TweakTown NewsRefine News by Category:
The Regin stealth malware is one of the most sophisticated pieces of attack code written, and was likely created by a government for corporate espionage, according to the Symantec security firm. Regin was used for the past six years and has the ability to take screenshots, recover deleted files, and steal usernames and passwords from infected machines.
It is believed that machines from Ireland, Russia and Saudi Arabia have been most infected, with an effort to attack end users, companies, and government organizations. The Regin creators were diligent to cover their tracks, and it could have taken months to develop the software.
"We believe Regin is used primarily for espionage," said Liam O'Murchu, Symantec security researcher. "We see both companies and individuals targeted. The ultimate goal is to listen in on phone calls or something like that. [Regin's operators] target individuals and spread the attack to find whatever it is they're looking for. All of these things together make us think that a government wrote it."
Mobile attacks accounted for around one-third of attack activity on ThreatMetrix networks, and while mobile attacks are still lower than desktop threats, cybercriminals are increasingly interested in expanding their mobile cybercrime strategies.
"As iPhone, Android and tablet usage continues to increase among consumers, mobile will represent an equal opportunity chancel for cybercrime activity," said Alisdair Faulkner, ThreatMetrix CEO, in a statement. "Cybercriminals always go where the money is and as more transactions turn to mobile, they will create new, sophisticated strategies to target this channel."
Google Android controls a higher market and browser share than rivals - and Apple iOS has amounts for almost twice the amount of payments, logins and authentications combined - both mobile operating systems are under threat. ThreatMetrix said 48 percent of mobile attacks were targeted against iOS smartphones and tablets.
Sony doesn't believe its PlayStation Network was hacked, despite a recent report from a hacker group that they "released a log of customer logins" of usernames and passwords for PSN, Windows Live and Origin. It's possible the user logins were repurposed from previous security breaches, so it would appear gamer PSN accounts are still secure.
"We have investigated the claims that our network was breached and have found no evidence that there was any intrusion into our network," Sony said in a statement. "Unfortunately, Internet fraud including phishing and password matching are realities that consumers and online networks face on a regular basis. We take these reports very seriously and will continue to monitor our network closely."
Even though data breaches are something consumers are increasingly more aware of, there also has been an increase in the amount of fake reported attacks.
It was an atrocious year for private companies and consumers when discussing cybersecurity, with 20 major retailers breached in 2014. Between the medical/healthcare, financial, educational, business and government/military verticals, a total of 679 breaches occurred, according to the Identity Theft Resource Center, and it has been extremely difficult to try to defend against these increasingly sophisticated cyberattacks.
"The markets react to a market opportunity," said David Burg, PwC Global and US advisory cybersecurity head. "One of the problem is it's hard to secure the enterprise absolutely. So one of the reasons there is a flood of venture capital money into the space is because investors see an opportunity for innovation to solve some of these hard problems that exist out there."
However, investors and private companies are finding a lucrative opportunity to create next-generation security software, as cybersecurity spending is increasing. The industry is expected to see a 7.9 percent increase in 2014, up to $71.1 billion, with eight percent year-over-year growth estimated through 2016, the Gartner research group says.
The rise in popularity of e-cigarettes in the United States and Western Europe has led to the potential of malware infection from e-cigarettes made in China, according to recent reports. Cybercriminals have become more creative in their attempts to compromise devices, and ensuring devices from Chinese production facilities are pre-loaded with malware has become increasingly popular.
"The Made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer's USP port the malware phoned home and infected the system," according to a report posted on Reddit.
Trend Micro security consultant Rik Ferguson seems to agree with the assessment: "Production line malware has been around a for a few years, infecting photo frames, MP3 players and more. For consumers it's a case of running up-to-date anti-malware for the production line stuff and only using trusted devices to counter the threat."
Companies are struggling to try to teach their employees appropriate use of work-owned PCs and laptops, as they struggle to keep their networks secure. During typical business hours, 36 percent of survey respondents say they browse social media, while 34 percent enjoy online shopping. Meanwhile, 42 percent play online games and 36 percent use their work laptops to search for a job - all while at home.
"People seem to understand that at work there's a little bit more protection," said Sergio Galindo, GFI Software general manager, while speaking to SCMagazine. "They don't do riskier stuff at the office. They're doing riskier stuff (at home) and then bring this equipment that was exposed at home back to the office."
Companies are more focused on trying to keep employees safe from social engineering-based phishing attacks, which lead systems and networks to be compromised by malware and other threats.
Amnesty International's Detekt is a free, open source tool that will help allow journalists and human rights activists know if they are being targeted by surveillance spyware. This is the first time Amnesty International and several non-profit coalitions have released something publicly.
"Governments are increasingly using dangerous and sophisticated technology that allows them to read activists and journalists' private emails and remotely turn on their computer's camera or microphone to secretly record their activities," said Marek Marczynski, Amnesty International Head of Military, Security and Police, in a press statement. "They use the technology in a cowardly attempt to prevent abuses from being exposed."
The global market for surveillance technologies is estimated to be worth $5 billion per year, and is climbing even higher.
At least 38.6 percent of companies suffered a major IT disruption due to employees visiting non-work related websites and other questionable material on work-owned electronics, leading to malware and other IT issues, according to a survey conducted by GFI Software.
Almost half of employees, 48 percent, report using Dropbox, OneDrive, Box, or some other personal cloud-based solution to store company information - something that isn't necessarily shocking, but a concern for companies trying to keep data secure. If their employment ended, 35.8 percent admitted they would try to save company data, including customer lists and confidential data, despite knowing it is illegal to do so.
"Data protection is a big problem, and one that has been exacerbated by the casual use of cloud file sharing services that can't be centrally managed by IT," said Sergio Galindo, GFI Software general manager. "Content controls are critical in ensuring data does not leak outside the organization and doesn't expose the business to legal and regulatory compliance penalties. Furthermore, it is important that policies and training lay down clear rules on use and reinforce the ownership of data."
China is on the short list of countries that have the ability to launch a cyberattack that would be able to shut down the US power grid along with other critical infrastructure, US government officials believe. It would appear these countries already launch reconnaissance probes that have found gaping security holes they can exploit in cyber defenses.
"We see them attempting to steal information on how our systems are configured, the very schematics of most of our control systems, down to engineering level of detail so they can look at where are the vulnerabilities, how are they constructed, how could I get in and defeat them," said Admiral Michael Rogers, NSA head and US Cyber Command head. "We're seeing multiple nation-states invest in those kinds of capabilities."
Beyond China, Admiral Rogers didn't publicly disclose other nation states believed to be sponsoring cyberattacks, though Russia almost certainly is on the list.
A Russian website is posting links to hijacked webcams and baby monitors, and US and UK privacy watchdog groups want to try to have the website shut down. The website has a listing of 4,591 cameras in the United States, 2,059 in France, 1,576 in the Netherlands, and numerous other cameras across Europe.
Some of the webcams listed on the website show a static image but don't appear to be running, while others still work just fine.
"The fact that a website is able to stream footage from thousands of cameras, illustrates the risks that consumers are taking by not changing the default passwords on camera enabled devices," said David Emm, Kaspersky Lab Principal Security Researcher. "It only takes a minute to change a password, and the longer it is left unchanged, the greater the chance that the device will be compromised."