Updated: Mar 30, 2020
BluescreenIT team was on hand to talk to the Plymouth Manufacturing Group IT Sub Group, highlighting the Scams and Scammers behind the leading hacks of today. The presentation led by BluescreenIT CEO, Mike Dieroff and his young team of experts Ben Pullen, BluecreenIT Academy Coordinator and Xander Tilley, Apprentice SOC Analyst provided listeners an insight into what ransomware looks like when let loose on a network and what free cyber training is available through their academy.
Mike Dieroff begun by describing the ever evolving ecosystem hackers now work and collaborate within, highlighting the ever increasing complexities that organisations are now forced to defend against. It is set to get even harder to stand up defences with the ease in which criminals can now contract specialist hackers, coupled with ability to purchase Nation State security tools. He continued to talk through some of the more recent scams and current threats these pose to IT teams defending their networks from breaches. He provided a rather scary insiders view to what is available on the Dark Net for hackers, highlighting the ease and the level of sophistication that can be bought for what is a tiny fraction of what it actually costs to defend against as well as the key figures behind the hacking movement.
The talks highlighted the average age of a hacker was 17 and it is these individuals that are often targeted to be used as pawns for larger organised crime organisations to provide useful intel on operations. A technique used to create distance between those that are orchestrating and those that are 'soldiers' delivering the attacks on their behalf. Using them to simply test the ease of entry for future and more aggressive attacks. Or they may want them to do reconnaissance work to retrieve valuable data that organisations hold, often referred to as their 'Crown Jewels'. Often this can be found from looking at the organisations stock inventory, logistical movements of goods and people, finance records, employee personal information or company secrets including intellectual property. Sometimes it isn't just data they are looking to steal, but the opportunity to disrupt or stop operations because they have the power to do so. The talk highlighted the growing threat of pawns being contracted through the 'layer cake' effect that can sometimes lead indirectly to Nation State funding in order to create competitive advantages for their own national industries. A frightening thought for any industry that's often hampered by the use of legacy operating systems.
Xander went on to say "hackers have cleverly concealed tools to emulate connected peripherals in order to gain access to high level operational servers that wouldn't ordinarily have any peripherals attached such as a keyboard, to demonstrate the tenacity and how far individuals will go to access infrastructure through physical means. Mike Dieroff, went on to explain "the difficulty for any organisation is to understand the likelihood of being breached. We are all well versed with the impact of getting hacked, as this is well documented by the big stories we see in the press everyday. It is about applying the logic that we know we are going to get hacked at some point, so we need to take that reasoning and adopt a focus on what the likelihood is by our ability to defend against intelligent, tenacious and well sponsored hackers".
Ben Pullen finished off the session with an overview of how his online academy can assist group members to access free resource to train staff across all levels to better help their understanding of information security principles and develop the skills to react to breaches for those in technical areas. BluescreenIT also raised they have funding from the Local Enterprise Partnership (LEP), under the Digital Momentum project, which will fund training for the members IT department. The fund aims to help upskill individuals entering IT, or for those looking to improve their Networking and IT Security skills with international vendor certifications from CompTIA.
BluescreenIT have offered PMG members the opportunity to receive a free two week monitoring trial to assist IT Departments to assess their current security position by identifying any potential security threats that are currently undetected using enterprise level security incident and event management (SIEM) tools. BluescreenIT are a local company, located at the Plymouth Science Park and have been in operation for over 15 years. Their client portfolio currently include the MoD, Aerospace and Manufacturing companies across the UK.
If you would like to find out more, please contact BluescreenIT on 01752 724000 or email email@example.com and quote PMG member to set up a meeting to discuss your cyber security. Don't be the next statistic.