Cyber Security Expert, Paulius Petretis Wonders Who Will Be Forced To Join New Club

Paulius Petretis, leading cyber security expert and CEO of VORAS Consulting talks about new club being started by cyber criminals responsible for worldwide WannaCry attack in May and reveals that in many instances many companies will feel obligated to join.

Vilnius, Lithuania – June 15, 2017 – Paulius Petretis, CEO of VORAS Consulting posted a new blog on the company website entitled “Who Will Become Members of The ‘Hacker-of-The-Month’ Club?” This new club is not one that anyone will want to join for prestige, but as Mr. Petretis points out, many will feel obligated to join.

Petretis writes, “Last month the world was hit with an unprecedented cyber attack.” He adds, “And, right on the heels of that attack, the group responsible posted a warning to expect even more widespread and damaging attacks this month.”

“In some places around the globe,” says Petretis, “June is typically the beginning of hurricane season. In the cyber-world, June may now be associated with the stormiest of seasons as well.”

According to Petretis, “The ‘ShadowBrokers’ as the cyber criminals call themselves are set to release more zero-day bugs and exploits for various desktop and mobile platforms. “ He elaborates, “This time, however, they are promising to leak the dates of the attacks, only to those who belong to their ‘club’.”

The entire blog can be read at: http://pauliuspetretis.freeua.agency/who-will-become-members-of-the-hacker-of-the-month-club/

 

Paulius Petretis

Paulius Petretis is an Information security expert, Certified Information Systems Security Professional (CISSP®), Certified Information Security Manager (CISM®), Certified Information Systems Auditor (CISA®), Certified in the Governance of Enterprise IT(CGEIT®) and Certified in Risk and Information Systems Control (CRISC®), Guest speaker at various conferences and seminars, Trainer at information security related training courses.

According to the annual survey initiated by the Info Security Europe, a whopping 93% of large organizations and 76% of small businesses had at least a single information security breach in 2011. Only 18% of the organizations affected by the infringements related to data protection laws had a consistent and effective contingency plan in place. According to Paulius, information is not something static – it evolves and mutates every day. It is the ecosystem of every business and if a single cell fails, it can bring down the entire business.

Therefore ensuring a consistent and up-to-date information protection policy must be the priority for all businesses – no matter how big or small they are. As it might be unrealistic to believe that any young or experienced entrepreneur can be the jack of all trades, the really smart decision is to rely on specialists who dedicate their professional lives to getting to know everything there is to know about protecting important business information.

With more than 16 years of experience in helping people, small businesses, and government organizations to protect their business secrets, Paulius believes that information security must help businesses achieve goals but not vice versa.

 

###

 

 

 

 

 

 

 

 

Who Will Become Members of The ‘Hacker-of-The-Month’ Club?

Last month the world was hit with an unprecedented cyber attack. And, right on the heels of that attack, the group responsible posted a warning to expect even more widespread and damaging attacks this month.

In some places around the globe, June is typically the beginning of hurricane season. In the cyber-world, June may now be associated with the stormiest of seasons as well. The ‘ShadowBrokers’ as the cyber criminals call themselves are set to release more zero-day bugs and exploits for various desktop and mobile platforms. This time, however, they are promising to leak the dates of the attacks, only to those who belong to their “club.”

Thehackernews.com published a statement released by the ShadowBrokers posted shortly after last month’s attack stating, “TheShadowBrokers is launching new monthly subscription model. Is being like [the] wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month.” (http://thehackernews.com/2017/05/shodow-brokers-wannacry-hacking.html?m=1)

This can be seen as good news/bad news. Good news because all of the upcoming alleged unpatched vulnerabilities will be patched after being disclosed. Bad news because the group will sell new zero-day exploits and hacking tools to private members with paid monthly subscription, instead of merely revealing them to Microsoft.
So, who will pay for membership in this hacker-of-the-month scheme? We can know for sure that other hackers and cyber criminal gangs will jump right in. Also state-sponsored hackers, perhaps some journalists and people from tech companies are a pretty sure bet for membership.

Now, the real question is this: Will those of us in cyber security be compelled to opt in to help our clients keep their data safe? I’ll keep you posted.

 

Director of VORAS Consulting, Paulius Petretis On Why Criminals Value Email Accounts

Paulius Petretis, leading cyber security expert reveals the importance email accounts have in the life of cyber criminals and why .

Vilnius, Lithuania – June 10, 2017 – Paulius Petretis, CEO of VORAS Consulting posted a new article on the company website entitled “How Much Is An Email Account Worth To Cyber Criminals”, in which Mr. Petretis speaks to the vulnerability of anyone with an email account.

Petretis points out that, “Just about everyone these days has an email account. Many people have more than one with separate personal and business email accounts.” He continues adding, “And a majority of people access their email accounts on their mobile devices. However, most people more than likely do not think about how their email accounts can be of value to cyber criminals.”

 According to Petretis, “Today cybercrime is escalating exponentially. Never has it been more important to be aware of the value cyber criminals place on email accounts. “ He continues to elaborate, “As of March of this year, 2017, there were 1.2 million email accounts for sale on the dark web marketplace. Among those are 245,000 Yahoo accounts and more than 500,000 Gmail accounts. And, all of them are sold complete with usernames, email addresses and passwords.”

“You may wonder what can be gained by being able to access your email account,” writes Petretis. He elaborates, “Well, think about the fact that whenever you set up your bank account or an account with a retailer, you are typically asked to provide your email address.”

He continues saying, “Whoever is in control of the email address can reset the password of any associated services or accounts –merely by requesting a password reset email. Hackers can access your contacts, your retail accounts and your bank accounts through your email account. So, as you can see, this can mean big business for the bad guys.”

 Petretis shares some interesting facts and figures provided at krebsonsecurity.come. He writes, “According to Krebsonsecurity.com there are price lists for various types of accounts that can be accessed through email accounts. As the article states, “One prominent credential seller in the underground peddles iTunes accounts for $8, and Fedex.com, Continental.com and United.com accounts for USD $6.  Groupon.com accounts fetch $5, while $4 buys hacked credentials at registrar and hosting providerGodaddy.com, as well as wireless providers att.com, Sprint.com, Verizonwireless.com, and Tmobile.com. Active accounts at Facebook and Twitter retail for just $2.50 apiece.” (https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/)

 

You Can’t Afford To Be Cavalier Even If You Don’t Do Business Online

Petretis points out that no one can afford to be cavalier, even those who consider themselves old fashioned and refrain from conducting any business online. He attempts to erode their confidence by revealing more info from krebsonsecurity.com. “Even if your email isn’t tied to online merchants, it is probably connected to other accounts you care about. Hacked email accounts are not only used to blast junk messages: They are harvested for the email addresses of your contacts. Those contacts can then be inundated with malware spam and phishing attacks. Those same contacts may even receive a message claiming you are stranded, penniless in a foreign country.”

(https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/)

 The entire article can be read at: http://pauliuspetretis.freeua.agency/how-much-is-an-email-account-worth-to-cyber-criminals/

 

Paulius Petretis

Paulius Petretis is an Information security expert, Certified Information Systems Security Professional (CISSP®), Certified Information Security Manager (CISM®), Certified Information System Auditor (CISA®), Certified in the Governance of Enterprise IT(CGEIT®) and Certified in Risk and Information Systems Control (CRISC®), Guest speaker at various conferences and seminars, Trainer at information security related training courses.

According to the annual survey initiated by the Info Security Europe, a whopping 93% of large organizations and 76% of small businesses had at least a single information security breach in 2011. Only 18% of the organizations affected by the infringements related to data protection laws had a consistent and effective contingency plan in place. According to Paulius, information is not something static – it evolves and mutates every day. It is the ecosystem of every business and if a single cell fails, it can bring down the entire business.

Therefore ensuring a consistent and up-to-date information protection policy must be the priority for all businesses – no matter how big or small they are. As it might be unrealistic to believe that any young or experienced entrepreneur can be the jack of all trades, the really smart decision is to rely on specialists who dedicate their professional lives to getting to know everything there is to know about protecting important business information.

With more than 16 years of experience in helping people, small businesses, and government organizations to protect their business secrets, Paulius believes that information security must help businesses achieve goals but not vice versa.

 

###