TweakTown NewsRefine News by Category:
The FBI has recently issued a warning to U.S. companies that potential Chinese state-sponsored hackers have unleashed another wave of cyberattacks - and it appears targeting customers and conducting cyber espionage are the top goals. The memo sent to corporations warns them who is suspected of targeting them, and the methods they are using to gain access.
"The FBI has recently observed online intrusions that we attribute to Chinese government affiliated actors," said Josh Campbell, FBI spokesperson. "Private sector security firms have also identified similar intrusions and have released defensive information related to those intrusions."
The threat of foreign-based cyberattacks is nothing new, but the hackers - largely sponsored by governments - have continued to evolve their attack strategies. Trying to stifle their success has proven to be extremely difficult, while millions of U.S. citizens have been caught in the cross fire.
The CryptoWall ransomware has migrated to the TOR network, encrypting critical files that are necessary to conduct day-to-day operations for business users. Ideally for the cybercriminals, users won't be able to rely on a backup and the company will instead choose to pay the ransom for access to their own PCs and servers. Using TOR makes CryptoWall 2.0 more difficult to track down and remove, giving cybercriminals a potential goldmine as they victimize businesses.
KnowBe4 was contacted by a company that was hit by the new variant of CryptoWall, with the IT admin's computer infected - which spread to seven servers in just one hour, shutting down the entire server farm. Despite having recent backups that could be used, there would be too much downtime to recover data and have the servers operational in a timely manner.
"The cyber criminals hit pay dirt with this one and the admin ended up paying the ransom, 1.3 bitcoin, rather than face the serious costs caused by days of downtime," said Stu Sjouwerman, KnowBe4 CEO, in a press statement. "This is the next generation of ransomware and you can expect this new version to spread like wildfire."
Around 100 cybercriminal kingpins help wreak havoc on the world, according to Troels Oerting, the head of the Europol Cybercrime Center. Trying to crack down on cybercriminals can be a daunting task, especially trying to bring them to justice, as Web-based attack activity largely remains a borderless bureaucratic nightmare.
"We roughly know who they are," Oerting recently said. "If we can take them out of the equation then the rest will fall down. This is not a static number, it will increase unfortunately. We can still cope but the criminals have more resources and they do not have obstacles. They are driven by greed and profit and they produce malware at a speed that we have difficulties catching up with."
Not surprisingly, many of the leading cybercriminal bosses are in Russian-speaking countries - though cybersecurity experts also warned of growing threats from China. Trying to bring these criminals to justice is near impossible, with Russia and other Eastern European nations ignoring the western world when it comes to apprehending these criminals, Europol noted.
Banking giant JPMorgan Chase was victimized by cybercriminals, and more than 80 million customers are at risk due to stolen customer information. JPMorgan CEO Jamie Dimon said private businesses and federal governments need to better cooperate to defend against a growing wave of sophisticated cyberattacks.
JPMorgan reportedly spends upwards of $250 million per year - along with a security staff of 1,000 employees - to help try to defend against cyberattacks. Unfortunately, their efforts were unsuccessful, as hackers are keen to try to compromise financial institutions. JPMorgan has discussed the breach with other banks, in an effort to prevent them from being victimized by the same type of attacks.
"Cyber is a big deal," Dimon recently said. It's going to be an ongoing battle, and unfortunately battles will be lost."
Computer security companies have had their hands full keeping PCs and other devices secure from cyberattackers, and while mobile malware is still overlooked, the threats are continuing to grow. There is serious concern that hackers will infect smartphones and tablets using malicious programs that are able to act like legitimate apps - giving them access to a large amount of information on mobile devices.
"We think the threat is real; we think it's a growing threat," said Gary Davis, McAfee chief consumer security evangelist. "We think there's a laissez-faire attitude with consumers not giving it the same kind of attention they give other threats."
Despite the lack of mobile attacks, where Google Android devices receive 98 percent of total mobile threats found in the wild, other operating systems need to be aware of security problems. Furthermore, mobile malware still has a lot of room to grow, even with thousands of Android-based malicious threats already spotted by security researchers.
Russian hackers were able to target NATO, Ukraine, European Union and private sector companies using a Microsoft Windows exploit, according to iSight Partners. Russia reportedly has organized state-sponsored cyberattacks, so it's no surprise to hear they launched attacks against geographic and political rivals. iSight informed Microsoft about the problem so the company is able to resolve problems and plug the hole to prevent future intrusions.
iSight wasn't able to confirm what type of data was taken in the data breaches, though cyberattacks originating from Russia continue to plague companies. Furthermore, the five-year cyber espionage effort, named "Sandworm Team" by iSight, also included references to science fiction series in the malicious code.
"Your targets almost certainly have to do with your interests," said John Hultquist, iSight cyber espionage head. "We see strong ties to Russian origins here."
Information service company Experian wants consumers and businesses to be more aware of current fraud, identity theft, and cyber threats that face us every day. Cyberattacks largely were ignored by oblivious consumers, but recent point-of-sale (POS) attacks that hit the likes of Target and Home Depot has consumers more interested in potential threats.
"Serious risks are emerging for consumers and businesses as fraudsters identify new targets to attack," said Charles Chung, Experian Decision Analytics president, in a press release. "The monetary cost of fraud losses can be high, but the impact a loss or breach can have on customer relationships and brand integrity can be even higher. Combing comprehensive authentication processes with proportionate measures to monitor user activities and protect consumer data throughout the life cycle is a competitive requirement in today's market."
To help businesses better understand current fraud and cyberattacks, Experian is hosting the Future of Fraud and Identity summit on Monday, October 21 in New York City. It's a difficult time for companies trying to adapt to changing customer needs - and waves of cyberattacks that have been difficult to defend against.
Hundreds of Dropbox usernames and passwords were posted online, and the hackers reportedly have almost 7 million other compromised accounts. The breach took place because of third-party apps which can access Dropbox, and wasn't a direct breach of Dropbox.
Dropbox denied it was hacked (via The Next Web): "Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well."
Despite the appeal of online storage services, users must be cautious when they grant third-party applications access to accounts. While Dropbox wasn't directly hacked, it's questionable as to what apps should be allowed access - as these third-party services are now popular targets for cyberattacks.
Things do not look good as Sears Holding Corp said on Friday that its Kmart retail chains customer database may have been compromised last month. As a result, some of its customer's credit card and debit card details may have been stolen.
The company said on Friday that its Kmart's servers was affected by a malware. Kmart was not able to say how many customers are affected, and according to their investigation so far, no debit card pin numbers, email and phone contacts, social security number and personal information was stolen.
But, to be on the safe side, Kmart made an announcement that it will be providing a free credit-monitoring service for its customers who used a debit or a credit card during since last month until Thursday. Customers can then call Kmart customer service and report the unauthorized charges immediately. In the meantime, the company hired a security firm to look into the matter while working with its banking partners and federal authorities.
New anti-theft technologies for smartphones and tablets allow owners to lock and remotely wipe their device, but these solutions are giving suspects the ability to secure seized devices. Several police agencies in the UK recently reported that devices previously seized as evidence were wiped, all of them while in police custody.
"There were six incidents, but we don't know how people wiped them," said a spokesperson from the Dorset police department in the UK. "We have cases where phones get seized, and they are not necessarily taken from an arrested person - but we don't know the details of these cases as there is not a reason to keep records of this."
If this becomes a widespread problem, police need to change their practices, which should begin with putting all seized electronics in a radio-frequency shielded bag.