Intelligent CISO Issue 16 - Page 24

threat updates UK The National Cyber Security Centre’s Active Cyber Defence report for 2019 has been published. It has revealed how the NCSC successfully prevented a scam to defraud thousands of UK citizens using a fake email address spoofing a UK airport, among thwarting other cyberattacks. Details of the criminal campaign are just one case study of many in Active Cyber Defence – The Second Year, the latest comprehensive analysis of the NCSC’s world-leading programme to protect the UK from cyberattacks. Other key findings for 2018 from the second ACD report include, in 2018 the NCSC took down 22,133 phishing campaigns hosted in UK delegated IP space, totalling 142,203 individual attacks; and 14,124 UK government- related phishing sites were removed. Visit ncsc.gov.uk/news/active-cyber-defence-report-2019 to access the full report. GLOBAL Kaspersky researchers have discovered that the Russian- speaking threat actor Turla has revamped its toolset: wrapping its famous JavaScript KopiLuwak malware in a new dropper called Topinambour, creating two similar versions in other languages and distributing its malware through infected installation packs for software that circumvents Internet censorship, among others. Researchers believe these measures are designed to minimise detection and precision target victims. Topinambour was spotted in an operation against government entities at the start of 2019. Turla is said to be a high-profile Russian-speaking threat actor with a known interest in cyberespionage against government and diplomatic related targets. It has a reputation for being innovative and for its signature KopiLuwak malware, first observed in late 2016. In 2019, Kaspersky researchers uncovered new tools and techniques introduced by the threat actor that increase stealth and help to minimise detection. 24 Issue 16 | www.intelligentciso.com