Author Archives: Albert Kramer

Digital espionage: what the Chinese have taught us

Boord, Blackboard, Internet, Bescherming, HackerRecently, a Dutch security firm has published an extensive report on the activities of a hacker organization by the exotic name of ‘Mofang’. Among their victims: several government agences and even some arms manufacturers. There are more than enough indications to conclude that these are all cases of digital espionage. Nor is it hard to conclude what country they are from. Based on some Chinese characters in the traces that weren’t deleted, and on the remarkably high number of  Myanmar organizations among the victims, we can safely conclude that Chinese hackers are behind this group. Continue reading

Cybercriminals and terrorists are more similar than we think

400x400Are terrorists really any different from cybercriminals? We stumbled upon terrorist content during our investigations on cybercriminal activity in the underground, and after a thorough analysis of it, we uncovered parallels in the way these two distinct groups operate online.

So yes, cybercriminals and terrorists are more similar than we think – they use similar platforms and services online, but also with some key differences. Continue reading

Hackers are targeting critical infrastructure

power-outageJust one month after the Ukrainian power network was the victim of a cyber attack, hackers did it again last week. This time they were able to penetrate the national electricity network of Israel. Minister of energy Steinitz announced this news himself, when the attack was still in full force. Contrary to in Ukraine, where the virus was detected and eliminated in time. Although the damage in the last attack was fairly limited, these two recent events demonstrate how hackers are more and more aiming at infrastructural targets. Continue reading

Anonymous and IS: hacktivism vs (online) terrorism


Last mont, shortly after the dramatic events in Paris, the online hacker community Anonymous announced more actions against IS (Islamic State). One of these actions was Anonymous’ appeal to everybody to make Friday 11 December ‘IS Trolling Day’, by criticizing and ridiculing IS on social media. This appeal followed actions by Anonymous hacktivists, such as blocking and publicly exposing hundreds of IS-related Twitter-accounts. Continue reading

As 600 million users are exposed to password hack, are your employee devices safe?

By Albert Kramer

Data-wissen-Trend-MicroBring Your Own Device (BYOD) has for the past few years been both a cause of sleepless nights for security bosses and a major flash point between the business and IT. To that we can now add wearable technology – smart watches, fitness trackers, head-mounted displays and the like which threaten to leak corporate data and expand the enterprise risk surface even further. IT consumerisation took another hit this month when research revealed that some of the most popular apps in the world have password brute force vulnerabilities, exposing as many as 600 million Android and iOS users. Continue reading

Heard it on the radio? :-) Your ID is just worth 700 euro in the Dark Web!

wp_below_the_surface_th It has been a quite interesting week for me. Believe it or not, I don’t get the opportunity to speak on two national (Radio 1 and BNR) radio broadcasting channels every week. The reason for this sudden interest? Trend Micro’s research on identity theft and the Deep Web, which made quite an impression. So of course I want to share this with our loyal audience as well.   Continue reading

Security can make or break your Azure project

security-experts-at-trend-micro-note-that-cloud-encryption-a-cornerstone_459_637835_0_14091055_300All or nothing is a really bad strategy for securing your Microsoft Azure workloads. Security in Azure is very much a shared responsibility. You need to know exactly what it is that you must secure, and what is covered by Microsoft.

Microsoft provides robust physical security, network infrastructure, and virtualization layer. Ideally, you will match their excellence with equally robust security for your workloads, including operating system, applications, and data.

But there’s a small catch. If you try to use traditional security to protect your applications and data in the cloud, you risk slowing your Azure project with needless complexity. There’s a simpler and more effective solution.  Continue reading

Moving to Office 365?

Be aware of your security responsibility !

Albert Kramer, Technical Manager Continental Europe

Albert Kramer, Technical Manager Continental Europe

An increasing number of companies has decided to host their office applications such as Microsoft Word, Excel and Powerpoint in the cloud. Also core services like mail, datastorage and sharepoint are hosted these days. No wonder really, because the underlying principle is very appealing: you no longer need to install software yourself, and the central storage in the cloud allows you to access your data anywhere and from any device. Highly convenient, isn’t it? But beware: switching from onsite applications to their hosted online equivalents also entails a certain degree of risk, particularly when it comes to data security.  Continue reading

Security is a shared responsibility

We are living in exciting times. The way we work is radically changing. We see businesses transforming into digital businesses, relying on social, mobile, analytics and cloud. Not only for collaboration purposes, but also for data storage, email, insights, etc.  When it comes to the cloud industry, we see great names as Microsoft, Amazon and Google Apps. They have extensive experience and yes, they have taken security measures to protect the data you trust them with. This, however, does not mean you can put your feet up and leave the security aspect entirely in the third parties’ hands.

So not only the way we work has changed, the way we should handle security should change too… Take greater control, maintain higher levels of security.  Continue reading

How do you select the best security solution for your organization?

post2Most organizations have already understood the importance of a decent IT security solution. And many of you do understand that ‘decent’ means more than just anti-virus. The current landscape of cyberthreats is far more complex than in the old days, when a decent scanning engine ‘at the network’s gates’ would stop virtually everything. These were the days when company software and hardware would never go outside of the company’s walls and the malware was created by spotty teenagers looking for their 5 minutes of fame.

Continue reading