TweakTown NewsRefine News by Category:
The NSA and GCHQ might have the most developed spy programs uncovered by former NSA contractor Edward Snowden, but recent documents reveal the Canadian Communications Security Establishment (CSE) project also has widespread surveillance operations. Canada is a member of the "Five Eyes" intelligence-sharing network along with Australia, the United States, UK and New Zealand - though is often quieter regarding its operations.
The CSE "Levitation" program focused on 10 to 15 million uploads and downloads from free websites per day, designed to fight terrorism and defend national security.
"Every single thing that you do - in this case uploading/downloading files to these sites - that act is being archived, collected and analyzed," said Ron Deibert, director of the Internet security think tank Citizen Lab, in a statement to the CBC.
Hackers hijacked Taylor Swift's Twitter and Instagram accounts today, threatening to release naked pictures of the popular singer. Swift has bitten back, announcing on her Twitter that there are no 'nudes' to be had and the only way they could 'uncover' anything would be to use Photoshop.
After stating that her Twitter had been compromised though Tumblr, she later announced that her Instagram had also fallen victim. People are questioning if the superstar has been using the same password for multiple social media accounts, as it's uncommon to see a small amount of accounts compromised like this - usually its a singular service taken or its everything in one go.
The hacker-made tweets have now been deleted from her account and everything has gone back to normal. Seemingly Swift has been able to shake it off quite well - laughing in the face of the hackers.
Launching cyberattacks against targets once was a time intensive, difficult and costly effort, but it has become easier and inexpensive to launch distributed denial of service (DDoS) attacks.
Groups such as Anonymous and Lizard Squad are able to launch devastating attacks against large corporations and major targets using botnets of hijacked computers and routers. However, companies are becoming better at identifying these types of cyberattacks, but prove to be hugely inconvenient when the attacks succeed.
"There's been a massive jump in the number of very large attacks going on out there," said Darren Anstee, senior analyst at Arbor, while speaking to BBC. "In 2014 we saw more volumetric attacks, with attackers trying to knock people offline by saturating their access to the Internet."
The US government is no stranger to casting a large net in hopes of catching a few fish, so news of a new vehicle tracking database isn't entirely surprising. The Justice Department has a sophisticated database to track vehicle movements, and several other agencies are already using the data.
Several US law enforcement agencies already use automated license plate scanners mounted to police vehicles, and there also stationary systems that monitor highways and also take pictures of the vehicles. Some of these systems can actually be used to identify individuals inside of the vehicles.
The Justice Department has noted that there are already 343 million records in the database. This data includes the vehicle, time, and direction of travel. The primary intention is to find trafficking offenders for the DEA, but the Justice Department plans to expand the system to search for vehicles involved in rapes and murders. There is no word if the system will be expanded to encompass even more types of crime.
Companies have struggled against cyberattacks and distributed denial of service (DDoS) attacks, while mobile devices remain "the perfect target for attackers," said Thomas Tschersich, Deutsche Telekom's computer security chief.
Cybercriminals are able to easily compromise mobile devices, and with connection speeds via mobile topping many home broadband connections, can be exploited to launch attacks against targets. To counter this threat, Deutsche Telekom informs around 20,000 German subscribers per month about malware infection - and urges them to remove the malware.
Despite Deutsche Telekom's proactive efforts, attack bandwidth is estimated at several gigabytes per hour from these mobile devices. For just a couple hundred euros, criminals are able to launch attack and generate an impressive return on investment (ROI) for their efforts.
The Lizard Squad hacker group crippled the website of Malaysia Airlines for about seven hours on Monday morning, threatening to release stolen information. The website was replaced by a "404 - Plane Not Found" statement, referring to two major airline disaster suffered by Malaysia Airlines in 2014.
Although Malaysia Airlines said user data was not compromised, Lizard Squad posted a screenshot that appeared to be a passenger flight booking from MA's internal email system - and promised that it was "going to dump some loot found on malaysiaairlines.com servers soon."
The hacker group has been linked to multiple high-profile cyberattacks over the past year, including bringing down Microsoft Xbox Live and Sony PlayStation Network on Christmas Day.
Business leaders need to become more computer literate so they are better able to understand evolving threats posed by cybercriminals. Criminals are using the digital equivalent of an F-16 fighter jet to launch attacks against governments and corporations, finding surprising levels of success, according to an Israeli cybersecurity expert.
"The breakers in cyber are one step ahead of the makers... we're out of equilibrium," said Nadav Zafrir, former Israel Defense Force tech commander and founder of Team8 Cyber Security Venture Creation, during a recent meeting with corporate leaders. "You have to redefine control. You have to let go, and it's scary. It's too important to leave it to the cyber experts. You [the CEO] have to become cyber literate."
Business leaders are confused in their efforts to defend against cyberattacks, often unsure how to prevent data breaches - and what to do if one occurs. However, analysts and experts recommend companies focus on preventing insider attacks, try to clamp down on outside threats, and have a recovery plan in case a breach does take place.
Dennis Rodman doesn't believe North Korea is responsible for attacking Sony Pictures, with the former NBA champion thinking Pyongyang wouldn't lash out against Sony Pictures just for making "The Interview."
"If the North wanted to hack anything in the world, anything in the world, really, they are going to go hack a movie? Really?!" Rodman recently said in an interview with The Hollywood Reporter. "How many movies have there been attacking North Korea? And they never hacked those. North Korea is going to hack a comedy, a movie that is really nothing? I can't see that happening. Of all the companies... really? Over a movie?
It's worth noting, however, North Korea has been blamed for attacking South Korean infrastructure, including financial institutions - and has a budding cybercriminal unit that is well-trained and financed by Pyongyang. Furthermore, if North Korea actually is responsible for breaching SPE, it was likely done to further develop its cyberespionage abilities that could be used against future targets.
Reports were published within the past week that more than 1,800 Minecraft accounts were hacked, with passwords leaked online - but the company has defended itself, and it looks like phishing attacks are to blame.
"No! We haven't been hacked," said Owen Hill, Chief World Officer at Mojang, in a published blog post. " No one has gained access to the Mojang mainframe. Even if they did, we store your passwords in a super encrypted format. Honestly, you don't need to panic."
Affected Minecraft players have been emailed and will now need to reset their passwords. If you want to change your password just in case, head to Minecraft.net/resetpassword.
Business leaders are paying attention to cybersecurity more than they were in recent years, but struggle to find methods to keep networks secure. Trying to determine what steps to take remains a complicated issue, especially with some companies discovering data breaches months after the initial incident occurs.
There are a number of potential problems for companies trying to keep their networks secure, as potential attacks originate from a variety of sources. Much focus is dedicated to preventing a breach, but business leaders also need to focus on the likelihood that a cyberattack was successful:
"The role of organized crime and government-sanctioned hacking will continue to thwart cybersecurity efforts [in 2015]," said JF Roy, CTO of TIBCO LogLogic, in a statement to TweakTown. "Breaches will continue to be discovered after the fact, which means that businesses must update their security and risk management plans to include incident response policies with contingencies for involvement of federal law enforcement."