Category Archives: Uncategorized

Recent DDoS in New Zealand

Webinar about DDos

If you were not able to attend the webinar about the recent DDoS in New Zealand mentioned in the previous post about the recent high profile DDoS attacks in New Zealand, you will not be able to view the recording unless you belong to the ITP. The recording is located here.

Another recent and interesting webinar organised by TUANZ took place on 15th September: 20Sep15 Cyber Security Briefing with KPMG. See note below about privacy

“DDoS
NZX page on 16/09/2020

Privacy note

If you care about your privacy, you can open the link in a browser private windows (but not Google Chrome which apparently still tracks you in private mode). Ideally, you should also be using a VPN and not log into any YouTube account.

The Al-Gebra Movement

Friday Humour

At Auckland airport today, an individual was arrested trying to board a flight while in possession of a ruler, a protractor, a set square, and a calculator. He was later discovered to be a school teacher attempting to leave the country as unable to survive financially in the city.

The public prosecutor believes the man is a member of the notorious Al-Gebra movement. The potential terrorist is being charged with carrying weapons of math instruction.

Al-Gebra is a very fearsome cult, indeed. The members of this dangerous organisation desire average solutions by means and extremes, and sometimes go off on a tangent in a search of absolute value.

They consist of quite shadowy figures, with names like “x” and “y”, and, although they are frequently referred to as “unknowns”, we know they really belong to a common denominator and are part of the axis of medieval with coordinates in every country.

As the great Greek mathematician Isosceles used to say,

there are 3 sides to every triangle, and if God had wanted us to have better weapons of math instruction, he would have given us more fingers and toes.

Therefore, I am extremely grateful that our government has given us a sine that it is intent on protracting us from these math-dogs who are so willing to disintegrate us with calculus disregard.

These statistic scumbags love to inflict plane on every sphere of influence.

Under the circumferences, it’s time we differentiate their root, make our point, and draw the line. These weapons of math instruction have the potential to decimate everything in their math on a scale never before seen. We therefore need to become exponents of a Higher Power and begin to factor-in random facts of vertex.

However the members of Al-Gebra continue to multiply. We can only hope that their days are numbered and the hypotenuse will tighten around their necks.

Original story here

The Ongoing War Against Cybercrime

The ongoing war against cybercrime

Nicholas Gilmour, Massey University and Andrew Colarik, Massey University

Cybercrime is estimated to cost the global economy upwards of US$400 billion a year, and these costs are expected to continue to rise.

At greatest risk is the financial industry as its assets are the easiest to monetise. These globally connected financial institutions have committed huge resources to hardening their information infrastructures that includes personnel, security services and mechanisms, and physical controls.

A recent survey of IT professionals working in the financial sector found that “only 16% felt very prepared to fend off intrusions aimed at financial accounts”.

Despite their best efforts, banking operations around the world have recently been breached by a single organised cybercrime operation for a reported US$1 billion.

So despite vast resources committed to preventing breaches, why do they continue to occur?

The weakest link: people

In today’s highly integrated, digitally dependent enterprise, a single digital path into an organisation willingly opened creates an opportunity for anyone who is both aggressive and entrepreneurial enough to commit cybercrime.

It does not matter how secure an organisation thinks its systems are against cyber attacks, all it needs is the action of a single staff member – either accidentally or intentionally – to breach that security.

Access by staff to email, the web and teleworking systems open the door to malicious code that then provides outsiders with internal access.

Even something as simple as a memory stick or thumb drive found in the parking lot can be the carrier of sophisticated root kits and remote administration tools (RAT) that can be used to gain remote access and hide malicious code.

This lets the attacker own the system that can be used to gain access. From there it’s a simple task to monitor internal activities using insiders’ credentials until enough process knowledge is gained.

Cyber criminals can then begin transferring key records, whole databases, and even transfers of account balances. This is simplified even further when key employees are assigned the access and a usage right to carry out certain transactions and it is these credentials that have been hijacked.

Cybercrime knows no boundaries and wears no face

The very nature of the internet as a global network allows international communications connecting people and supply chains almost anywhere in the world.

This allows criminals to access company systems from nearly any jurisdiction. Because law enforcement is a sovereign-based endeavour, multijurisdictional investigations require nations to collaborate.

Despite international agreements on cybercrime cooperation such as the Council of Europe’s Convention on Cybercrime the mobile nature of cyber-attacks requires specialised skill sets, fast response times and people resources in order to track and apprehend suspects.

When these resources come together, the anonymity and concealment the internet provides makes it difficult to prove that a given individual indeed used a given system to break the law.

Risk versus rewards with nominal costs

The existence of hacking tools and exploits has been around for decades.
However, the significant financial benefits of cybercrime have spawned a supporting service: malware for hire.

Crime is profitable and for a relatively modest sum, do-it-yourself toolkits and customisation services – available through the internet – can generate significant financial rewards. In other words, these services can create made-to-order malware for whatever purpose required.

The cost-benefit analysis to making money becomes easy when combined with a well-planned delivery approach and financial laundering scheme.

With the advent of digital currencies such as Bitcoin, stolen cash can easily be converted and transferred anywhere in the world.

Organised crime

Cybercrime has become big business. Driven by profit, organised crime has clearly extended its know-how to ensure widespread exploitation of open and hidden networks.

Utilising the skills of others and having an ability to control those master minding cybercrime endeavours, organised crime has confidently enlarged its entrepreneurial behaviour mimicking legitimate business practices to secure financial profit through strategic alignment of resources.

Whereas safe havens, weak states and outdated legislation once provided the necessary sanctuary for cybercrime, today anonymisation and encryption protect such activities.

Features such as these have altered the organisational structure of organised crime. Relationships have moved away from recognisable heirarchial structures to transient and transactional motivated criminal enterprises.

Improved cybercrime opportunities have also facilitated the laundering of illicit funds. As organised crime has become richer and more powerful, the concealed cyber facilitated criminal process has helped cyber criminals launder illicitly derived funds away from the oversight and regulation of the legitimate economy.

Thoughts for the future

Disabling cybercrime is possible, but like so many modern day harms, there is no simple solution. It is apparent that what we are doing to tackle cybercrime is not working.

Hence, future responses must be universal, and while enhanced communication and international commitment exist – it must remain resolute.

The components of cybercrime are diverse, encompassing victims on an international scale.

While practices do exist to counter the many facets of cyber crime, success is slight. Evidence of what works and what doesn’t would certainly support preventative activities.

By creating a comprehensive picture of cybercrime, it could then be possible to generate timely and accurate ground level assessments – helping to align transnational debate.

Then, and only then, can we begin to think outside the box, conjuring up new ideas on real world cyber related criminally driven problems to help the development of a new anti-cybercrime campaign.

The Conversation

This article was originally published on The Conversation.
Read the original article.

The ConversationCreative commons logo

CCNA topics (Part 2)

The Second CCNA Course

The topics included in the second CCNA course, Routing and Switching Essentials, will introduce the concepts and basic configuration of switched networks. The students then move on to VLANs then inter-VLAN routing. On the routing side , basics routing concepts are explained and the students get to configure static routing and single-area OSPF.

The last 3 topics explored in depth are Access Control Lists, DHCP and network address translation for IP version 4.

At the end of the first two courses, our student are ready to take and pass the CCENT certification examination : 100-101 ICND1

CCNA Student

CCNA Student

To enrol on one of our courses, get in touch via the contact page , or ring our administrator in Auckland on 09 968 8712

 

 

Cisco Courses Survey

Following feedback from students and potential students for the Cisco Courses at the Manukau Institute of Technology, we would like to know when best schedule our courses to fit your requirements and availability for the second semester of 2014. We would be grateful if you were able to take a short survey if you are intending to study with us from July.

You can find the survey  on http://goo.gl/NKuDF7.