The offline way to online safety

It seems the majority of Internet users in the UK aren’t ‘safety-aware’. According to a survey carried out by GetSafeOnline and the the BBC less than half the respondents believe that they are ‘primarily responsible’ for their online safety.

This is worrying. More and more of us bank online, pay bills online, and network online. Increased Internet usage brings an increased need to safeguard our online identity.

On the other hand, it’s not users who bear sole responsibility. Sadly, the use of one-time passwords and two-factor authentication aren’t standard across the banking community. And online stores that routinely send email confirmation of a customer’s chosen password in plain text is far from helpful (this has happened to me on several occasions and in each case, when I’ve challenged it, I’ve been told that it’s ‘standard practice’).

This survey makes me think we’re not getting the security message out to those who need it. There’s lots of great information out there, including at GetSafeOnline. But you have to know where (and how) to find it, not an easy task for an inexperienced user.

Maybe it’s time to shift the online security message into the offline world. For instance, a series of TV ads, like those used in anti drink driving and anti drugs campaigns. Print ads might also play a part – as security experts, we sometimes forget that people do still read newspapers. I’m sure a series of adverts like this would have more impact than just detailed sites which the target audience can’t, unfortunately, find.

The offline way to online safety

Your email address will not be published. Required fields are marked *



Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Lazarus covets COVID-19-related intelligence

As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available. We have found evidence that the Lazarus group is going after intelligence that could help these efforts by attacking entities related to COVID-19 research.

Sunburst: connecting the dots in the DNS requests

We matched private and public DNS data for the SUNBURST-malware root C2 domain with the CNAME records, to identify who was targeted for further exploitation. In total, we analyzed 1722 DNS records, leading to 1026 unique target name parts and 964 unique UIDs.

Subscribe to our weekly e-mails

The hottest research right in your inbox