TweakTown NewsRefine News by Category:
Cybercriminals had an extremely successful year in 2014, and are constantly looking for new ways to compromise businesses and users. Last year saw "far-reaching vulnerabilities, faster attacks, files held for ransom and far more malicious code than in previous years," according to the Symantec 2015 Internet Security Threat Report - and information security is becoming more important for companies.
There were 317 million new pieces of malware written in 2014, while ransomware attacks aimed at breaching user files increased 113 percent. Data breaches remained a major problem, with millions of US consumers compromised, as the total number of incidents increased 23 percent.
"The criminals are getting better," said Kevin Haley, director of security response at Symantec, in a statement published on NBC News. "Success breeds success and other criminals want to get into the game, so we need to step up our game in terms of protecting our information and keeping it safe."
The Government Accountability Office (GAO) is showing increased concern that hundreds of commercial aircraft are vulnerable to possible cyberattack from remote operators. If done successfully, hackers would be able to possibly install malware on flight control computers, take over control of the aircraft, compromise navigation systems and warning systems.
Air traffic control also is increasing to support Internet-based solutions, giving criminals another pipeline to tamper with flights. The House Transportation and Infrastructure Committee and several senators wish to read over the full GAO report - and expect the Federal Aviation Administration (FAA) to make necessary security protocols mandatory.
"Modern communications technologies, including IP connectivity, are increasingly used in aircraft systems, creating the possibility that unauthorized individuals might access and compromise aircraft avionics systems," the GAO report says. That level of IP connectivity, however, is what could create a link between aircraft and cybercriminals - posing a threat to the aircraft, its crew and passengers.
Victims of the CoinVault ransomware have another option when trying to retrieve information - and not paying a ransom to hackers. Cybersecurity company Kaspersky Lab has partnered with the National High Tech Crime Unit (NHTCU) of the Netherlands' police, providing decryption keys and a decryption application online.
Using information collected from a CoinVault command & control server, Kaspersky Lab, NHTCU and the Netherlands' National Prosecutors Office hope victims will be able to retrieve files without paying a ransom.
"If you get infected with the CoinVault ransomware, please check noransom.kaspersky.com," urged Jornt van der Wiel, security researcher for the global research and analysis team at Kaspersky Lab. "We have uploaded a huge number of keys onto the site. If we do not currently have records for a particular Bitcoin wallet, you can check again in the near future, because together with the National High Tech Crime Unit of the Netherlands' police we are continuously updating the information."
Phishing remains a successful social engineering tactic used by cybercriminals, taking just 82 seconds to catch the first victim, according to a new report compiled by Verizon. An unfortunately alarming number of 25 percent of phishing email recipients are likely to open the fraudulent email - and trying to educate employees remains difficult for companies.
Instead of worrying about using a complicated software exploit, it's easier - and extremely effective - for hackers to just phish a victim and get them to turn over usernames and passwords. Companies that properly teach their employees to identify and avoid phishing emails reduce their likelihood of falling victim from one in four down to one in 20, according to researchers.
"They should be treating employees as tools in the fight rather than as lambs to the slaughter," said Bob Rudis, lead author of the Verizon report, in a statement published by BBC.
Pedophiles are adapting their habits and using the so-called "dark net" to find children to exploit, while creating new business opportunities.
Even though most people use the dark net to avoid government detection, 80 percent of traffic to dark net sites were believed to be related to child pornography, according to a recent British research study. There is an increased effort to prevent this type of dark net use, but cybersecurity experts believe the problem is just getting worse.
"It was just an awful realization, discovering there were tens of thousands of people who are not only trading child pornography, but planning to exploit children," said Greg Virgin, a cybersecurity consultant, in a statement published by CBS News. "We found one site where users openly advertised the ages of the children they were interested in. The average youngest age they were seeking for girls was zero years old. And the average age for boys was one."
As part of the US Defense Department's "Better Buying Power 3.0" initiative, the government wants to see closer relationships forged with the private sector. The main goal of the program is to make sure the US doesn't lose a technological edge over foreign adversaries, as the DoD dumps money into new R&D efforts.
A major effort will focus on keeping next-generation weapons technology and defense systems secure from cyberattacks - something that is of major concern, especially from China, Russia, and other countries with sophisticated cyber militaries.
"It includes the industrial base that supports us and their databases and their information," said Frank Kendall, undersecretary of defense for acquisition, technology and logistics, in a statement. "It includes what we hold in government. It includes the logistics support information, the sustainment information, the design information, the tactical information. Everything associated with the product is a potential point of attack. And we are under attack in the cyber world, and we've got to do a better job protecting our things."
The Europol Cybercrime Centre and the FBI teamed up to bring down the Beebone botnet, a custom operation that installed malware on unknowing victims. At least 12,000 machines were infected - with an estimate up to 100,000 zombie PCs - hijacked by cybercriminals. The malware was used to collect stolen passwords and download third-party applications onto victim PCs, officials noted.
"The fact that it [the malware] is complicated suggests that it could be used for more targeted attacks," said Paul Docherty, director of Portcullis Security, recently told the BBC. "If those responsible were able to harness similar difficult-to-detect code they could potentially move the point of attack from home users to corporate users or other entities which typically hold large amounts of sensitive, valuable data."
The polymorphous malware utilized its unique ability to change its "shape" so it was better able to evade cybersecurity defenses - and continue hijacking new users.
TV5Monde in France suffered a major cyberattack that led to hijacked websites and social media accounts, along with causing a three-hour broadcast blackout. The Cyber Caliphate, a pro-ISIS hacker group, didn't take public responsibility for the attack - but pro-ISIS images and "hacked by an Islamist group" markings were left on compromised accounts.
"We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State," said Yves Bigot, TV5Monde director general, told the AFP.
France's culture minister will host an emergency meeting with major French media groups so they are able to study their cybersecurity protocols. A terrorism investigation has been opened by the Paris prosecutor's office following the cyberattack, which is the most sophisticated shown by the Islamic State.
Ransomware infections tend to be a frightening scenario for businesses often caught off-guard when an employee mistakenly compromises a workplace machine.
Cybersecurity experts are increasingly worried about ransomware, one of the fastest rising hacker-related crimes, which demands a ransom payment in exchange for files held hostage. The traditional method of infection is a malicious file attached to an email, but criminals are finding ways to point victims to hijacked websites.
Unless home users or companies have data backed up, and are careful of emails opened and websites visited, ransomware can prove especially catastrophic. Even though US government and private sector cybersecurity experts warn against paying ransoms, many companies choose to pay the ransom and move on.
The Russian government is being blamed for hacking into a computer system used by the White House, and the hackers were able to view classified information. It's possible the cyber intrusion, with alleged ties to the US State Department breach, was in retaliation for sanctions against Russia.
However, White House officials didn't specifically single out Russia for launching the cyberattack - but there is an active investigation by the Secret Service, FBI and US intelligence agencies. "In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity," said Mark Stroh, National Security Council spokesman. "As has been our position, we are not going to comment on [this] article's attribution to specific actors."
Not surprisingly, the Kremlin has issued a statement saying Russia is a constant scapegoat for organized cyberattacks: "In regard to CNN's sources, I don't know who their sources are," said Dmitry Peskov, spokesman for Russian President Vladimir Putin, in a statement published by RT. "We know that blaming everything on Russia has already turned into some sort of sport."