Cyber Security MEETUP
Cybersecurity in-depth in APAC Ian Yip, APAC CTO at McAfee
I
n this episode we are joined in Singapore by
administrator access to a PC, something great for
Ian Yip, APAC CTO at McAfee and discuss
solving IT challenges, but potentially devastating
the impact of Singapore’s Cyber Security Act
if in the wrong hands. In this instance, any hacker
and the key regional trends being observed. We
wanting to gain control of the airport’s system only
also discuss the business structure and scale of
needed a few dollars to access to a compromised
McAfee and dive into McAfee’s latest Threat Report,
machine and potentially carry out a myriad of large-
June 2018 with highlights around the latest cyber
scale attacks that could have severe consequences
campaigns – Gold Dragon Expands the Reach of
for the airport and its customers. For example, RDP
Olympics Attacks: Lazarus Rises Again, Targeting
can be used as an entry point to send spam, create
Cryptocurrency Users; and Advanced Data-Stealing
false security alerts, steal data, credentials and even
Implants GhostSecret and Bankshot Have Global
mine cryptocurrency. As we saw with the recent
Reach and Implications.
SamSam ransomware campaign against several US
Ian also provides valuable advice as to the vulnerabilities of blockchain technology and concludes with insight into communicating to
institutions, RDP was used to enact the attack and claim ransoms as high as $40k. Recent trends in dark web marketplaces are
the Enterprise C-Suite and an upcoming McAfee
also outlined in the research. One key finding is that
whitepaper.
RDP shops are growing in their size and abundance
Also in recent news, McAfee’s Advanced Threat
on the dark web – ranging from 15 to more than
Research team have revealed in an investigation
40,000 RDP connections for sale at Ultimate
into underground hacker marketplaces, a major
Anonymity Service (UAS), a Russian business and
international airport’s security system (including
the largest active shop they researched.
building security automation) for sale on the dark web via a Russian ‘RDP shop’. The asking price: just $10. Remote Desktop Protocol (RDP) is a proprietary Microsoft protocol that enables remote
42 | Australian Security Magazine
You can find further details of the attack in McAfee’s latest blog post.
Ian Yip, APAC CTO at McAfee