TweakTown NewsRefine News by Category:
According to some security researchers at Kaspersky, a group of hackers have used tricky malware to steal at least $300 million from bankers throughout 30 countries across the world.
The hackers tricked bank staff into installing a virus, or malware, through a spoofed email, where they spied on staff to learn their behavior. From there, they were able to mimic bank staff, to learn telltale signs that money is being taken from the bank, and transferred to various accounts. The attacks did just that, transferring money to other bank accounts, but some of it is sent to ATMs where criminals are monitoring specific ATMs.
The banks that were hit are now aware of the attack, but Kaspersky cannot name the banks due to non-disclosure pacts. Some of the firms don't want to admit they were hit, as they would be looked at as victims, and that their security has failed them. As for the breaches of security, the hackers injected malware into banks in the United States, Russia, Japan and many more countries.
Companies are scrambling to defend against cyberattacks in an effort to prevent data breaches, but are struggling to find success. Cybersecurity experts warn they must realize that hackers will likely enter their systems, and have to find ways to defend attacks after unauthorized access already occurs.
Worldwide IT security spending was around $70 billion in 2014, according to Gartner research group estimates - but that figure will top $109 billion by 2020 for just banks, energy and defense contractors. Spending is going to keep increasing with the number of attacks also reaching new levels, experts warn.
"Once an attack has made it past those defenses they're in the gooey center, and getting around is relatively simple," said Ryan Wagner, director of product management at vArmour, in a statement to Reuters. "You need to make sure that when you close the door, the criminal is actually on the other side of the door."
Insurance companies and other healthcare-related businesses can expect additional cybersecurity scrutiny in the future, after Anthem suffered a major data breach.
To better fight against cyberattacks - and subsequent data breaches - companies should conduct cyber vulnerability risk assessments and penetration testing. Just a few years ago, these types of activities were seen as luxuries that very few companies engaged in, but now business leaders must look to ensure their networks are secure.
Cybercriminals are extremely opportunistic and look for any opportunity they can manipulate for their benefit:
President Barack Obama claims he supports strong computer data encryption more than many law enforcement agencies, though sided with them regarding the need to keep the public safe.
To help address the issue, Obama wants a "public conversation" to discuss encryption and security efforts.
"And so this is a public conversation that we should end up having," Obama told Re/code. "I lean probably further in the direction of strong encryption than some do inside of law enforcement. But I am sympathetic to law enforcement because I know the kind of pressure they're under to keep us safe. And it's not as black and white as it's sometimes portrayed."
The US government and police authorities want access to smartphones and tablets, using everything from fear tactics, threats, and national security claims.
The Internet of Things (IoT) offers great connectivity for consumers, but is becoming a soft target for cyberattacks, according to the Nexusguard "2015 Internet Security Trend" report. Of note, distributed denial of service (DDoS) attacks greatly concern cybersecurity researchers, with criminals hoping to interrupt access to connected technology.
The current IoT infrastructure largely relies on shared libraries and a fast development cycle, with security sometimes included as an afterthought. To make matters worse, cybercriminals can hijack poorly secured "Things" and help use them in botnet attacks against other targets.
"With the Internet of Things, people are posting personal or commercially sensitive information," said Terrence Gareau, Chief Scientist of Nexusguard. "It's a very complex question how people are going to secure that data, especially with increasingly sophisticated attacks. Furthermore, hackers may be incentivized to infect IoT devices and use them as an army for botnet attacks. Additionally, the smokescreen of DDoS attacks used for covering up data exfiltration, market manipulation and extortion, are ever more present."
Credit card company Visa plans to release a new location-based feature that will give cardholders the chance to update their location via smartphone. Banks will include the Visa software in their smartphone apps starting in April, and cardholders will have a chance to opt into the program.
When the cardholder's smartphone enters a new city or country, the app updates Visa so they are aware if credit card transactions take place in the new geographic location. This will prevent charges from being declined - and members won't have to call to confirm their whereabouts.
"We will be able to compare the merchant's location to the most recent cellphone location to show it's a less risky transaction," said Mark Nelsen, executive at Visa, in a statement published by the AP.
Apple has today announced a two-step verification process for iMessage and FaceTime applications, announced in the wake of the massive celebrity leak uncovered late last year.
This new system means that users will be asked to supply their username and password alongside a verification code that Apple will send to a device with granted access to these services. This process has been recommended by computer security experts, with them stating the obvious - a hacker gaining control to your username and password is much easier than doing the former and stealing your phone.
The username and password issues most commonly seen are due to people using the same email and password combination for numerous accounts. This means that if a hacker has access to your iCloud, they likely have access to your Facebook, email, Twitter and more.
More than 1,500 data breaches led to at least 1 billion data records being compromised in 2014 alone, according to a report from Gemalto. It's a 49 percent increase in data breaches and 78 percent increase in data records theft year-over-year, with attacks expected to increase even higher in the future.
Cybersecurity experts warn that hackers are changing their tactics, with a focus on stealing personal information which can be collected - and used - at later dates. Fifty-four percent of all data breaches in 2014 focused on identity theft, including financial data, which led all other categories - with attack focus beginning to change.
"Not only are data breach numbers rising, but the breaches are becoming more severe," said Tsion Gonen, VP of strategy for identity and data protection at Gemalto. "Being breached is not a question of 'if' but 'when.' Breach prevention and threat monitoring can only go so far and do not always keep the cyber criminals out."
Cybercriminals have their pick of vulnerable targets to compromise, and want to focus more on conducting identity theft over just stealing payment information.
After a data breach, especially if a debit or credit card information has been stolen, compromised users ask their banks to cancel cards. However, a data breach in which names, addresses, Social Security numbers and other personal data are stolen give criminals the ability to take their time to launch future attacks.
"We're clearly seeing a shift in the tactics of cybercriminals, with long-term identity theft becoming more of a goal than the immediacy of stealing a credit card number," said Tsion Gonen, VP of strategy for identity and data protection of Gemalto. "Identity theft could lead to the opening of new fraudulent credit accounts, creating false identities for criminal enterprises, or a host of other serious crimes."
Antivirus products missed almost 70 percent of malware infections within the first hour of submission, according to Damballa's "Q4 2014 State of Infections Report." In addition, only 66 percent of malware signatures were accurately identified when rescanned within 24 hours of infection - with that number going up to 72 percent within seven days.
Antivirus security companies share malicious file findings with one another, but it takes time for new discoveries to be integrated into their own programs.
"What's clear from these figures is that we have to turn the table on infection 'dwell' time," said Brian Foster, CTO of Damballa. "In much that same way that a flu vaccine hinges on making 'best-guess' decisions about the most prevalent virus strains - AV is only effective for some of the people some of the time. Viruses morph and mutate and new ones can appear in the time it takes to address the most commonly found malware."