TweakTown NewsRefine News by Category:
Remember how children these days are taught not to 'joke' about security when in an airport? The same should go for online mediums. Homeland Security blogger, David Garrett Jr., spent his new years day being questioned by the FBI - thanks to an apparent joke in which he 'threatened' CNN, posing as a GOP member and leading the FBI to believe the threats to be real.
Thankfully for Garrett, this was poised as a joke and he 'came clean' straight away. In a statement to Fusion, Garrett claimed that a FBI investigator wisely told him "in the future, it's a good idea not to pretend to be someone they're investigating."
In the end everyone has come out unharmed with the only cost being a waste of the FBI's time. Take note kids, sometimes the feds can press charges and make arrests even for what you might think is a joke - luckily in this case, Garrett was let go without prosecution.
Cybersecurity experts believe 2015 will be another busy year, as sophisticated attacks against users and businesses continue. Criminals will rely on working attacks to compromise victims, while also working to advance their weapons, making them harder to spot.
"Hackers are a diverse bunch, from lone wolves, to nation-state cyber warriors and organized cybercrime rings," said Joe Caruso, founder, CEO and CTO of the cybersecurity Global Digital Forensics (GDF) firm, in a press release. "But one thing they all have in common is they are more than willing to let it ride on a winning horse until it quits paying off. SO expect the favorites, phishing and spear-pshing, RATs (Remote Access Tools), ransomware, watering hole attacks and other third-party compromises, to keep getting ridden hard in 2015."
Numerous point-of-sale (POS) data breaches and the cyberattack against Sony Pictures should serve as painful reminders as to the importance of proper cybersecurity - but won't lead to decision makers acting urgently enough, many security specialists warn. As such, companies need to become proactive in conducting cybersecurity audits, and then following through to improve security protocols - in an attempt to make it more difficult for successful attacks to occur.
Sony Pictures Entertainment was compromised in a big way by the Guardians of Peace hacker group, and there is uncertainty if the hackers were properly removed from the company's network. SPE could be back to enjoying a fully operational network within the next two months if security holds, but would face lingering problems if hackers still have backdoors into the network.
"It took me 24 or 36 hours to fully understand that this was not something we were going to be able to recover from in the next week or two," Sony Entertainment CEO Michael Lynton said in a statement published by the Wall Street Journal. The company began using an old fleet of BlackBerry smartphones to communicate and conduct day-to-day business, following the data breach.
Since being released on Christmas, "The Interview" has collected more than $18 million in digital and box-office revenue - and has proven popular among Internet pirates. However, Lynton and other executives continue to apologize to movie actors and other industry bigwigs following leaked email conversations.
The FBI wants skilled and qualified cybersecurity experts to help lend a hand in cyber-based investigations. Interested candidates must be skilled in computer science and similar fields, while also passing a fitness test, medical exam, extended background check and a polygraph test, according to the FBI.
A brief look at the FBI Cyber Careers page indicates a number jobs for cyber special agents, computer science specialists, information technology forensic examiners, and qualified candidates for cyber internships. The FBI is increasingly helping companies following major data breaches, cyberattacks from hacker groups and suspected foreign states, cyber forensics, and other roles following a major incident.
"Cyber agents will be integrated into all the different violations that we work," said Robert Anderson Jr., FBI cyber crimes branch executive assistant director, in a recruitment video. "So whether it's a counterterrorism or counterintelligence investigation, they could be the lead agent in the case."
Fast food restaurant Chick-fil-A reportedly suffered a data breach at retail locations in the United States, confirming "potential unusual activity involving payment cards" at restaurants in Georgia, Virginia, Pennsylvania, Texas and Maryland before the holidays in December. Up to 9,000 customers could be at risk following the incident, cybersecurity experts confirmed.
"We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so," according to Chick-fil-A, in a statement sent to Krebs on Security. "If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts - any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring."
Trying to compromise retail locations, collecting payment information from point-of-sale (POS) machines, continues to be a popular target among cybercriminals. Despite many of the records being safe from attack, as banks and credit card companies are faster to disable accounts and reissue cards - breaching POS systems has proven easier than direct attacks.
Cybercriminals are having a field day targeting US companies, financial institutions and government agencies, with numerous campaigns in recent years. However, some frustrated victims, instead of solely focusing on improving cybersecurity defense, are interested in trying to get vigilante justice on hackers.
It doesn't matter the motives behind revenge hacking, it's still illegal - and the FBI is investigating a report by J.P. Morgan that target Iranian servers following a 2012 cyberattack. As the FBI improves its ability to determine what country or group could be responsible for attacks, they don't want banks and other victims to try their hand at launching attacks.
"Right now the situation is that companies are on defense," said Bloomberg News reporter Michael Riley. "They have to try and keep hackers out of their networks, and the hackers only have to win once. They are incredibly frustrated, they are incredibly vulnerable, and they are looking for other options, and some of those options may be going after the hackers."
South Korean Internet users interested in downloading copies of "The Interview" should be worried, as people are having their devices infected while trying to download the movie. Specifically, a Google Android mobile app, available for smartphones and tablets, has been circulating promising access to a pirated copy of the movie - but is instead stealing banking details, according to researchers from McAfee Labs, Center for Advanced Security Research Darmstadt, and Technische Universitate Darmstadt.
"It contains an Android Trojan detected by McAfee products as Android/Badaccents," according to cybersecurity expert Graham Cluley. "Android/Badaccents claims to download a copy of 'The Interview' but instead installs a two-stage banking Trojan onto victims' devices."
The malware targets Korean banks and Citi Bank, with stolen credentials then sent to a Chinese server. The app was reportedly hosted using the Amazon Web Service (AWS), but Amazon has denied the claim. Researchers say the malicious app has been downloaded more than 20,000 times.
Even with a growing number of cybersecurity experts thinking an insider attack is more likely in the demise of Sony Pictures earlier this year, the FBI continues to blame North Korea. US government officials said there are no alternate leads in who was behind attacking Sony, despite arriving at the conclusion North Korea was behind the attack.
The FBI issued the following statement: "The FBI has concluded the government of North Korea is responsible for the theft and destruction of data on the network of Sony Pictures Entertainment. Attribution to North Korea is based on intelligence from the FBI, the US intelligence community, DHS, foreign partners and the private sector. There is no credible information to indicate that any other individual is responsible for this cyber incident."
However, cybersecurity experts were amazed how quickly the FBI was able to point fingers towards North Korea, as noted by a Norse cybersecurity official: "When the FBI made the announcement so soon after the initial hack was unveiled, everyone in the [cyber] intelligence community kind of raised their eyebrows at it, because it's really hard to pin this on anyone within days of the attack."1
Companies must learn from the mistakes made by Sony Pictures leading up to a data breach carried out by the Guardians of Peace - and that should translate to increased network security and better training for employees. In addition to the stolen movies and leaked employee personal information, embarrassing emails sent and received among executives at the company caused an additional layer of an expanding public relations nightmare.
"Now you have to operate under the mindset that my email is not confidential," said Frank Mong, GM of enterprise security solutions with Hewlett-Packard, in a recent interview published by the San Jose Mercury News. "We should all live with a little more paranoia when we do these things - ask, 'Is this really legitimate?' Should I really be clicking that?"
While the SPE breach is an ideal learning opportunity, many companies will refuse to make adjustments and could be next in line to suffer an incident. Companies need to create guidelines that force employees to use more complicated passwords, and hire third-party cybersecurity firms to educate employees on identifying phishing and spear-phishing attacks.
The Guardians of Peace, the cybercriminal group behind crippling Sony Pictures, reportedly sent threats to a U.S.-based news organization. The FBI bulletin refers to the company as "USPER2," so it remains unknown which company was targeted.
The posted threat was published on Pastebin, taunting the FBI and the unnamed media organization "for the 'quality' of their investigations," according to the GOP statement. Unfortunately, many ad servers don't support newer encryption technologies, so media outlets are vulnerable to potential hijacking - and it's something that clever cybercriminals are clearly aware of.
"As part of our ongoing public-private partnerships, the FBI and DHS routinely share information with the private sector and law enforcement community," according to an unnamed military source, speaking to journalists. "The FBI and DHS are not aware of any specific credible information indicating a threat to entertainment or news organizations, however, out of an abundance of caution, we will continue to disseminate relevant information observed during the course of our investigations."