TweakTown NewsRefine News by Category:
The US federal government believes a criminal case could begin against those responsible for breaching JPMorgan Chase, after 83 million customers were impacted. The breach last October led to customer names, addresses, phone numbers and email addresses being stolen - and investigations began immediately after the breach was revealed.
A few of the suspects live in countries which have extradition treaties with the United States, according to the New York Times, which means authorities could open criminal cases. Following a more thorough investigation, it was found that the breach wasn't nearly as sophisticated as originally believed.
"The bad news is that many of these folks are located overseas, and they are using encryption and servers all over the world," said Leslie Caldwell, assistant attorney general for the criminal division of the Justice Department, in a statement published by the New York Times. "But the good news is if we are able to jump on the breach early enough, we have an electronic trail and can get that evidence."
Yahoo plans to offer end to end encryption security protocols for its email service by the end of 2015, in an attempt to win over Internet users trying to prevent government snooping and surveillance. The new security features were demonstrated during the South by Southwest festival over the weekend, with a beta offering for developers expected soon.
Even though encryption has received praise from privacy advocates, it is often too difficult for many Internet users - trying to create encryption keys for the sender and receiver. However, Yahoo wants to provide a streamlined offering for its users, though it still will be designed for sensitive emails.
"Our goal is to have this available by the end of the year," said Alex Stamos, chief information security officer of Yahoo, in a statement to the AFP. "Anybody who has the ability to write an email should have no problem using our email encryption."
The Kaspersky Lab cybersecurity firm has launched Phound!, a new free Google Android anti-theft app, designed to help keep devices and personal information secure. The app can locate a lost or stolen device, ensuring data on the compromised smartphone or tablet is secure.
Users are able to block and prevent unauthorized access using GPS, Wi-Fi networks or GSM - and a message can be displayed on the device's screen, or a photo can be taken using the front camera. Furthermore, Phound! can be used to locate a misplaced device by sounding an alarm until the forgetful user identifies its location.
"For many consumers, mobile devices serve as storage for their most valuable and important data - contacts of friends and colleagues, personal messages, private photos and many other things," said Alexey Chikov, Senior Product Manager of Kaspersky Lab. "This means that today's smartphones and tablets need the same security as a bank vault. However, unlike bank vaults, smartphones are small, portable and easily misplaced. That is why we created a solution for our users to prevent their mobile 'vault' from falling into the wrong hands."
Ransomware attacks, using customized malware, are victimizing a wider number of PC users across the world, cybersecurity experts warn.
There have been a number of new ransomware strains discovered in recent weeks, including the CryptoFortress malware which successfully encrypts files over network shares.
"These new capabilities of Cryptoware change the threat landscape for all server and network administrators and it is even more important than ever to properly secure your shared folders with strong permissions," said Stu Sjouwerman, CEO of KnowBe4. "Between increasingly sophisticated phishing emails and exploit kits on compromised websites, users need to be trained to recognize threats with effective security awareness training."
Cyberattacks by hackers and foreign states isn't necessarily new, but 2014 helped bring consumer attention to the matter in the United States following several major data breaches. The United States should be aware that an "extremely damaging" cyberattack against the public and private sectors seems likely, warn cybersecurity experts.
"It's undeniable that the number of breaches is going up, and despite our best efforts, we are constantly surprised by new and important ways to affect these important [computer] networks," said Leo Taddeo, FBI Special Agent for Cyber Special Operations, in a statement to Bloomberg. "I think that we would be well-served to prepare for - I won't say a catastrophic attack, but an attack that has an impact that may shake some confidence levels."
Of note, business leaders should pay attention to possible "destructive malware" aimed at compromising corporate networks. Trying to clamp down on outside attacks has proven difficult, with sophisticated malware and better techniques used to infect targets.
The cybersecurity industry is an estimated $71 billion market that is growing at a rapid pace, with hackers targeting users - and increasingly sophisticated cyberespionage campaigns aimed at national governments.
Kaspersky Lab, a cybersecurity firm based in Russia, reportedly hesitated on at least two separate occasions before linking the Russian government to cybercriminal activities. Meanwhile, FireEye and CrowdStrike, two US security firms, have blamed China and Russia for organized cyber campaigns - but haven't accused the US for its cyberespionage efforts.
"Some companies think we should be stopping all hackers. Others think we should stop only the other guy's hackers - they think we can win the war," said Dan Kaminsky, chief scientist of the White Ops cybersecurity firm, in a statement published by Reuters.
The United States faces a "pervasive" issue regarding cyberattacks against physical weapons systems and private defense contractors - and cybersecurity to help protect assets is gaining more traction. The Department of Defense Instruction 5000.02, the Pentagon's guidelines for military acquisitions, will include a category focused specifically on cybersecurity.
"It's about the security of our weapons systems themselves and everything that touches them," said Frank Kendall, Defense Undersecretary, speaking to Reuters. "It's a pervasive problem and I think we have to pay a lot more attention to it."
The US government deciding to embrace cybersecurity, especially for the military, will likely generate more revenue for Lockheed Martin, General Dynamics and other contractors tasked with creating defensive cybersecurity programs.
Countries interested in conducting cyberespionage campaigns are using increasingly sophisticated methods, carefully targeting users with modular tools, according to Kaspersky Lab.
To increase stealth and reduce their visibility from cybersecurity experts, hackers are diversifying the components used in their malicious programs. One specific platform has at least 116 different plugins that can be customized depending on expected victim and what type of information they have access to.
"Nation-state attackers are looking to create more stable, invisible, reliable and universal cyberespionage tools," said Costin Raiu, director of global research and analysis at Kaspersky Lab. "They are focused on creating frameworks for wrapping such code into something that can be customized on live systems and provide a reliable way to store all components and data in encrypted form, inaccessible to regular users."
Former NSA contractor Edward Snowden, currently residing in Russia, says he would like if the Swiss government granted him asylum. Snowden once lived in Geneva while working undercover for the CIA, and enjoyed his time in the European country.
In addition to Switzerland preferring a neutral stance on current military wars and other issues, the country also boasts a high quality of life and treatment of citizens. Unfortunately, current Swiss laws dictate someone applying for asylum must already be in Switzerland - and it's unknown if the government is willing to make an exception for Snowden.
"I would love to return to Switzerland, some of my favorite memories are from Geneva," Snowden recently said during the International Film Festival and Forum on Human Rights. "It's a wonderful place. I do think Switzerland would be a sort of great political option because it has a history of neutrality."
When it comes to retail shopping, cash is still king to consumers as far as choosing a safe payment option, according to a new study from the Walker Sands marketing research firm. Fifty six percent of consumers say cash is the most secure method, ahead of debit and credit cards (38 percent), and mobile payments (1 percent).
Despite more than half of consumers saying cash is most secure, 59 percent of consumers carry just $20 or less while shopping. The use of cash is dropping as more consumers rely on debit and credit card payments because of it being extremely easy to use - and mobile payment supporters hope a similar trend will take place in the future.
"Consumer fears around security and privacy have plagued mobile payment adoption," said Michelle Evans, senior consumer finance analyst at Euromonitor International, in a statement published by MainStreet. "The unfamiliarity and complexity of the mobile device creates security and privacy concerns for consumers who want to be confident that their personally identifiable information and financial details are protected."