SubscriberWrites: Cyber Security: Your click, their catch

Thank you dear subscribers, we are overwhelmed with your response.

Your Turn is a unique section from ThePrint featuring points of view from its subscribers. If you are a subscriber, have a point of view, please send it to us. If not, do subscribe here: https://theprint.in/subscribe/

Research states that there were about 62,189 cybersecurity incidents. Enterprise-wide, cybersecurity plays a crucial role in an organization’s entire risk management plan. Global spending on cybersecurity goods and services is expected to surpass USD 1.75 trillion between 2021 and 2025, predicts Cybersecurity Ventures.

Microsoft and the US Take Control of 107 Russian Domains in a Large-Scale Cyber Fraud Raid

Microsoft and the U.S. The Department of Justice has taken control of 107 domain names that are being used by state-sponsored threat actors connected to Russia to enable cybercrime and abuse within the nation. “The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials,” said Deputy Attorney General Lisa Monaco.
An individual known by several aliases, including Blue Callisto, BlueCharlie (or TAG-53), Calisto (often written Callisto), Dancing Salome, Gossamer Bear, Iron Frontier, Star Blizzard (previously SEABORGIUM), TA446, and UNC4057, is identified as the threat actor responsible for the behavior.

According to assessments, the group functions as an operational unit under Center 18 of the Federal Security Service (FSB) of Russia. The United Kingdom and the United States of America imposed sanctions on two group members in December 2023 due to their criminal acts of spear-phishing and credential harvesting. The European Council levied penalties on the same two people in June 2024.

The threat actors used the recently taken-over 41 domains to violate federal law by obtaining information from a US department or agency without authorization, by breaking into a protected computer without authorization, and by causing harm to a protected computer.

The domains are purported to have been utilized in a spear-phishing campaign that targeted individuals, including the US government, in an effort to get login credentials and sensitive information. In a parallel civil lawsuit, Microsoft sought to take control of 66 more domain names that COLDRIVER had utilized to target more than 30 civil society groups and businesses between January 2023 and August 2024.

Threat management

Risk management is a nonstop process that adapts and changes over time. Repeating and continually monitoring the processes can help assure maximum coverage of known and unknown risks.

In cybersecurity, each new day brings unexpected challenges. As the CISO, it’s part of the job. Try as you might to do higher value work and spend time with loved ones, an attack can happen without warning, exposing your enterprise to a data breach. 

Three important steps of the risk management process are as follows:

• Identifying risks

Risk identification is the process of identifying and assessing threats to an organization, its operations and its workforce. For example, risk identification can include assessing IT security threats such as malware and ransomware, accidents, natural disasters and other potentially harmful events that could disrupt business operations.

• Risk analysis and assessment

Risk analysis involves establishing the probability that a risk event might occur and the potential outcome of each event. Risk evaluation compares the magnitude of each risk and ranks them according to prominence and consequence.

• Risk mitigation and monitoring

Risk mitigation refers to the process of planning and developing methods and options to reduce threats to project objectives. A project team might implement risk mitigation strategies to identify, monitor and evaluate risks and consequences inherent to completing a specific project, such as new product creation. Risk mitigation also includes the actions put into place to deal with issues and effects of those issues regarding a project.

The most common responses to risk:

• Risk avoidance

Avoidance is a method for mitigating risk by not participating in activities that may negatively affect the organization. Not making an investment or starting a product line are examples of such activities as they avoid the risk of loss.

• Risk reduction

This method of risk management attempts to minimize the loss, rather than completely eliminate it. While accepting the risk, it stays focused on keeping the loss contained and preventing it from spreading. An example of this in health insurance is preventive care.

• Risk sharing

When risks are shared, the possibility of loss is transferred from the individual to the group. A corporation is a good example of risk sharing—several investors pool their capital and each only bears a portion of the risk that the enterprise may fail.

• Transferring risk

Contractually transferring a risk to a third party, such as, insurance to cover possible property damage or injury shifts the risks associated with the property from the owner to the insurance company.

• Risk acceptance and retention

After all risk sharing, risk transfer and risk reduction measures have been implemented, some risks will remain since it is virtually impossible to eliminate all risks (except through risk avoidance). This is called residual risk.

What is risk management?

Risk management is the process of identifying, assessing and controlling financial, legal, strategic and security risks to an organization’s capital and earnings. These threats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents and natural disasters.

Why is risk management important?

If an unforeseen event catches your organization unaware, the impact could be minor, such as a small impact on your overhead costs. In a worst-case scenario, though, it could be catastrophic and have serious ramifications, such as a significant financial burden or even the closure of your business.

To reduce risk, an organization needs to apply resources to minimize, monitor and control the impact of negative events while maximizing positive events. A consistent, systemic and integrated approach to risk management can help determine how best to identify, manage and mitigate significant risks.

The risk management process

At the broadest level, risk management is a system of people, processes and technology that enables an organization to establish objectives in line with values and risks.

A successful risk assessment program must meet legal, contractual, internal, social and ethical goals, as well as monitor new technology-related regulations. By focusing attention on risk and committing the necessary resources to control and mitigate risk, a business protects itself from uncertainty, reduces costs and increases the likelihood of business continuity and success.

Advantages Of Threat management

• Secure infrastructure and applications : Realize end-to-end threat management for increasing threat vectors across operational technology (OT), Internet of Things (IoT) and Internet of Medical Things (IoMT).
• Proactive security to stay ahead of threats: Commit to proactive security to intelligently anticipate and respond to threats with expertise enabled by AI and automation.
• Reduced risk exposure: Perform routine testing and prioritize vulnerability remediation efforts with support from expert insights and AI.

Hence, Cybersecurity is a shared responsibility. It is a dynamic field that requires the collective responsibility of individuals, organizations, and developers. It involves both technological solutions and human diligence. Individuals can take steps to protect themselves: Individuals can protect themselves by changing passwords, using a password manager, deleting unused accounts, enabling two-factor authentication, and keeping software up to date.