TweakTown NewsRefine News by Category:
A well-organized Eastern European cybercriminal group is using social engineering that includes phishing and phone calls paired with malware to steal money from US businesses. IBM, which discovered the surprisingly sophisticated operation, call it "The Dyre Wolf" - and while the group has netted just $1 million so far - the organization of the group is rather alarming.
Once victims click on a fraudulent link or attachment, the malware is installed and waits for users to access a bank website. Instead of going to the bank's website, a fake screen says the bank website is down, so victims have to call a phone number. Once dialed, victims turn over bank information and a large money wire transfer is initiated by the criminals.
"What's very different in this case, is we saw a pivot of the attackers to use a set of social engineering techniques that I think are unprecedented," said Caleb Barlow, VP of IBM Security, in a statement to Reuters. "The focus on wire transfers of large sums of money really got our attention."
The National Security Agency (NSA) should be able to find itself 1,600 new recruits in 2015, with a heavy focus in computer science and math, but the task is getting harder. A combination of rising Silicon Valley tech employment/salaries mixed with Edward Snowden's intelligence leaks have damaged trust in the NSA from the public - and possible job recruits.
The NSA has around 35,000 employees across the country, and trying to compete against tech companies to recruit employees from leading universities is proving difficult. A lack of trust is a major issue that is making some people think-twice before trying to land a job with a security clearance.
"Before the Snowden leaks we looked at the NSA as being a spy agency, and they did what they were supposed to do," said Matthew Green, assistant research professor at the Johns Hopkins Information Security Institute, in a statement to NPR. "But we've learned that they've been collecting this incredible amount of information. And they're not shy about doing whatever they have to do to get access to that information."
Following an international manhunt dating back two-and-a-half years, the FBI's most wanted cybercriminal was captured in Pakistan earlier this year. Noor Aziz Uddin, a 52-year-old responsible for spearheading a global phone fraud ring, was one of the FBI's most wanted cybercriminals.
Despite traveling between the United Arab Emirates, Malaysia, Pakistan, Italy and New Jersey, Uddin's ability to hide began to unravel after federal Pakistani authorities received a phone number reportedly linked to him. The Federal Investigation Agency in Pakistan was able to use the phone's GPS coordinates, with help from Uddin's wireless service carrier, to pinpoint his exact location.
The arrest occurred successfully without any violence.
Employees infected with ransomware often panic and paying a ransom to the cybercriminals typically is easier than trying to restore files. The problem is a tad bit more complicated, because criminals are hacking files and forcing companies to choose between paying or suffering a data breach. Thirty percent of organizations would pay or negotiate a release of encrypted data, according to ThreatTrack.
Interestingly, that number goes up to 55 percent for companies that have suffered a similar incident in the past - revealing the need for proper employee education.
It's unknown how many companies actually suffer an extortion scheme, with many companies likely not reporting issues to the public or to law enforcement, said Stuart Itkin, SVP of ThreatTrack. Cyber extortionists are becoming better skilled, so trying to figure out how to negotiate with them is a struggle.
The Obama Administration wants to hit individuals and groups located outside the United States with financial sanctions if they launch cyberattacks taking aim at US economic stability, national security or the country's foreign policy.
The United States has a lot more to lose when compared to other countries in the current cyberwar landscape, and trying to find adequate defensive strategies has been difficult. However, Obama hopes its latest executive order, giving the US Treasury Department the ability to freeze assets, will make some cybercriminals think twice.
Anything from attacking critical infrastructure and using trade secrets for an advantage in the cyber landscape to disrupting computer networks and causing mass data breaches could lead to sanctions.
The GreatFire free-speech group says the Chinese government is using its incredible Internet infrastructure to launch cyberattacks. Many national governments are modernizing their cyberattack capabilities, and China is notorious for targeting political opponents.
GreatFire itself suffered a major distributed denial-of-service (DDoS) attack, and now GitHub and other companies are facing sophisticated cyberattacks. Not surprisingly, the Chinese government didn't respond to GreatFire accusations, though officials previously accused the group of being "anti-China."
If true, this is a new strategy from the Chinese government, which has been long suspected of organized cyberespionage. "The last couple months, we've seen a real sea change in Chinese Internet policy, where they've become more assertive about blocking Western sites and pushing back on their citizens' ability to access information from outside the country," said James Lewis, senior fellow of the Center for Strategic and International Studies.
Researchers from Check Point Software Technologies in Israel have found a surprising computer spying operation that "likely" originated from a government agency or political group operating inside of Lebanon.
The spy software, once installed via hijacked public websites, could steal personal and corporate information from victims.
"They are not 'script kiddies,'" said Shahar Tal, a researcher at Check Point Software Technologies, in a statement published by Reuters. "But we have to say in terms of technical advancement, this is not NSA-grade. They are not replacing hard drive firmware."
It's getting more difficult to identify and track terror groups online, with the Dark Web and file encryption proving effective.
It's up to tech companies to think about the supposed damage facing police agencies and federal investigators, said Rob Wainwright, director of Europol, while speaking to 5 Live Investigates. Using forms of encrypted communications helps terrorists avoid detection while corresponding with one another.
"With the right resources and cooperation between the security agencies and technology companies, alongside a clear legal framework for that cooperation, we can ensure both national security and economic security are upheld," said a spokesperson with TechUK, a UK technology trade organization.
Two former agents have been charged with stealing money while conducting an undercover investigation against Silk Road.
Carl Mark Force IV was a Drug Enforcement Administration (DEA) agent and Shaun Bridges worked for the US Secret Service - accused of taking bitcoins and converting them into cash, and then depositing it into their own accounts. Bridges allegedly ended up stealing more than $800,000 in bitcoins.
Force has been charged with wire fraud, money laundering and theft of government property, while Bridges has been charged with wire fraud and money laundering. Both men were part of a task force in Baltimore assigned with investigating Silk Road - and both men have resigned from their respective agencies, with additional details expected in the future.
Cybercriminals were able to gain access to thousands of British Airways Executive Club frequent-flyer accounts. It doesn't appear any personal information was viewed or taken during the breach, and British Airways has frozen accounts while an investigation is underway.
"British Airways has become aware of some unauthorized activity in relation to a small number of frequent-flyer executive club accounts," a British Airways spokesperson confirmed to The Guardian.
It remains unknown who is responsible for the Executive Club system intrusion.