challenges in ransomware, why ransomware continues to grow, and recent trends we are currently seeing in malware.
Everything is exciting and new when you're a kid, and curiosity inspires many of us to branch out and try new things. For some, that means drawing from our imagination or trying all kinds of sports. And for others it means spending days at the library, checking out books on modem communications, and eventually hacking into the local dial-up community service. That's just a random example, of course... Either way, curiosity can be a powerful tool, even at a young age. To the point that it may help kickstart a career, you didn't even know existed. In this episode of Security Unlocked, host Natalia Godyla is joined by S&P Global Ratings BISO Alyssa Miller. Alyssa is a life-long hacker and highly experienced security executive. She runs the security strategy for S&P Global Ratings as the Business Information Security Officer (BISO), bringing together corporate security objectives and business objectives. Natalia and Alyssa discuss her journey in security from a young and curious hacker to a BISO of the largest credit-rating agency, and how she is shaping what the role of the BISO will be for future generations.
Disinformation in the Enterprise
Disinformation refers to the calculated use of false information to influence others and has been a steadily growing form of information warfare. Unfortunately, disinformation is everywhere these days, often hidden in plain sight. Criminals will also adapt and take advantage of technologies, such as AI and deepfakes, to increase the effectiveness of disinformation campaigns. Of course, there are ways to combat these types of attacks, and we cover recommendations for protecting the enterprise in the 2021 Microsoft Digital Defense Report (MDDR). In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the Director of Enterprise Continuity and Resilience at Microsoft, Irfan Mirza, who authored the chapter on disinformation in the enterprise in the 2021 MDDR. Irfan joins to discuss what disinformation is, why the use of disinformation is growing, how cognitive hacking occurs, and how cybersecurity can start thinking about adapting their strategies.
Microsoft works around the clock to protect their customers, no matter what product they’re using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right? In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Jonathan Bar Or, Principal Security Researcher at Microsoft. Jonathan discusses the recently discovered vulnerability that could let attackers bypass System Integrity Protection (SIP) in macOS, why he believes in investing in cross-platform protection, and the importance of collaboration between security researchers, software vendors, and the larger security community.