this post was submitted on 25 Nov 2023
98 points (97.1% liked)

Technology

59347 readers
5227 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

‘I employ a lot of hackers’: how a stock exchange chief deters cyber-attacks::Six Group, which operates the Swiss and Spanish bourses, is a target for cyberwarfare and must be on guard, its boss says

all 5 comments
sorted by: hot top controversial new old
[–] [email protected] 11 points 11 months ago (2 children)

Bold move, Cotton. Lets see how it works out

[–] [email protected] 18 points 11 months ago (1 children)

Pretty much a lot of "training" in cyber security is a mix of best-practice and how to hack shit, so employing people who have experience in the field isn't a terrible idea provided you can vet them.

After all, Mitnick started up a successful cyber security company and many others have hired people who have been caught doing clever but naughty stuff due to being curious and bored target than actual malicious intent.

At the least, you'd probably be more likely to get somebody who knows how stuff works as opposed to some of the "I clicked the scan button and ran a pentest report sorted by CVSS score" types who know jack shit about actually security.

[–] [email protected] 8 points 11 months ago

"Poachers make the best Gamekeepers" has been a trope for centuries. "Hackers make the best Cyber Security Experts" is just the modern iteration of it. You're screwed if you try and do it on the cheap, but pay them well and they are happy. They get to use their skills, and play, while their money is now all legit.

[–] [email protected] 4 points 11 months ago

This is the best summary I could come up with:


Its operations, which include the Spanish and Swiss stock exchanges, count as critical national infrastructure and this gives it a close relationship with governments and regulators in Madrid and Zurich.

The hack earlier this month on the Wall Street arm of China’s biggest bank, ICBC Financial Services, has put cybersecurity at the forefront of economic security debates again.

The move disrupted the US Treasury market by forcing ICBC FS clients to reroute trades, with some settled by couriering the details across Manhattan on a USB stick.

Still, the scale and nature of the ransomware onslaught – the same kind of attack that triggered a shutdown of money transfer service Travelex in 2020 – underlines the evolving risk such companies face.

Six Group has invested in three tranches of cybersecurity, Dijsselhof says: walls to stop people getting in; containment systems for if they do get in; and recovery functions for when someone is “holding hostage” any part of the business.

After “social engineering” efforts using personal details to target staff were uncovered, badges no longer carry last names, clean-desk policies are far more strictly enforced and the processing and communication of sensitive information is now subject to higher bars of regular mandatory training.


The original article contains 838 words, the summary contains 202 words. Saved 76%. I'm a bot and I'm open source!