Cyber Security Intelligence

Twitter< Follow on Twitter>

April Newsletter #1 2015

China Reveals Its Cyberwar Secrets

A high-level Chinese military organization has for the first time formally acknowledged that the country's military and its intelligence community have specialized units for waging war on computer networks.

China's hacking exploits, particularly those aimed at stealing trade secrets from US companies, have been well known for years, and a source of constant tension between Washington and Beijing. But Chinese officials have routinely dismissed allegations that they spy on American corporations or have the ability to damage critical infrastructure, such as electrical power grids and gas pipelines, via cyber attacks.

Now it appears that China has dropped the charade. "This is the first time we've seen an explicit acknowledgement of the existence of China's secretive cyber-warfare forces from the Chinese side," says Joe McReynolds, who researches the country's network warfare strategy, doctrine, and capabilities at the Center for Intelligence Research and Analysis.

The acknowledgment could have political and diplomatic implications for China's relationship with the United States and other Western powers.

China has divided its cyber warfare forces into three types, said McReynolds, whose analysis is included in his forthcoming book, China's Evolving Military Strategy, which will be published in October.

First, there are what the Chinese call "specialized military network warfare forces" consisting of operational military units "employed for carrying out network attack and defense," McReynolds said.

Second, China has teams of specialists in civilian organizations that "have been authorized by the military to carry out network warfare operations." Those civilian organizations include the Ministry of State Security, or MSS, which is essentially China's version of CIA, and the Ministry of Public Security (its FBI).

Finally, there are "external entities" outside the government "that can be organized and mobilized for network warfare operations," McReynolds said.

As to which of those groups is responsible for targeting American companies to steal their secrets, the short answer, says McReynolds: "They all do it." Espionage by the PLA has been extensively documented, McReynolds said. And a Chinese hacking unit dubbed Axiom that has been linked to intrusions against Fortune 500 companies, journalists, and pro-democracy groups is reportedly an MSS actor. He noted that there are also many ways that Chinese civilians have been seen assisting in industrial espionage, including through "hack-for-cash" operations.

Now that China is coming clean about its cyber warfare forces, other countries may question whether they can safely cooperate with the government on combating cybercrime. The Ministry of Public Security (MPS), for instance, has assisted more than 50 countries with investigations of more than a thousands cases of cybercrime over the past decade, and China has set up bilateral law enforcement cooperation with more than 30 countries, including the United States, the United Kingdom, Germany, and Russia.

Experts generally agree that Russia, China, and the United States have the most advanced and sophisticated cyber warfare forces.

The Daily Beast

A simple guide to GCHQ's hacking powers

We now know a lot more about GCHQ's hacking operations and the details haven't come from Edward Snowden. New documents released by the government and privacy advocates have given us the first official glimpse of how GCHQ operates, with its hacking and encryption weakening operations confirmed for the first time.

The details come from three new documents: 1. The Intelligence and Security Committee's (ISC) Report into the UK's security services. 2. The government's open response to the ISC report. 3. Documents from secret court proceedings released by Privacy International.

But what does all this new information mean? Below we answer the key questions beginning with what hacking powers does GCHQ have?

The spy agency has the power to hack into phones, computers and communications networks and is legally justified to hack anyone, according to privacy experts. GCHQ can also hack anyone, anywhere in the world, even if they are not suspected of any crime. Court documents released by Privacy International show GCHQ can carry out hacking on "individuals who are not intelligence targets in their own right". The privacy charity, which has launched legal action against the UK government and GCHQ, claims this allows GCHQ to hack people who are not targets.

The ISC report also shows for the first time that GCHQ uses security vulnerabilities, including zero-days, which use previously unknown weaknesses to attack software, for its operations. And what does GCHQ have to say about this? The spy agency says Privacy International's claims that its operations are unregulated are "simply untrue".

A spokesperson for the spy agency said its operations were subject to "rigorous oversight", adding that its "operational processes rigorously support this position". GCHQ was unable to respond to individual issues raised due to its policy of not commenting on intelligence matters.
The agency's Edgehill decryption program, revealed in documents released by Edward Snowden, revealed ambitions to crack encryption used by 15 major Internet companies and 300 virtual private networks (VPNs) by 2015. Cryptography experts have warned that such operations risked weakening online security for everyone.


Bitcoin 'exit scam': Deep-Webbers disappear with $12m

The administrators of a top deep-web marketplace have disappeared with over $12m worth of the cryptocurrency Bitcoin it has emerged, in what appears to have been an "exit scam".
On the website Reddit, a user called NSWGreat, who identified him or herself as a moderator for the site, raised the first red flag in a post to the DarkNetMarkets marked "EVOLUTION EXIT SCAM".

NSWGreat said that he or she personally had $20,000 in Bitcoin currently in escrow at the site, and had confronted Evolution's administrators, who go by the aliases Verto and Kimble, confirmed the scam, according to NSWGreat.

Evolution Marketplace was one of the largest of a number of deep-web sites, which grew up after the collapse of the Silk Road, which was shut down after its administrator, Ross Ulbricht, who went by the alias Dread Pirate Roberts, was arrested in 2013.

But while Ulbricht's Silk Road, and many of the sites that followed in its footsteps, had a quixotic if libertarian bent, Evolution was always known as more anarchic and less scrupulous.

One vendor on Evolution, speaking anonymously to the Guardian, said they had been on the site for two years. "Now it's gone; I just lost my career," they said, adding that they had lost around $5,000 in the scam.


Crime has gone High-Tech and the Law Hasn't

When most people hear the word "criminal," they probably picture some dim-witted thug. But a security expert, Marc Goodman, has been fighting crime for more than 20 years and he's learned the hard way that crime is increasingly going high-tech, leaving law enforcement struggling to keep up. He outlines the challenges in his new book Future Crimes: Everything is Connected, Everyone is Vulnerable, and What We Can Do About It

"The fact that narcos in Mexico are going to colleges of aeronautical engineering to hire drone engineers would be a surprise to people," Goodman says in Episode 142 of the Geek's Guide to the Galaxy podcast. "Everything from AI to synthetic biology to robotics to big data to the Internet of Things, crooks and terrorists, rogue governments and corporations are all over it."
But perhaps the most striking fact about crime today is who, or rather what, is committing it. "It's not people that are committing the crime anymore," says Goodman. "Crime has become software. It's Crimeware."

Examples include ransomware (viruses that encrypt your data and make you pay to get it back) and botnets (zombie networks of thousands of infected machines that can be turned against banks, tech companies, and governments). The days when only master hackers were committing computer crimes are long gone. These days every creepy stalker, disgruntled employee, or aspiring terrorist can purchase pre-programmed Crimeware to help them hack your phone, your bank account, or even your car.

The exponentially expanding threat means locking up individual criminals is no longer a realistic solution. Another approach is to crowd source law enforcement. Organized crime is already adept at crowdsourcing, using criminal networks to rob thousands of ATMs at once.

All physical objects in our space are de-materializing and are being transformed into information technology. If you look at a 1965 Chevy, or a Mustang, those were mechanical cars, but the cars today, any car that's rolled off the assembly line in the past few years, has well over 200 microchips in it. They control the radio, the GPS, the airbags, the cruise control, the speedometer, it's all controlled by computer. A modern car is a computer that we ride in, an elevator is a computer that we ride in, an airplane is a Solaris box that we fly in. All of these devices are hackable.


Connected Cars: Risks for Auto-Vehicles!

Every day more devices are being connected to the Internet and connected cars are growing in number each year. These cars are well equipped with automatic notification of crashes, notification of speeding and safety alerts, but reports suggest that they are prone to cyber attacks because not enough measures have been taken to adequately protect these connected cars from hackers.

The connected car could make our cloud services, e-mail, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle's e-email, text messages, contacts, and other personal, financial, and work data vulnerable to hackers. Burglars could determine vehicle location provided by the vehicle's GPS to monitor when a home's occupants are miles away. Hackers can gain access to vehicle networks and wreak havoc on traffic and even threaten the safety of vehicle occupants.

Connected cars can share information for a C2C (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Cars are becoming part of IoT (Internet of Things). Experts predict that (car-to-car) or a C2I (Car-to-Infrastructure) connections in real-time. Experts predict that IOT risks are going to increase drastically this year. How data is fetched from the Internet or data requests that are going from the car should be analyzed and evaluated. So, the focus is going to be in the cloud.

And with all the time we spend in where cars on the road will automatically swap data such as speed and direction, sending alerts to avoid crashes or traffic snarls. And with all the time we spend in our cars, it makes sense that they should become personalized digital assistants.
Recently, German auto outfit announced it was sending an over-the-air update to cars featuring its SIM-based ConnectedDrive module. This allows drivers to remotely unlock their car, but the German automobile club ADAC had reverse-engineered the telematics software and warned BMW that a flaw made it possible for third parties to unlock vehicles. The update, which introduces HTTPS encryption to the car's connection with BMW's servers, is automatically downloaded as soon as the car module talks to that system.

Hackers were in theory able to dupe the car into unlocking by creating a fake mobile network, according to Reuters. There is no evidence that the flaw has been exploited, though it was present in up to 2.2 million BMWs, Minis and Rolls-Royces. Though, the vulnerability was patched on time by the company, there is always a learning from such an event. The majority of all automakers transmit data to third parties.

Recently, Oracle developed a platform to develop an application for cars using JAVA. Similarly, Qualcomm, AT&T and others are bringing in new platforms exclusively for connected cars. With such great technologies, we are creating a vast new attack surface for the hackers. The future is going to depend on the way we are going to provide Security awareness and security development for these connected cars.

Security Affairs

Amazon Gaming Site Hacked… Inc.'s video game streaming site Twitch Interactive Inc. is requiring users to reset their passwords following a suspected hack.

"There may have been unauthorized access to some Twitch user account information," the company has said on its website. "For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube."

Twitch also advised players to change passwords on other sites that are similar to or the same as that used on the gaming site. Further details about the extent of the suspected breach weren't disclosed. The company said it would reach out directly to affected users.

Twitch, an online forum that lets users discuss gaming and watch others while they play, hosts 60 million monthly unique viewers. Amazon purchased the company for $970 million in August 2014.


5 Essential Truths of The Internet Of Things

The IoT (Internet of Things) really will bring about a total paradigm shift, because, for the first time, it will be possible for everyone who needs it to share real-time information instantly. That really does change everything, obliterating the "Collective Blindness" that has hampered both daily operations and long-term strategy in the past. As a result, we must rethink a wide range of management shibboleths.

First, we must share data. Tesla leads the way with its patent sharing. In the past, proprietary knowledge led to wealth: your win was my loss. Now, we must automatically ask, "who else can use this information?" and, even in the case of competitors, "can we mutually profit from sharing this information?" Closed systems and proprietary standards are the biggest obstacle to the IoT.

Second, we must use the Internet of Things to empower workers. With the IoT, it is technically possible for everyone who could do their job better because of access to real-time information to share it instantly, so management must begin with a new premise: information should be shared with the entire workforce. Limiting access must be justified.

Third, we must close the loop. We must redesign our data management processes to capitalize on new information, creating continuous feedback loops.

Fourth, we must rethink products' roles. Rolls-Royce jet engines feed back a constant stream of real-time data on their operations. Real-time field data lets companies have a sustained dialogue with products and their customers, increasingly allowing them to market products as services, with benefits including new revenue streams.

Fifth, we must develop new skills to listen to products and understand their signals. IBM scientists and medical experts jointly analyzed data from sick preemies' bassinettes & realized they could diagnose infections a day before there was any visible sign. It's not enough to have vast data streams: we need to understand them.

Sixth, we must democratize innovation. The wildly popular IFTTT web site allows anyone to create new "recipes" to exploit unforeseen aspects of IoT products – and doesn't require any tech skills to use. By sharing IoT data, we empower everyone who has access to develop new ways to capitalise on that data, spreading the IoT's development.

Seventh, and perhaps most important, we must take privacy and security seriously. What responsible parent would put an IoT baby monitor in their baby's room after the highly publicised incident when a hacker exploited the manufacturer's disregard for privacy and spewed a string of obscenities at the baby? Unless everyone in the field takes privacy and security seriously, the public may lose faith in the IoT.

There you have 'em: my best analysis of how the Internet of Things will require a revolution not just in technology, but also management strategy and practices.


Drones: The looming threat

Unmanned aircraft, otherwise known as drones, are becoming common. Many are familiar with America's use of armed drones in Pakistan, Yemen and elsewhere but drones are also increasingly being used by other parts of government, by companies and individuals.

Drones can be far cheaper to operate than anything that requires an on-board pilot, and they are handy for making maps and taking pictures and videos. The FBI uses a small fleet of drones for law-enforcement surveillance. Customs and Border Patrol uses them to monitor the American border with Mexico. Commercial drones are now regularly used for real-estate photography and to monitor oil and gas pipelines, among many other applications.

The proliferation of drones, which include both small fixed-wing aircraft and small rotorcraft with multiple propellers, raises some vexing public-policy questions.

At issue is also the way some drones can loiter overhead for long stretches, engaging in what is called "persistent surveillance". As drones—and other airborne surveillance platforms, such as circling manned aircraft and lighter-than-air craft—become cheaper and more effective, persistent aerial surveillance could become the norm, and no privacy or transparency measures currently exist in the law.

The current state of the law, both legislation and court decisions, is poorly suited to deal with persistent surveillance. This is because privacy law is tailored to questions of whether one is in public, an open field, or in a space where one has a "reasonable expectation of privacy". The Supreme Court has, at times, expanded such spaces, for instance finding in 1967 that the FBI cannot eavesdrop on conversations in telephone booths without a warrant. But in this era of "big data", the line between public and private can no longer be delimited by physical boundaries.

Complicating matters, there is no clear line between episodic surveillance, a snapshot, and persistent surveillance even though the effects are profoundly different. It's the difference between a snapshot and an overhead video that shows the comings and goings of everybody in a city over the course of a week. In such a video, a so-called "pattern-of-life" emerges. Any still frame from the video might be a defensible incursion on privacy, yet the whole video is something more than the sum of these parts.

Discussions about privacy often involve the question of why it is something worth protecting. People tend to invoke Louis Brandeis and Samuel Warren's definition of privacy in 1890 as the "right to be let alone". So persistent surveillance, whether through monitoring internet browsing habits or from a drone overhead, undermines the formation of liberal individuals in the way that an over-reliance on GPS undermines the formation of a sense of direction.

It is worth noting that not all persistent drones are a threat to privacy, NASA's Global Hawk Earth science missions, for instance, are exactly what they claim to be: new tools for studying hurricanes and other natural phenomena. But it is essential that these questions about drones and privacy are being asked now.


You can tell which Emails are being tracked

You may not have heard of companies like Yesware, Bananatag, and Streak, however they almost certainly know a good deal about you. Specifically, they know when you've opened an email sent by one of their clients, where you are, what sort of device you're on, and whether you've clicked a link, all without your awareness or consent.

That sort of email tracking is more common than you might think. A Chrome extension called Ugly Mail shows you who is guilty of doing it to your inbox. Sonny Tulyaganov, Ugly Mail's creator, says he was inspired to write the "tiny script" when a friend told him about Streak, an email-tracking service whose Chrome extension has upwards of 300,000 users. Tulyaganov was appalled.

The reason it was so easy to create is that the kind of tracking it monitors is itself a simple procedure. Marketers, or anyone who's inspired to snoop, simply insert a transparent 1×1 image into an email. When that email is opened, the image pings the server it originated from with information like the time, your location, and the device you're using. It's a read receipt on steroids that you never signed up for.

Pixel tracking is a long-established practice, and there's nothing remotely illegal or even particularly discouraged about it; Google even has a support page dedicated to guiding advertisers through the process. That doesn't make it any less unsettling to see just how closely your inbox activity is being monitored.

Using Ugly Mail is as simple as the service is effective. Once you've installed it, the code identifies emails that include tracking pixels from any of the three services mentioned above. Those messages will appear in your inbox with an eye icon next to the subject heading, letting you know that once clicked, it will alert the sender. Tulyaganov also confirmed to WIRED that Ugly Mail also doesn't store, save, or transmit any data from your Gmail account or computer; everything takes place on the user's end.

Ugly Mail appears to work as advertised in our test, but it has its limitations. It's only built for Gmail and is only available for Chrome, although Tulyaganov says that Firefox and Safari versions are in the works. And while it's effective against Yesware, Bananatag, and Streak, those are just three pixel-tracking providers in a sea of sneaking marketers.

Pixel tracking isn't going away any time soon, and Ugly Mail is an imperfect way to prevent it. But it still offers a valuable glimpse at the marketing machinations we're all exposed to every day, whether we're aware of them or not.


Facebook data row reaches top Euro Court

Max Schrems (above) has long campaigned against Facebook's data practices.
The future of how Europeans' data is shared with US companies such as Facebook and Google is ready to be reviewed by the EU's highest court.

Lawyer and activist Max Schrems said revelations by whistleblower Edward Snowden showed agreed privacy practices were being ignored by Facebook and others. He called for the current Safe Harbour deal, which allows the transfer of data to US firms, to be scrapped. Facebook has not commented on the case.

At a hearing in Luxembourg on Tuesday the European Court of Justice's (ECJ) Advocate General said he would give his final opinion on 24 June - the ECJ will make its final decision thereafter.

The result of the proceedings could have wide implications for all US firms dealing with Europeans' data, including the likes of Twitter, Google, Microsoft and Yahoo. It centres around the Safe Harbour agreement, in place since 2000, which allows US firms to collect data on their European users as long as certain principles around storage and security are upheld.
It means user data gathered in Europe can easily be stored legally in data centres within the US.

Those principles include giving adequate notice to users that their data is being collected, and suitable transparency over how it can be accessed and by whom. The ECJ is considering whether the Safe Harbour agreement is effective in the wake of the Snowden leaks. Mr. Snowden alleged that Facebook and others were complicit in Prism, a surveillance system launched in 2007 by the US National Security Agency (NSA).

Euro data
A complaint against Facebook, which bases its European headquarters in Dublin, Ireland, was filed by Mr. Schrems last year. He said the network should be investigated over the alleged co-operation with US intelligence agencies in handing over user data from Europeans. Schrems said Facebook had acted against the Safe Harbour rules, and that local regulators should step in to protect Europeans' data.

The ECJ's decision could mean US firms are forced to open more data centres in Europe. Some companies, such as Twitter, have said they would need to build new data centres in Europe to handle information, needlessly duplicating resources they already have in the US.


#Anonymous vs #ISIS: the ongoing skirmishes of #OpISIS

In the realm of social media wars, some are more fraught than others. Yet for months, Anonymous has been doing what it does best: hunting people. And now they are after ISIS.
ISIS has done much of their recruiting work through social media channels: Facebook and Twitter, as well as more esoteric platforms. They use social media, particularly Twitter, as a propaganda tool and on this front they are considerably in advance of NATO and other Western forces, who tend to view such use as more of a risk than an advantage.

But as ISIS, the most feared organization in the world (as far as the US State Department and mainstream media are concerned) has learned, sometimes all it takes to wipe you out is for your enemy to press a button enough times.

Here, then, is exactly how you push that button.

AnonOps, one of the central nodes in the Anonymous hive, has released specific instructions on how to cut off ISIS lines of communication and recruitment on Twitter.

1. Locating an Islamic State Twitter account

If you are new to this locating an Islamic State militant account can prove to be difficult however after locating your first account you will be able to find thousands more following these steps. ISIS militants and their supporters feed off of attention and publicity commonly using Twitter hash tags such as #IslamicState among others. Run a Twitter search using this hash tag and you will find your first Islamic State account. If you are still having difficulty locating an account Twitter search #CtrlSec or #OpISIS

2. I have located my first Islamic State Twitter account

Now that you have located your first Islamic State Twitter account you will now be able to collect many more and form a vast network of information. With the account you initially located review all of their following and followers collecting Twitter account names as you move forward. When you are collecting account names you must retrieve their Twitter ID by visiting If you do not collect the account ID they can easily change their account name to evade you as they commonly do once detected. As you are collecting Islamic State Twitter accounts check each bio and their tweets for website URLS and log the information. With the data you have compiled visit and publish a paste of your findings.

3. I have a list of Islamic State Twitter accounts and URLS.

Now that you have collected this information you can take action against them by reporting them to Anonymous, authorities and Twitter. If your paste link contains Islamic State Twitter accounts you can tweet your paste making sure to use the hash tag #CtrlSec so the corresponding operatives can collect your link and terminate the accounts. If your paste link contains Islamic State website URLS tweet them using the hash tag #GhostSec so their operatives can collect intelligence and disable the website. If you have concerns for your personal safety you can alternatively email us with your information at using a anonymous mailer service such as

Your contributions to our cause are immensely appreciated and this could never be achieved without your unyielding support.

Your move, Caliphate

Threat Lessons from Sony and Anthem

The cyberattack on Sony Pictures entertainment left plenty of roiled waters in its aftermath: lawsuits from employees whose personal information was leaked; apologies to President Obama and other subjects of hasty emails; US sanctions against North Korea and a war of words back and forth; and the irony of Sony turning to the entity most identified in those emails as a threat to its content distribution model, Google, to distribute "The Interview."

The Anthem hack exposed a record number of customers. Such a large-scale attack on health records rather than payments, as in the comparable Target attack, raises questions as to just what information the hackers were seeking.

Now come reports of ISIS attacks on US websites. The hacker reportedly placed the black ISIS flag on the websites of several American businesses including a zoo in California and cocktail bar in Massachusetts, seemingly trolling the Internet for vulnerable, albeit lower-profile, targets. Even today it's not possible to assess the full extent of the damage. But there is widespread agreement that, taken together, these kinds of hacks are unprecedented. Here are some lessons.

There have been highly disruptive attacks before (on Saudi Aramco in 2012), political stunts (LulzSec), and ones that have inflicted high costs (Target, for one prominent example). Although the FBI described the sophistication of the Sony attack as "extremely high," some cybersecurity experts say otherwise. But what is clearly new about these recent attacks are their wholesale breadth and brazenness.

Sony reportedly hardened its systems after the 2011 PlayStation Network breach caused it to lose information from 77 million user accounts. But hardening systems has focused on firewalls to keep threats out, constantly updating to keep abreast of changing threat signatures. The trouble with this focus is that it does not stay ahead of new threats.

Increasingly, cybersecurity is focusing on detection and resiliency for inevitable penetration of firewalls. The MIT Media Lab, for example, hardly uses any firewalls so it can enable its users to collaborate widely and launch websites without needing permissions. Security relies instead on monitoring systems thoroughly in order to establish a baseline, identifying anomalies such as a computer moving unusual volumes of data or communicating with suspect IP addresses, and responding rapidly when unusual behavior is observed by taking affected computers off the network.

Would measures like these have prevented the Sony or Anthem hacks? One would expect that monitoring could detect unusual access to or transmission of gigabytes of unreleased films or mass email accounts and set off some alarms.

The government would not issue sanctions against North Korea without a high level of confidence in the attribution of the Sony attack. Even so, some analysts insist it was an inside job.

A reason to suspect insider involvement is the breadth and scale of what was stolen. After all the best publicised thefts of information were accomplished by insiders; like Chelsea Manning and Edward Snowden. Snowden was able to take so much and make such broad statements about what he could learn about people because he had extraordinary access as a system administrator.

In the wake of the Snowden revelations, the NSA took steps to limit how much access a single systems administrator can have. The Sony attack is a reminder that other organizations need to do the same.


Cyber Security Phishing Awareness Course

IT Governance, a cyber security services provider, has launched a Cyber security and phishing staff awareness e-learning course to help businesses raise awareness among employees about the dangers of phishing-based cyber attacks.

Cyber criminals are well aware of the advantages that clever phishing tactics can offer. By tricking the uninformed using a variety of manipulative tactics, criminals can quickly gain access to an organisation's systems and networks, install malware, steal personal information or even bring the company to its knees.

Panda Security research shows that 30% of all of the malware that has ever existed was created in 2013. That is the equivalent of 30 million new malware threats in one year, or about 82,000 per day. In 2014, that figure has doubled to 160,000 new samples every day.

Alan Calder, founder and executive chairman of IT Governance, explains: "Employees often don't understand the dangers of clicking on malicious links or providing their details online. Hackers can exploit this obvious vulnerability and cause a lot of damage. This course has been carefully designed to explain the multitude of phishing tactics employed by criminals to deceive and defraud individuals and organisations, thereby empowering users to recognise these tricks and avoid exposing your organisation to risks."

The Cyber security and phishing staff awareness course has been designed to illustrate concepts in simple terms and is packed with practical examples, interactive graphics and images. The course reveals the different tactics commonly employed in phishing campaigns without unnecessary technical jargon. Including useful tips and advice, the course teaches users to screen attachments and links, verify URLs, watch out for unsolicited requests, and to be mindful of scams when using social media or receiving an email.

The course can be combined with a simulated phishing campaign in order to gauge the level of employee awareness before and after taking the course.

Calder says, "Mounting evidence points to the fact that employees are the biggest security threat facing the average organisation. It is only by educating and enlightening employees to the risks of cyber threats such as phishing attacks that we will be able to beat this problem."

Ein News