Hacking, Security & Privacy News - Page 41

Cyberattacks from foreign states and rogue hacker groups have become the top threat to the United States, according to US intelligence experts. Director of National Intelligence, James Clapper, is especially concerned of potential attacks from Russia, China, Iran and North Korea - saying low-to-moderate level cyberattacks pose a long-term threat against critical infrastructure.

In addition to cyberespionage from foreign governments, there is rising concern of hacker groups able to infiltrate government agencies and companies - sometimes with support from foreign governments - with the goal of interrupting business operations, stealing money, and compromising employee and customer personal data.

Unfortunately, the US government has focused more on its cyber surveillance programs while largely neglecting cybersecurity. Even though it's effective to have offensive weapons, the United States has a lot more to lose than other countries if a major data breach occurs - and there is growing focus on being able to identify and defend against attacks.

By 2018, 40 percent of large enterprises will have some type of plan to respond to aggressive cybersecurity business disruptions, a drastic increase from zero percent in 2015, according to the Gartner research group.

Gartner describes an aggressive business disruption attack as a coordinated and sophisticated effort to interfere with and damage business operations - wiped data, servers knocked offline, intellectual property stolen.

"Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as several attack patterns and overwhelming evidence support that a compromise will occur," said Paul Proctor, VP and distinguished analyst at Gartner. "Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program."

Twenty-eight percent of consumers know nothing or very little about mobile malware, while another 26 percent said they are aware of cyber threats but aren't worried, according to the "Consumer Security Risk" survey from Kaspersky Lab.

In addition, 31 percent of Google Android smartphones and 41 percent of tablets aren't password-protected, while 58 percent of Android smartphones and 63 percent of tablets have some form of anti-virus software.

"It is not surprising that mobile users are facing online threats more often now: devices are capable of doing so much more, and many more people are using them, so of course they will attract fraudsters," said Victor Yablokov, head of mobile product line at Kaspersky Lab. "To avoid falling victim to scams, users are advised to protect their devices against cyber threats and be especially careful with any sensitive data store on them."

Even with the rising sophistication of cyberespionage campaigns, US critical infrastructure is less likely to suffer from a single major incident - and faces a higher risk of continued low-to-medium attacks.

"Rather than a 'cyber-Armageddon' scenario that debilitates the entire US infrastructure, we envision something different," said James Clapper, director of national intelligence, in a recent report. "We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security."

Clapper's statements were made as part of a report submitted to the Senate committee, with growing concern regarding cybersecurity.

FireEye's Mandiant found that the average data breach was discovered in 205 days, dropping from 229 days (2013) and 243 days (2012). Enterprises were only able to self-detect 31 percent of breaches, with third-parties and the government helping identify cybersecurity incidents.

Companies are becoming more vigilant in detecting cybercrime-related activity, such as credit card companies noticing fraudulent behavior.

"Over the last several years, organizations like the Federal Bureau of Investigation (FBI) have gotten increasingly involved in notifying US businesses that they have been identified as being compromised," said Ryan Kazanciyan, technical director at Mandiant, in a statement to eWEEK. "The result of the FBI's efforts has led to increasing numbers of victim notifications."

Europol's European Cybercrime Center is actively dismantling the Ramnit botnet, which relies on up to 3 million malware-infected zombie PCs. Twenty-seven percent of Ramnit infections were identified in India, with Indonesia (18 percent), Vietnam, the United States, Bangladesh and the Philippines also impacted.

Europol didn't say if any arrests were made at this stage of the investigation, but offered this public statement:

"This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime," said Wil van Gemert, Deputy Director of Operations at Europol. "We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes."

Anthem confirmed millions of non-Anthem customers are at risk, and 8.8 million up to 18.8 million customers could be at risk. Following discovery of the breach on Jan. 29, Anthem began contacting customers, but found millions of incomplete data records in its database.

The estimate counts 14 million incomplete records:

"While Anthem is not able to match incomplete records to a specific member, it does have valid mailing addresses for some of these records," an Anthem spokesperson told ABC News. "Anthem will distribute member notifications to the valid address on file as part of its effort to notify every potentially impacted member."

The FBI says it is "close" to identifying the cybercriminal group responsible for breaching Anthem, but didn't confirm if a public announcement would be made. The targeted attack against Anthem, the No. 2 health insurance company in the United States, left up to 80 million members compromised.

China is suspected in the breach, with Beijing reportedly improving its cyberespionage capabilities.

"We're close already," said Robert Anderson, head of the FBI's cybercrime branch, during a recent media briefing. "But we're not going to say it until we're absolutely sure. I don't know if it's China or not, by the way."

Millions of smartphones and mobile devices are vulnerable due to mobile app developers being lackadaisical issuing patches and security updates, according to a report from McAfee Labs.

Last year, it was discovered that at least 20,000 mobile apps have an easily exploitable SSL vulnerability, according to the Carnegie Mellon University computer emergency response team. McAfee tested the 25 most popular apps listed by Carnegie Mellon, and found that "poor programming practices" were prevalent - putting app users at risk.

"A lot of the discussion right now is about the value of data on your device, in this case your cellphone," said Gary Davis, McAfee spokesman, in a statement published by CBC. "Addresses, dates of birth, these are all data elements you'd need to in essence steal somebody's identity, or perhaps conduct insurance fraud, and it's all being made available through different applications."

The FBI is aware of at least 60 cybercriminal groups with state-sponsored support, according to Joseph Demarest, senior bureau chief and head of the FBI cybercrime division.

Demarest also said the FBI was able to trace the Sony Pictures Entertainment hack was tied to North Korea within one month - showing that the unstable country has increasingly sophisticated cyberattack capabilities. State-sponsored cyberespionage is a booming business, with the FBI and other departments suspecting China, Russia, Iran, and other countries of relying on hackers.

In addition, the FBI announced a $3 million reward for the arrest or conviction of Evgeniy Bogachev, operator of GameOver Zeus. The bounty is the largest offered for a cybercriminal, and the Russian has been charged with computer hacking, conspiracy, wire fraud, bank fraud and money laundering - and faces a federal charge of bank fraud conspiracy.