There was an increase in news last week. It included funding announcements, acquisitions, the takedown of a cybercrime site and product announcements and acquisitions.
JumpCloud released its Q3 2024 SME IT Trends Report, “Detours Ahead: How IT Navigates an Evolving World” (registration required). It highlights concerns over Shadow IT, cyberattacks, AI, device sprawl, funding, a lack of resources and staffing.
The National Crime Agency (NCA) and the Police Service of Northern Ireland (PSNI) infiltrated and shut down DDoS-for-hire service – digitalstress.su – as part of Operation Power Off. It then deployed a shadow site gathering intelligence on users of the site.
Linx Security has secured $33 million in funding as it exits stealth mode. The company claims its mission is to revolutionise identity security and governance. It is focused on the Identity Lifecycle. In the announcement, it identifies the use of multiple identities by users as a major challenge.
Keepit has found that CISOs and CIOs need help with data protection challenges exacerbated by AI and the cloud. Of concern is that both show critical gaps in disaster recovery strategies. They also show that greater data security is needed.
Mimecast has acquired Code42 to expand its Human Risk Management (HRM) Platform. The acquisition gives Mimecast access to Code42’s insider threat management and data loss prevention technology. The value of the acquisition was not announced.
Pulseway has released version 9.7 of its RMM solution. The release sees several enhancements including ones to Patch Management, Remote Control and new integrations. Enterprise Times spoke to Edgar Zacharjev, SVP of Product and Strategy, about the update.
Europol
Europol published the Internet Organised Crise Threat Assessment (ICOTA) 2024. The report reveals some interesting facts. The effectiveness of takedown efforts against cybercrime sites and groups has had an unexpected result. Rather than reducing the number of groups, it has caused them to fragment, which has led to a multiplication of attacks.
The number of attacks each day is now in the millions. SMEs are favoured targets because they have lower cyber defences. E-merchants and banks are under constant digital skimming attacks. Phishing, BEC, investment and romance scams continue to grow.
Jumpcloud
JumpCloud has released a new solution called Mobile Device Trust. It allows IT administrators to limit user access to secure corporate-owned devices (COD) and users’ bring-your-own devices (BYOD). The company says it optimises organisations’ security posture.
Khanh Tran, Chief Product Officer, JumpCloud, “Many of our customers have requested Mobile Device Trust, and we are happy to deliver. Organizations need security that protects sensitive resources anywhere an employee accesses them.
“IT admins want flexible device management from the cloud to their corporate-owned devices. And end users want a mobile experience that is easy to use and doesn’t intrude on their work productivity or personal lives. JumpCloud’s Mobile Device Trust meets all these needs. JumpCloud was founded on the promise of providing secure, easy access.”
National Crime Agency
The National Crime Agency (NCA) and seven UK banks have launched a major project to identify and take action against organised crime. Banks are providing account data that they believe indicates potential criminality. The data will then be analysed by the NCA and the banks with the results driving future NCA investigations.
NCSC
The NCSC, USA and the Republic of Korea have warned of a new threat from North Korea. A cyber threat group known as Andariel is targeting military and nuclear secrets. The cyber actors have primarily targeted defence, aerospace, nuclear and engineering entities, and organisations in the medical and energy sectors to a lesser extent, in order to obtain information such as contract specification, design drawings and project details.
Paul Chichester, NCSC Director of Operations, said, “The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes.
“It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse. The NCSC, alongside our US and Korean partners, strongly encourage network defenders to follow the guidance set out in this advisory to ensure they have strong protections in place to prevent this malicious activity.”
US Department of Justice
Three jailed for $88 million telephone software licence piracy
Three individuals have been sentenced to jail and ordered to pay restitution for their part in pirating Avaya Direct International (ADI) software licenses. The value of the pirated licences was put at $88 million.
The sentences and forfeitures were Raymond Bradley Pearce, of Tuttle, Oklahoma, four years in prison and $4 million. Dusti O. Pearce, also of Tuttle, one year and a day in prison and $4 million. Jason M. Hines, of Caldwell, New Jersey, one year and six months in prison 18 months of home confinement, and $2 million.
All three will pay additional restitution of $17 million for Brad Pearce, $10 million for Dusti Pearce, and more than $5 million for Hines. The court will hold a separate restitution hearing in a few weeks to determine the details of the restitution order.
North Korean Hacker charged for ransomware attacks
North Korean national Rim Jong Hyok, a member of the Andariel cybercrime group, has been indicted in the US. He is accused of breaking into and extorting US hospitals and healthcare providers. He is also charged with laundering the proceeds and funding attacks on defence, technology, and government entities worldwide.
Deputy Director Paul Abbate of the FBI, commented, “Rim Jong Hyok and his co-conspirators deployed ransomware to extort US hospitals and health care companies, then laundered the proceeds to help fund North Korea’s illicit activities.
“These unacceptable and unlawful actions placed innocent lives at risk. The FBI and our partners will leverage every tool available to neutralize criminal actors and protect American citizens.”