Author: ITWeb Africa
"Intriguingly challenging," is how one student described ITWeb's 2019 #SS19Hack Ideathon, held at the Tshimologong Digital Innovation Precinct in Braamfontein this past weekend.
The ideathon is a build-up to the third annual cyber security-focused hackathon that will run alongside ITWeb Security Summit 2019 from 27 to 31 May.
Organised by ITWeb in partnership with Snode Technologies and Geekulcha, the full-day software development training and brainstorming event hosted a bunch of young tech enthusiasts eager to learn new skills and solve problems.
Mixo Ngoveni, founder of Geekulcha, told ITWeb the aim of the #SS19Hack Ideathon, and ultimately the hackathon in May, is to improve cyber security skills, tools and capabilities in the country. "With this one in particular, it is all about protecting the connected citizen."
Those in attendance (students, tech entrepreneurs, software and hardware developers, designers and analysts) were welcomed by Kendal Makgamathe, community manager at Tshimologong, and Ivan Regasek, ITWeb CEO.
The participants were separated into two teams: the red team (the attackers) and the blue team (the defence).
Nithen Naidoo, founder and CEO of Snode Technologies, said the idea behind breaking the teams into two was about the "gamification" concepts, and making it more exciting for both the players and supporters.
Ridewaan Hanslo, software engineer, advisor and researcher at CSIR, told the blue team: "You are the people that must find solutions. They [hackers] get glorified by finding problems; that's typically how it works."
Steve Jump, head of corporate information security governance at Telkom, was one of the mentors and spoke to students about the importance of "securing by design" when writing software.
Solomon Bhala, senior manager of cyber threat detection and response at PwC, gave a detailed credit card fraud presentation that had teams actively participating and asking questions around cyber attacks and credit card fraud.
Naidoo noted Snode is working with PwC and a few large security companies to offer all the participants three-month internships so they can take the skills they have learned at the #SS19Hack Ideathon and implement them. They would get to work with knowledgeable cyber security teams, get paid, and potentially become full-time employees of those companies.
"So it is a great opportunity not just for us to nurture talent but to source it for other cyber security companies."
Author: MEST Africa On February 28, 2019, MEST Incubator Cape Town welcomed over 100 people to watch the MEST Africa Challenge regional pitch competition. After assessing nine top startups based on their validated problem and solution, business model, market size, MVP, competitor analysis, go-to-market execution and team buildup, the judges were excited to announce the winner from South Africa was Snode Technologies, a cybersecurity and intelligence business that leverages mathematics to analyse data in real-time at scale. Eight years ago, Snode Founder and CEO Nithen Naidoo decided that the way we approach defense is flawed because of how easy it is becoming to bypass security controls. The World Economic Forum lists cybercrime as one of the top ten risks facing mankind. By 2021, the global cybersecurity spend will be over $1 Trillion, and we would have lost $6 Trillion to cybercriminals. Nithen decided a more innovative solution was required to address the risks associated with cybersecurity globally. He created Snode to gain insight into prevailing patterns, which are not visible to the human eye, allowing users to identify attacks before they happen. Snode’s unique approach to cybersecurity leverages advanced mathematical algorithms and the power of machine learning to process dynamic data, in any format, at any scale, in real-time. Its target audience is varied, as its ability to passively defend infrastructure, without affecting critical business operations, has made it attractive to mining, logistics and telecommunication businesses. When asked why people will be excited about their company, Snode told us, “This is an innovative African solution that has been embraced globally due to its effectiveness, efficiency and simplicity. It solves a serious global problem, in a truly African way, using our local creativity and ingenuity.” Over the next 2–3 years, Snode hopes to scale to the rest of Africa, South East Asia and the Middle East, and says winning the MEST Africa Challenge finals would “give us the platform to access new African markets, build brand awareness and trust across the continent.” MEST and Microsoft look forward to welcoming the Snode Technologies team to the finals at the MEST Africa Summit in June!
The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) have issued a joint Malware Analysis Report (AR19-129A) on a new malware variant used by the North Korean government. This malware was detected while tracking the malicious activities of the North Korean-backed hacking group Hidden Cobra (also known as Lazarus) and has been identified as Electricfish. Lazarus Group is a cybercrime group made up of an unknown number of individuals. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them over the last decade. A notable attack by the group is the attack on Sony Pictures in 2014, which was the start to one of the largest corporate breaches in recent history. The hackers were able to cripple the Sony network for several days and gain access to valuable insider information including previously unreleased films and the personal information of approximately 4,000 past and present employees. The group was also able to access internal emails and reveal some very speculative practices going on at Sony. This latest report on Electricfish, published on the US-CERT website, comes with a detailed analysis of one malicious 32-bit executable file found to be infected with Lazarus' Electricfish malware. In this file, the malware appears to implement a custom protocol that creates a connection between the infected host and an external, malicious, destination host, bypassing authentication controls to reach outside of the network. Once a connection has been established, the Electricfish malware is able to funnel internet traffic between the two machines allowing the malicious actors to funnel information collected from compromised computers to servers that they control. The full, detailed report and analysis for the Electricfish malware sample as well as a full list of Indicators of Compromise (IoC’s) are available within the AR19-129A advisory.