Posts Tagged With ‘Cybercriminals’


EC-Council Forewarns Organizations About the Dangers of Phishing Attacks as Cybercriminals Move to More Concentrated Hacking Methods

New research shows that cyber criminals are moving away from mass spam attacks and focusing on more targeted hacking techniques. The most common of these methods is phishing. EC-Council has released a comprehensive guide on steps organizations can take to prevent disastrous security breaches.
February 13, 2012, Albuquerque, NM- Recent research shows that cybercriminals have moved from large mass spam attacks to more targeted techniques. One of the most common of these attacks is phishing, an attempt by cybercriminals and identity thieves to obtain sensitive information by masquerading as a legitimate and trustworthy source.

In order to keep organizations’ information secure, it is crucial for Information Assurance leaders to understand the two types of phishing methods: spear phishing and whaling, and the devastating risks they carry. Spear phishing is the most commonly used phishing method. Experts cite the amount of money generated as the reason for the switch to more concentrated attacks.

According to recent research conducted by Cisco, “Spear phishing attacks have proven to be both highly dangerous to victims and immensely valuable to cyber criminals. A vastly customized phishing attack can net 10 times the profit of a mass attack.” Cisco estimates the annual global cost of targeted attacks to organizations is $1.29 billion.

Sameer Shelke, IT Services and Risk Management Leader, says “Tackling phishing attacks can be immensely challenging as phishing emails are usually very convincing and it is hard to distinguish them from genuine emails. Risk management and control mechanisms against such social engineering attacks need to be dynamic in order to keep up with evolving security risks.” Shelke goes on to say, “While upgrading to advanced security solutions is crucial, educating people about phishing is also equally important.”

 

EC-Council recently released a White Paper written by Shelke that explores differences between spear phishing and whaling and offers solutions to combat phishing attacks. To download Shelke’s White Paper “Shield Your Business – Combat Phishing Attacks”, please visit: https://www.eccouncil.org/ciso/resourcesTo be successful at combating these attacks, an organization needs to have strong leadership in place. An effective Chief Information Security Officer (CISO) will lead a high performing information security (IS) program that protects against cyber crime and security breaches. EC-Council created the Global CISO Executive Summit Series to unite the IS leaders across the world in the fight against cyber crime. The CISO Executive Summits provide a platform for continuous learning where the most recent infosec threats and landscape evolution can be discussed.

 

EC-Council is committed to providing Information Assurance Executive Professionals with the latest Information Security news and trends from the industry’s leading experts If this White Paper is of interest, it is encouraged to also look into EC-Council’s Certified Chief Information Security Officer (C|CISO) Certification and EC-Council’s CISO Executive Summit Series. To view the full report from the CISO Executive Summit, please go to this link. If you would like to attend or speak at upcoming CISO Executive Summits and would like to receive more information, please click here.

Contact:

Marissa Easter – Marketing Communications Specialist (marissa.easter@eccouncil.org)

 

About EC-Council’s Chief Information Security Officer (C|CISO) Certification:

C|CISO is the first certification of its kind to equip Information Assurance leaders with the most effective toolset to defend organizations from cyber attacks. It recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organization goals. Applicants can take advantage of the Grandfather Provision until September 2012. The Grandfather Provision is open to highly-skilled and experienced professionals who can demonstrate and prove proficiency in the 5 C|CISO domains. For more information about C|CISO, please visit: http://www.eccouncil.org/ciso

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.


World’s Most Comprehensive Computer Forensics Certification – Computer Hacking Forensics Investigator (C|HFI) Version 8 is Available Now

EC-Council releases the brand new Version 8 of the Computer Hacking Forensics Investigator (C|HFI) Certification Program. C|HFI is designed to equip security professionals with the necessary skills to identify an intruder’s footprints and to properly gather the required evidence to prosecute in the court of law.

January 24, 2012, Albuquerque, New Mexico – EC-Council announces the availability of the all-new Version 8 of the Computer Hacking Forensics Investigator (C|HFI) program. The program will be available on February 27th, 2012 exclusively in 20 training centers across 15 countries.

A report by Symantec confirms that “Cybercrime has surpassed illegal trafficking as the leading criminal money maker.” With lucrative returns, low risk and difficulty of providing admissible evidence in courts of law, computer and networks become the fastest growing technology tools favored by criminals. With the cost of security breaches almost tripling every two years, organizations need to designate well-trained security professionals to perform digital discovery, evidence acquisition and analysis in an acceptable manner to ensure that they trace, reduce or eliminate key security risks that face their organizations.

EC-Council C|HFIv8 program prepares designated security professionals to track, investigate and apprehend cyber criminals from the inside and outside of the organization.

CHFIv8 presents a detailed methodological approach towards computer forensics and evidence analysis. It is a comprehensive course covering important forensic investigation scenarios that enables students to acquire hands-on experience on various forensic investigation techniques and standard forensic tools. This skillset is necessary to successfully carryout a thorough computer forensic analysis leading to prosecution of perpetrators.

Among the salient features of the C|HFIv8 are:

Jay Bavisi, President of EC-Council said, “According to PwC’s information security Breaches Survey 2010, nearly half of the large organizations admit that they have experienced insider threats (misuse of web and email access, misuse of confidential information, and unauthorized access to systems or data). Organizations today face a very challenging threat in the form of insider abuse that must be addressed to ensure the safety of their organizations’ digital assets.”

A C|HFI v8 professional will be able to understand:

How to track e-mails and investigate e-mail crimes.

EC-Council has certified professionals from Fortune 500 companies as well as various IT giants, conglomerates and government agencies around the world. The corporations and agencies include: US Department of Defence, FBI, CIA, Microsoft, Symantec, Deloitte, and IBM.
For more information, please contact the nearest authorized training center or http://eccouncil.org/chfi/index.html.

Contact:

Kanesan Visvanathan- Products and Operations Executive- kanesan@eccouncil.org

About EC-Council:

The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cyber security and e-commerce. It is the owner and developer of 20 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), Certified Security Analyst /Licensed Penetration Tester (ECSA/LPT) certification and Certified Chief Information Security Officer (C|CISO). EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. EC-Council’s certification programs are offered by over 450 training centers across 87 countries. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Department of Defense via DoD 8570.01-M, the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates EC-Council University and the global series of Hacker Halted information security conferences. For more information about EC-Council visit www.eccouncil.org, follow @ECCouncil on Twitter, LinkedIn or visit EC-Council’s Facebook page.