TweakTown NewsRefine News by Category:
Romanian citizen Iulian Schiopu was sentenced to 45 months in prison for his role in a cybercrime operation related to phishing. Schiopu and his accomplices reportedly affected thousands of debit and credit cards of U.S. banking customers.
Stolen information was stored in shared email accounts, with names, addresses, dates of birth, telephone numbers, and Social Security numbers at risk. The group became known in the United States because criminals in Romania were withdrawing money of U.S. bank account holders. So far in the investigation, more than 20 Romanian citizens have been arrested for their various roles in the phishing scheme.
Cybercriminals are able to launch a large amount of attacks with little risk of law enforcement interference, but the U.S. government is ramping up efforts to dismantle organized attack groups.
The rise in cyberattacks and digital threats forced business leaders to pay closer attention, and that means more job opportunities. More than half of CEOs will include some type of "digital" leader by the end of 2015, according to research firm Gartner. Moving ahead, one-third of large organizations participating in digital business will have some type of "digital risk" officer.
It's a complicated time with cybercriminals finding great success compromising companies, stealing employee and customer personal data. IT security teams are suffering while trying to keep information secure, the digital risk officers will be tasked with being business savvy and have appropriate knowledge on how to address digital risk issues.
"Digital risk officers will require a mix of business acumen and understanding with sufficient technical knowledge to assess and make recommendations for appropriately addressing digital business risk," said Paul Proctor, Gartner VP and distinguished analyst. "Many traditional security officers will change their titles to digital risk and security officers, but without material change in their scope, mandate, and skills they will not fulfill this role in its entirety."
Chinese hackers successfully breached a U.S. government network that includes personal data of federal employees and their security clearance applications. The incident took place in March and specifically targeted the Office of Personnel Management, and files included everything from financial data to medical records and other sensitive information.
It's troublesome how easily foreign hackers are able to breach networks, especially when they contain personal data. An unnamed Department of Homeland Security (DHS) official didn't announce that type of data was taken in the breach, but confirmed a security issue did occur.
"The administration has never advocated that all intrusions be made public," said Caitlin Hayden, Obama Administration spokesperson. "We have advocated that business that have suffered an intrusion notify customers if the intruder had access to consumers' personal information. We have also advocated that companies and agencies voluntarily share information about intrusions."
Two people with alleged ties to the Lecpetex botnet, compromising more than 250,000 computers to help mine for bitcoins, were arrested. Lecpetex brought infected PCs into the growing botnet, and compromised machines tried to infect machines using No. 1 social media website Facebook.
Facebook officials contacted Greek police and were able to identify multiple suspects allegedly involved in running the botnet.
"Late last year, our abuse-fighting teams started to see a distinct new botnet," Facebook said in a blog post. "Based on statistics released by the Greek Police, the botnet may have infected as many as 250,000 computers. In addition, the Lecpetex authors appeared to have a good understanding of anti-virus evasion because they made continuous changes to their malware to avoid detection."
The issues related to cybersecurity among utilities companies has a unique twist that sounds like something from a hacker movie made in Hollywood. A cyberattack to compromise a utility provider and demand cash ransom in exchange for access to the networks is possible if security measures aren't improved, according to Dr. Larry Ponemon, Ponemon Institute founder.
Ransomware attacks, made up of custom malware designed to encrypt files and interrupt business operations, is a successful technique that hackers from Eastern Europe and China have deployed. If altered to breach utility networks, the same type of attack might be extremely effective.
"With the increased convergence of cyber and physical world's, attacks are no longer limited to office computers and networks," said Steve Durbin, International Security Forum Managing Director, in a statement. "They can now have physical impact in the real-world."
The German government remains upset that the NSA snooped on German Chancellor Angela Merkel and other government leaders, requesting the top U.S. intelligence official in Germany to leave the country. It was an unexpected move by the German government, as the CIA official works at the U.S. embassy in Berlin - as parliamentary inquiries continue in Germany.
The German government wants to speak with Snowden, but the American turned down an in-person meeting that would have taken place in Russia. Even if German investigators are unable to chat with Snowden in the near future, there are obvious political tensions between Germany and the United States at the moment.
"The representative of the U.S. intelligence services as the Embassy of the United States of America has been requested to leave Germany," said Steffen Seibert, a Germany government spokesperson, in a statement. "The Federal Government takes these incidents very seriously. It remains vital for Germany, in the interest of the security of its citizens and its forces abroad, to cooperate closely and trustfully with western partners, in particular with the USA. To do so, however, mutual trust and openness are necessary. The Federal Government continues to be ready for this and expects the same from its closest partners."
As expected, the United States and China again discussed cyberespionage talks with China, following months of tense negotiations and stalemates from both sides. Washington and Beijing have an extremely fragile political relationship, and both sides have accused one another of organized cyberespionage attacks aimed at stealing information and disrupting network traffic.
Although U.S. Secretary of State John Kerry confirmed Washington raised cyber-related topics with China, though a large amount of dialogue is still necessary. The United States still accuses China of state-led global cyberespionage attacks, while Beijing criticized the NSA for its widespread surveillance activities.
"China is making preparations to adopt greater transparency including on foreign exchange, which will accelerate the move to a more market-based exchange rate," said Jack Lew, U.S. Treasury Secretary, when speaking of the cybercrime-related talks between both sides.
The controversial Cyber Information Sharing Act (CISA) was approved by the Senate Select Committee on Intelligence, aimed to help the government and private companies better defend against cyberattacks. The bill received a 12-3 vote, and is the latest step forward in an evolving battle to keep networks and users safe on the Internet.
As part of CISA, the director of national intelligence will need to increase classified and unclassified cyberthreat information - and individuals and companies are authorized to roll out countermeasures to keep their own networks and consenting customers secure.
There is a large amount of concern regarding the controversial program, especially following former NSA contractor Edward Snowden disclosed organized federal government spying operations.
Most companies combat advanced persistent threats (APTs) using anti-virus and anti-malware security software, according to the "Advanced Persistent Threat Awareness" report released by the ISACA non-profit information security group. The study found 96 percent of survey participants note AV or anti-malware solutions as the most popular option - with 60 percent also relying on remote access.
APTs are described as stealthy, prolonged attacks typically aimed at cyberespionage attacks against businesses and governments. Due to large numbers of malware, security experts try to keep end-users and networks secure while pinpointing activity from command and control network traffic.
"The technical controls most often identified as being used to prevent APTs are network perimeter technologies, such as firewalls and access lists within routers, as well as anti-malware and anti-virus," according to the ISACA report. "While these controls are proficient for defending against traditional attacks, they are probably not as well suited for preventing APTs for a number of researchs," including spear phishing or zero-day threats.
E-ZPass customers in Massachusetts, New York and New Jersey are being warned of an email phishing scam from criminals claiming to be from the E-ZPass "Customer Service Center." The email subject is "Payment for driving on toll road," and informs customers that they have unpaid tolls.
The fake email has the following message: "Dear customer, you have not paid a toll for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time. The invoice can be downloaded here."
Security experts point out a couple of different problems with this email, including: bad grammar and the realization that an official summons wouldn't ask recipients to download an invoice. Furthermore, the real E-ZPass Service Center doesn't email customers regarding payment problems and other correspondence.