This week in the J2 CSC, How Lucrative is Cybercrime? SPY V. SPY, the Infosec Marshmallow and Early bird always catches the worm!

My 18 year old son recently decided to become a scuba-diver. Not a hobbyist scuba-diver, a full-blown professional. His journey starts here at the south western tip of Africa where the wild and unforgiving Indian and Atlantic oceans meet. Not only that, his want is to be the best scuba-diver in the world - Ever! Astronaut good. He dives every day, and every week-end to the point where he complains about the aches and pains that goes with frequent diving activities. There are a few home truths about scuba-diving, you cannot do it by yourself, you need a buddy. Every day he learns and improves his techniques and goes out as crew on boats from Simons Town, Kommetjie or Hout Bay harbours. Yes, I know what you’re thinking, some of the biggest and “bitiest” sea creatures and sharks existing within this part of the ocean. This does not deter him, he is fearless in his quest, and relentless in perusing his passion.

This made me reflect on my peers and the cybersecurity industry; can we say the same for our tenacity and passion? Do we hold ourselves up to the same high standards. To achieve high standards for ourselves or as part of a team, we must proactively communicate realistic beliefs within ourselves about how hard things are and are going to be – something that I believe each of us face each and every day. Some of us more successfully than others.

Learn from my son.
With this in mind, enjoy our roundup of stories for this week…

How Lucrative is Cybercrime, anyway?

The volume boggles the mind, I found this intriguing perspective. If cybercrime was a country, it would have the 13th highest GDP in the world.
Attackers generate $1.5 trillion in annual profit, which is about equal to the GDP of Russia, according to a new study on the interconnected economy of cybercrime.

Cybercrime Economy Generates $1.5 Trillion a Year |  Kelly Sheridan

SPY V. SPY

Spy vs. Spy is a wordless meme before memes were memes Published in Mad magazine. As a kid, I was always fascinated by their antics. Basically the cartoon features two agents involved in stereotypical and comical espionage activities. One is dressed in white, and the other in black, but they are otherwise identical, and are particularly known for their long, beaklike heads. The pair are constantly at war with each other, using a variety of booby-traps to inflict harm on another. The spies usually alternate between victory and defeat with each new strip.
This brings me to an NSA leak that revealed the agency's list of enemy hackers.

Spy v. Spy: an NSA leak reveals the agency's list of enemy hackers | Andy Greenberg

The InfoSec Marshmallow

The marshmallow experiment, is based on a delayed gratification test conducted back in the 1970s at Stanford University.  It was designed to see if children who exercised delayed gratification would end up (many years later) performing better on aptitude tests as well as other positive life outcomes. I wonder how some of us in the InfoSec community would have fared if we were subjects of that experiment.  Given the various InfoSec personality types, here are some of Bob’s comical thoughts about how we would potentially measure up.

The InfoSec Marshmallow | Bob Covello

Cyber protection for SMEs

According to the South African Banking Risk Information Centre (SABRIC), SA ranks third highest in the world for cyber-attacks. Whilst there do not appear to be stats on the local SME sector, internationally a report by Deloitte reveals that in Holland, cybercrime costs the Dutch SME sector 1 billion Euro each year. At today’s exchange rate, that equates to R16704 250 000,00. The figure for the Dutch economy as a whole is put at around €10 billion, or 1,3% of that country’s GDP.

Cyber protection for SMEs | Technews
SA Ranks World’s Third Highest Cybercrime Victims | Business Media MAGS
Cybercrime costs Dutch SME sector €1 billion each year | Deloitte NL

Worm Resurfaces

(Guest Post by my friend and colleague Jarred Reid-Robertson)
Over the past week, I have seen an upsurge in alerts across the customer base; whereby a worm has been seen surfacing introduced by removable media devices.

Let me give a short boring description of what a computer worm is “A computer worm is a form of malware computer program that replicates itself in order to spread to other computers with the ability to change itself to avoid being detected by signature based anti-viruses”.

This worm is doing the rounds and seems to exploit the windows autorun.ini feature which automatically execute the worm. It spreads to the computer which in turn could infect files such as “google chrome.ink” and if left unchecked your entire environment.

I have two pieces of advice:

The First One, check your antivirus solutions and confirm with your managed service providers and teams that they are aware and ensuring the latest antivirus detection rules and latest patching levels.  As my team and I continuously monitor these types of threats, please contact me for advice and support. 

The Second piece of advice I can give is to review the autorun feature within your IT environments and enforce centralised policy. I always, as a rule, disable them within managed IT environments and as a policy we block this feature.

Does your Anti-Virus still only do signature-based Detection? | Rakesh Sharma
Worm:Win32/Autorun.gen!inf | Microsoft