Hackers were enjoying the 2014 World Cup from Brazil, with cybercriminal activity dropping during the Germany-Argentina championship match, according to security company Imperva. Web attacks were higher during the quarterfinal and semifinal matches, however, but that traffic dropped during the finals.
Cybercriminals exploited security researchers distracted during the World Cup to launch attacks in an effort to compromise networks while no one was looking. Since the finals were on Sunday, that could have also led to a drop in hacker activity.
"We were surprised," noted Barry Shteiman, Imperva director of security strategy. "We thought that the attacks would be the same or even during the final. With a lot of attacks over the past few years... attackers [take advantage] of everyone turning from security operations to watching the game instead of the incoming attacks. They're not focused..."
Former NSA contractor Edward Snowden wants professionals to utilize data protection and encryption to communicate, and is reportedly working on some type of "encryption tools" to help protect sources. Remaining in Russia, with his asylum status extended, it's mainly unknown what the American has been doing with his spare time.
Snowden also is working on funding for the project, which will be used to keep communications between journalists and their anonymous sources secure from government spying.
"Journalists have to be particularly conscious about any sort of network signaling, any sort of connection, any sort of license-plate reading device that they pass on their way to a meeting point, any place they use their credit card, any place they take their phone, any email contact they have with the source because that very first contact, before encrypted communications are established, is enough to give it all away," Snowden recently said in an interview.
Suspected Russian hackers successfully breached NASDAQ in 2010, with malware reaching the company's servers. The FBI first noticed unusual network traffic originating from NASDAQ's systems in 2010, and the code was well written and designed to launch attacks.
Not surprisingly, Russian Embassy spokesperson Yevgeniy Khorishko said putting blame on Russia is "pure nonsense" and that the topic "is not even worth commenting on," though that is a typical response when Russia is blamed for cyberespionage efforts.
"We've seen a nation-state gain access to at least one of our stock exchanges, I'll put it that way, and it's not crystal clear what their final objective is," said Rep. Mike Rogers (R-MI), in a statement. "The bad news of that equation is, I'm not sure you will really know until that final trigger is pulled. And you never want to get to that."
Compromised Japanese pornography websites are being used to share the Win32/Aibatook banking Trojan, designed to steal banking credential information and hosting provider account credentials. The Trojan monitors where users are going inside of Web browsers, redirects Web pages, and tracking data that is inputted into online forms, according to ESET researchers.
Despite the Trojan being identified late last year, cybercriminals updated it a few months ago to target Japanese banks and other companies. Microsoft Internet Explorer remains the most popular Web browser in Japan - and despite great security improvements than previous versions - vulnerabilities are still being found and exploited.
"The exploitation success ratio is probably high enough for the Aibatook's operators," said Joan Calvet, ESET malware researcher, in a statement to SCMagazine. "Using a more powerful exploit pack and targeting other Web browsers would be the next logical step for the operators in order to increase the number of potential victims."
The use of distributed denial-of-service (DDoS) attacks by cybercriminals remains an effective and affordable strategy to compromise large targets. DDoS attacks topping 20Gbps during the first two quarters of 2014 doubled when compared to all four quarters of 2013 - and there have been more than 100 DDoS-related attacks with speeds of 100Gbps or higher so far.
Large-scale DDoS attacks are most worrisome for security experts, as thousands of compromised machines can flood targets with tremendous amounts of traffic. As more households have faster Internet service, the threat is becoming more complicated and difficult to properly prevent.
"The frequency of very large attacks continues to be an issue, and organizations should take an integrated, multi-layered approach to protection," said Darren Anstee, Arbor Networks Director of Solutions Architects, in a statement. "Even organizations with significant amounts of Internet connectivity can now see that capacity exhausted relatively easily by the attacks that are going on out there."
The wider adoption of 'smart' technology has presented cybercriminals with a unique opportunity to compromise emerging solutions that heavily rely on Internet connectivity. Both consumer and industrial smart technologies are becoming more common place, but security protocols are struggling to keep up at the moment.
The head of Recurity Labs, an IT security company based in Germany, noted it would have been possible for him to shut off the power, water and gas supply of the southern German town of Ettlingen. Using the utility network's IT grid, Felix Lindner and his team were able to gain control of its access grid, indicating how insecure critical infrastructure is at the moment.
"The smart metering system has been developed to provide security controls that mitigate the risks of security compromise," a British Department of Energy and Climate Change spokesperson told Reuters. "Smart metering system security uses international standards and common industry good practices, e.g. encryption of sensitive data, protection from viruses and malware, access control, tamper alerts on meters, two-party authorization of important messages to the meters and system monitoring."
Coffee shops, restaurants and other locations invite customers to use Wi-Fi, but many small businesses are struggling to handle some visitors leeching free Web access without being paying customers. It's not uncommon to see visitors purchase one item and occupy a table during peak customer times for long durations without making any additional purchases.
Time Warner Cable and other Internet service providers are working with businesses to create methods to ensure customers can access Wi-Fi, but don't try to abuse free Internet access. Many locations still rely on customers to use their best judgment and be courteous to their fellow visitors.
"For a large retailer, information is as valuable as anything else," said Thad Nation, Wired Wisconsin Executive Director, in a statement to local media. "Businesses wouldn't offer free Wi-Fi if people didn't spend money there and keep coming back. They make sure you're comfortable and have electrical outlets because a happy customer is a repeat customer."
Mobile phone providers want to have all the wireless spectrum they can get their hands-on. The catch is that wireless spectrum is very expensive making it hard to come up with the cash to get hands-on all the spectrum many firms want. That fact results in some odd bedfellows.
Such is the case with a planned partnership with Sprint and T-Mobile for the upcoming wireless spectrum auctions. The two are teaming up, despite being rivals in the wireless industry, to raise $10 billion that can be used to purchase wireless spectrum according to sources.
The spectrum that the two are eyeing is currently used by TV broadcasters. The auction will be held sometime in 2015. The funds that will be used in the spectrum purchase are part of the $45 billion SoftBank has put together to finance the Sprint purchase of T-Mobile, if the deal gets approved.
Malaysian Airlines flight MH17 was shot down this morning by suspected Ukrainian rebels near the country's border with Russia, according to Ukrainian Interior Ministry official. The flight with 295 passengers took off from Amsterdam and was heading to Kuala Lumpur, flying around 32,000 feet when it disappeared from radar while in Ukrainian airspace.
A pro-Russian group operating in Ukraine claimed they shot down a Ukrainian military plane - though military and aviation experts note the differences between commercial airliners, such as the Boeing 777, and military aircraft are recognizable. There are no indications an air-to-air missile launched from a fighter jet took down MH17, though details are relatively scarce at the moment. It's unknown if the missile was launched from the Ukrainian or Russian side of the border.
Although MH17's flight route is a typical one between the Netherlands and Kuala Lumpur, it seems reckless to fly over a conflict zone in which both sides possess surface-to-air missile technology. Ukrainian officials are scrambling to try to learn more about the incident, as the Prime Minister's office is prepared to launch an immediate inquiry.
Google has announced that it has a new way to make money off its aerial images that you see on Google maps. The search giant is now offering to sell the images to businesses that want to see their assets on a map. Google is selling the images directly to users looking to use them for public service projects.
Those projects can include things like property evaluation, environmental impact studies, and others. These images were previously available to users via the Maps API, but users could only view the images and were unable to manipulate them.
"We hear from organizations that they want to own and have access to aerial imagery for their business," said a Google spokesperson. Satellite images are still not available for purchase, only the aerial images Google offers.