Blog

Home|Blog

How to Protect Your Customers and Your Brand from Stolen Credential Misuse

How to Protect Your Customers and Your Brand from Stolen Credential Misuse During 2020 a number of Online Retailers have made headline news due to the media erroneously reporting that their customer Portals had been breached. These include Tesco Clubcard Members (https://www.techradar.com/uk/news/tesco-clubcard-holders-warned-of-major-security-issue) and most recently, Wiggle (https://cyclingindustry.news/security-breach-reported-on-wiggles-customer-accounts). In both these instances there was no exploitation of a cyber vulnerability. Threat Actors in all likelihood gained access to these Portals Accounts using a database of credentials stolen from other platforms or possibly via a Spear Phishing campaign.    The obvious questions here are: How was this possible? and How can this be prevented in the future? I prefer a shared responsibility model so let’s answer the above questions with this in mind:   How was this possible? Many subscribers have the same username (email address) and password for all online portals and web applications. Therefore, if one Portal account is compromised,

By |2020-06-18T11:14:26+00:00June 17th, 2020|Blog|0 Comments

Regularly Validating Security Controls with Breach and Attack Simulation

Regularly Validating Security Controls with Breach and Attack Simulation   Validating Security Controls is of vital importance for all organisations and is mandated by Cyber Security Frameworks like National Institute of Standards and Technology (N.I.S.T.) who offer a simple high-level way to do this using 5 steps:   IDENTIFY (CROWN JEWELS) PROTECT DETECT RESPOND RECOVER   To emphasise the importance of validating Security Control on a regular basis think of pilots doing a pre-flight check and inspection of their aircraft. Not performing these checks and inspections could lead to a loss of license for the pilots and the airline as it is mandatory and so should validating your organisation’s Security Controls. Simplistically you start by Identifying a Crown Jewel which could be an Endpoint, A Domain Controller or a Business Application. The next step is to detail and understand the attack vectors, which could be infiltration via email or a

By |2020-05-18T13:22:53+00:00May 18th, 2020|Blog|0 Comments

Breach and Attack Simulation vs Penetration Testing

Breach and Attack Simulation vs Penetration Testing Cyber attacks have evolved dramatically in the past decades. The capabilities, scope, fallout and number of targets of these attacks have greatly increased. This has resulted in damages from cybercrimes reaching all time, worldwide highs which are only set to increase. As a result, organisations are finding it necessary to test their organisation’s cyber security posture on the regular. Elasticito can help you navigate this process to find a solution suitable to your organisation. MITRE-ATT&CK-APT3+APT29 | Elasticito A Common Question! A common question people evaluating cyber security testing options for their organisations ask us is: “how does Breach & Attack Simulation differ from penetration testing”? The simple and shortest answer to this question is that both have their own part to play in making enterprise cyber defences more effective. Breach & Attack Simulation (BAS) are tools that allow businesses to simulate

By |2020-05-11T13:26:50+00:00May 11th, 2020|Blog|0 Comments

You Should Adopt a Cyber Security Framework – Here’s Why

You Should Adopt a Cyber Security Framework – Here’s Why Today, cyber attacks and cyber security breaches are constantly happening around the world. These attacks are also continuously evolving, becoming more sophisticated and unforeseen. This makes it difficult for organisations to proactively prevent phising, malware and ransomware attacks. So what can your organisation do to become resilient to cyber threats? A suitable cyber security framework and cyber security policies and procedures can reinforce your organisation’s IT security.       Cyber Security Framework A growing number of organisations are coming to the realisation that their extensive investment in cyber security technologies has not provided the resilience to cyber attacks that they were expecting and are looking for answers as to why they are still susceptible to phishing, ransomware and malware. The answer to this susceptibility conundrum lies in the understanding and adoption of a Cyber Security Framework (CSF). This doesn't mean that blindly adopting

By |2020-04-29T13:42:34+00:00April 29th, 2020|Blog|0 Comments

Using Breach and Attack Simulation with MITRE ATT&CK to highlight threat actor behaviours

MITRE ATT&CK is a phenomenal global free knowledge base produced by MITRE, a US Government research organisation, that maps adversary tactics and techniques that are used by threat actors to launch cyber attacks against targets.  The ATT&CK framework (which stands for Adversarial Tactics, Techniques, and Common Knowledge) began its life in 2013 and now incorporates a vast array of Tactics, Techniques and Procedures (TTPs). As Sun Tzu famously wrote in The Art of War, 'Know your enemy ...' - this is about understanding how cyber adversaries operate and what tactics and techniques they use when conducting reconnaissance on a target and launching an attack, with the aim to try and disrupt their activity to make an attack too complex or too costly for the attacker to pursue. MITRE ATT&CK Navigator The MITRE ATT&CK Navigator is used to map and filter adversary TTPs in order to understand the phases and techniques

By |2020-04-07T06:55:30+00:00April 6th, 2020|Blog|0 Comments

Why use the FAIR Model to quantify Cyber Risk for 3rd parties?

Why use the FAIR Model to quantify Cyber Risk for 3rd parties? Historically, questionnaires and or risk scoring have been the traditional tools used to evaluate the risk a 3rd party poses to an organisation. The Findings from questionnaires and risk scoring are often incredibly technical and complicated and are generally presented in heatmap style – red, orange, yellow, green – accompanied by a score and or letter grade, which aren't very useful in quantifying Risk to the business. To understand what the FAIR Model has to offer, let us first look at what we need to articulate to the Board or C-Level. In simplistic terms let’s begin by considering what Risk a 3rd Party could pose to an organisation if they were to share 2,000 data records with them. The Board or C-Level wants to know in financial terms what the cost to business will be if the 3rd Party is breached

By |2020-03-04T09:33:11+00:00January 28th, 2020|Blog|Comments Off on Why use the FAIR Model to quantify Cyber Risk for 3rd parties?