TweakTown NewsRefine News by Category:
Cyberattacks will continue in 2015, and there will be increased interest in nation states using cyberespionage to attack and compromise one another. Established countries will work to "enhance their ability" to launch attacks and remain hidden on compromised networks - and researchers believe smaller countries and terrorist groups will develop their cyber warfare capabilities.
The McAfee report indicates: "Cyber espionage attacks will continue to increase in frequency as long-term players will become stealthier information gatherers, while newcomers to cyberattack capabilities will look for ways to steal sensitive information and disrupt their adversaries."
Cybercriminals will evolve their abilities to learn from organized state-sponsored attacks, and look to steal intellectual property, operational intelligence, and conduct intelligence gathering on specific targets.
Even with increased awareness from phone manufacturers and wireless carriers, smartphone theft remains a significant problem in the United States. There are more than 1 million smartphones stolen in the United States every year, with the Federal Communications Commission (FCC) rather unhappy about it.
"There is no single technology 'silver bullet' that will eliminate phone theft and therefore a complementary suite of technical and operational mitigation techniques will need to be made available and applied to gain additional impact to this issue," the report indicated.
Some US states have become more aggressive regarding smartphone theft, requiring manufacturers to include anti-theft technologies in new phones - but that will slow theft - and more must be done to prevent snatch and grab, armed robbery, and other crime.
Things just don't seem to be getting better for Sony. Hot on the heels of a shocking data theft at Sony Pictures, a new attack occurred today on the PlayStation store. Suspicions are centered around North Korea for the Sony Pictures hack, and the custom malware designed for that hack is now on the loose, threatening the world at large with a devastating over-write malware.
A group called The Lizard Squad is taking responsibility for the latest attack on the PlayStation Store this morning via a Twitter message that simply reads: "PSN Login #offline". This latest attack appears to be a denial-of-service attack, which overruns the website and prevents users from logging in. However, the full scope of the attack is not yet known, and Sony is currently investigating the breadth of the assault. Word on whether there was a data breach associated with the attack will come forward in the next few days. Sony and The Lizard Squad have a contentious history, to say the least. Earlier this year Lizard Squad issued a warning there were explosives on a domestic flight, resulting in its diversion. There just so happened to be a Sony executive on the flight.
The hack against Sony has been all over the news for a couple of weeks now, but it has reportedly all been tracked back to a single, posh hotel in Bangkok. North Korea has stepped up saying that it was not responsible for the hack, which had people thinking the country had attacked Sony over its movie "The Interview" with Seth Rogen and James Franco.
The hackers were traced back to St. Regis Bangkok, which is a 4.5-star resort where even the most basic rooms cost over $400 per night. We don't know if the hack was done from inside of one of these hotels, or outside in a public area of the hotel, but we do know they came from the St. Regis Bangkok. The investigations into the breach of Sony Pictures Entertainment servers took place on December 2, at 12:25AM local time.
Pro-North Korean hackers could be responsible for a cyberattack that crippled Sony Pictures, according to a statement broadcasted on a state-run television channel. The successful breach will likely cost SPE millions from interrupted business operations, data theft, and screener versions of the movie that have leaked online.
The KCNA news agency said that the "hacking into Sony Pictures Entertainment might be a righteous deed of the supporters and sympathizers with the DPRK in response to its appeal."
There are digital fingerprints that point towards North Korea, and cybersecurity experts and the FBI are helping SPE investigate the incident. Despite extreme poverty that most of the country's citizens endure, the controlling government has reportedly invested a great deal into developing hackers with developed cyberattack capabilities.
Eighty-two percent of US companies suffered at least one cyberattack in the past 12 months, with 46 percent reporting at least three or more, according to a Malwarebytes report that Lawless Research conducted. Mobile security issues garner a lot of attention, but exploitable browser vulnerabilities provide the most pressing concern at the moment.
Trying to defend against these malicious attacks has allowed the cybersecurity industry to grow at a rapid pace - and as software and hardware security both improve - retailers, financial institutions, and governments remain concerned of looming attacks.
There has been a rise in ransomware attacks, survey respondents noted, and infection levels have been relatively low - but cause great concern for executives.
Several high-profile cyberattacks launched against Apple have revealed OS X and iOS aren't as secure anymore, with criminals trying to compromise both operating systems. Enterprise workers are at risk because of Apple taking a "whack-a-mole" approach to security, which is a major threat with sophisticated spear-phishing attacks.
"Apple's responses to the WireLurker and Masque Attack operations illustrate that iOS is entering the 'whack-a-mole' era of malware defense, similar to that experienced during the last decade with PCs," said Dave Jevans, Marble Security founder and CTO. "Being proactive rather than reactive is essential in preventing these ioS vulnerabilities and exploits from affecting enterprise networks, and implementing mobile device security solutions is a huge step in achieving this."
Sophisticated cyberattacks target most major technology companies, but Apple previously was left relatively unscathed from most malicious code. However, cybercriminals want to find strategies to steal information and conduct data breaches, with a specific focus on compromising iPhones and iPads in the workplace.
Remember the Sony Pictures hack that saw employee's computers compromised and in-cinemas movies be released to the public? Well, according to recent news - this hack is even more in depth that originally thought.
Thanks to Gizmodo we were able to learn some more information regarding the whole ordeal, including various issues that Sony may face in the near future. As according to BuzzFeed, the 40 gigabytes of data released by these hackers contained everything from medical records to unreleased movie scripts - being claimed as one of the worst corporate hacks in history.
When the Target data breach occurred in late 2013, millions of Americans were at risk of fraud and identity theft - and it was the first of multiple major data breaches to hit retailers. Unfortunately, it seems unlikely all retailers have improved their security well enough to prevent a breach, and cybercriminals will probably claim at least one more victim before the end of the year.
More retailers are encrypting card numbers in their databases and installing additional secure card readers in their stores, but didn't move fast enough - so consumers aren't more secure in late 2014 than they were last year.
"If a retailer is compromised this holiday season, that announcement will probably be delayed until January," said Alphonse Pascual, Javelin Strategy & Research director of fraud and security. "For the consumer that means stepping in line at checkout or even shopping online is still tantamount to Russian roulette when it comes to using their credit and debit cards."
Data breaches have become an unfortunate reality for US consumers, and the problem seems likely to accelerate in 2015 while cybercriminals perfect their craft. Cybercriminals are aware banks are increasingly issuing chip-and-PIN credit cards - as retailers also switch to support the more secure cards - and will try to compromise companies as fast as they can in early 2015.
"There will absolutely be more breaches in 2015 - possibly even more than we saw in 2014 due to the booming underground market for hackers and cybercriminals around both credit card data and identity theft," said Kevin Routhier, Coretelligent founder and CEO. "This growing market, coupled with readily available and productized rootkits, malware and other tools will continue to drive more data breaches in the coming years as this is a lucrative practice for enterprising criminals."
In addition to consumer payment data, medical records will continue to prove lucrative to cybercriminals. Healthcare providers and companies hosting confidential payment information will have to prepare for an increase in attacks designed to steal this data.