INTERPOL and Nigerian Police bust business email compromise ring, arrest 11

Interpol and the Federal Federal Police of Nigeria today announced the arrest of 11 Business Email (BEC) players in Nigeria as part of an international operation to disrupt and tackle BEC’s sophisticated cybercrimes. According to the suspect, many of the suspects are members of it Silver Terrier, A network known for BEC scams that have affected thousands of companies around the world. The results are the latest example of industry efforts and law enforcement to thwart BEC activities, the most common and costly cyber threats facing organizations.

Operations focused on BEC technical activity, focused software skills and knowledge

According to Unit 42 at Palo Alto Networks, which shared intelligence and resources as part of the operation, the joint effort was innovative in its approach in that it did not target easily identifiable money separations or social media influencers who generally seem to benefit from these effects. Programs. “Instead, this action focused primarily on the technical backbone of BEC operations by focusing on players who have the skills and knowledge to build and deploy the malware and domain infrastructure used in these programs.” Unit 42 wrote in a blog post. Some of the arrested players have avoided prosecution in the last half decade due to the complexity of mapping global victims beyond the flow of stolen funds back to the source of malicious online activity.

BEC remains a significant security risk for organizations

While the success of the operation – known as Operation Falcon II – is positive for law enforcement and cyber security, it underscores the ongoing risk that BEC poses to businesses around the world. “BEC’s threat landscape is extremely active and evolving all the time,” Pete Renles, lead researcher in Unit 42, told the CSO. “As a type of threat, it has grown over the years and has become the most common and costly form of malicious cyber activity targeting our customers. In addition, while these attacks rarely lead to physical harm to victims’ organizations, the financial losses associated with these programs are often equally significant.”

As such, it is imperative that organizations continue to prioritize protections against email-based cyberattacks using prevention methods. As described in Unit 42’s blog, these include:

  • Review network security policies, focusing on the types of files that employees can download and open on devices connected to company networks.
  • Review mail server configurations, employee mail settings, and logs.
  • Conduct tailored and regular training for employee cyber awareness.
  • Perform table exercises and rehearsal investigations to determine sources of evidence and create contact points for reporting to appropriate authorities.
  • Perform compromise assessments on an annual or more frequent basis to review organizational controls and verify that there is no unauthorized activity in the environment.

“While identifying and preventing BEC programs should be a priority for organizations, we also believe that the best cyber security approach is the one that focuses on tools and capabilities that provide flexible full-range protection (BEC, ransomware, APTs, etc.) of possible threat vectors,” he concludes. Renals.

Copyright © 2022 IDG Communications, Inc.

Source

Interpol and the Federal Federal Police of Nigeria today announced the arrest of 11 Business Email (BEC) players in Nigeria as part of an international operation to disrupt and tackle BEC’s sophisticated cybercrimes. According to the suspect, many of the suspects are members of it Silver Terrier, A network known for BEC scams that have affected thousands of companies around the world. The results are the latest example of industry efforts and law enforcement to thwart BEC activities, the most common and costly cyber threats facing organizations.

Operations focused on BEC technical activity, focused software skills and knowledge

According to Unit 42 at Palo Alto Networks, which shared intelligence and resources as part of the operation, the joint effort was innovative in its approach in that it did not target easily identifiable money separations or social media influencers who generally seem to benefit from these effects. Programs. “Instead, this action focused primarily on the technical backbone of BEC operations by focusing on players who have the skills and knowledge to build and deploy the malware and domain infrastructure used in these programs.” Unit 42 wrote in a blog post. Some of the arrested players have avoided prosecution in the last half decade due to the complexity of mapping global victims beyond the flow of stolen funds back to the source of malicious online activity.

BEC remains a significant security risk for organizations

While the success of the operation – known as Operation Falcon II – is positive for law enforcement and cyber security, it underscores the ongoing risk that BEC poses to businesses around the world. “BEC’s threat landscape is extremely active and evolving all the time,” Pete Renles, lead researcher in Unit 42, told the CSO. “As a type of threat, it has grown over the years and has become the most common and costly form of malicious cyber activity targeting our customers. In addition, while these attacks rarely lead to physical harm to victims’ organizations, the financial losses associated with these programs are often equally significant.”

As such, it is imperative that organizations continue to prioritize protections against email-based cyberattacks using prevention methods. As described in Unit 42’s blog, these include:

  • Review network security policies, focusing on the types of files that employees can download and open on devices connected to company networks.
  • Review mail server configurations, employee mail settings, and logs.
  • Conduct tailored and regular training for employee cyber awareness.
  • Perform table exercises and rehearsal investigations to determine sources of evidence and create contact points for reporting to appropriate authorities.
  • Perform compromise assessments on an annual or more frequent basis to review organizational controls and verify that there is no unauthorized activity in the environment.

“While identifying and preventing BEC programs should be a priority for organizations, we also believe that the best cyber security approach is the one that focuses on tools and capabilities that provide flexible full-range protection (BEC, ransomware, APTs, etc.) of possible threat vectors,” he concludes. Renals.

Copyright © 2022 IDG Communications, Inc.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

Threat Intelligence Services Are Universally Valued by IT Staff

Almost all IT professionals believe that threat intelligence services and feeds will help their company get ready for and repulse malware attacks. Only...

Black Basta may be an all-star ransomware gang made up of former Conti and REvil members

The group has targeted 50 businesses from English speaking countries since April 2022. ...

APAC companies are failing to build successful digital models: Forrester

Approximately 61% of APAC organizations have failed to build robust and successful digital business business models, primarily due to unsound practices of enterprise architecture...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!