Hacking, Security & Privacy - Page 25

The NSA and US Department of Justice are being sued by the Wikimedia Foundation, accusing the US organizations of violating US laws related to freedom of speech. The American Civil Liberties Union (ACLU) is representing Wikimedia, which was joined by Amnesty International, Human Rights Watch, and several other major organizations in the lawsuit.

The NSA's use of "upstream" surveillance, which "taps the Internet's 'backbone' to capture communications with 'non-US persons,'" is available for a large amount of possible uses - however, it is believed to ultimately collect data not involved in their investigations. Wikimedia and other groups are concerned that journalists, clients, foreign government officials and others won't be as willing to turn over information and discuss sensitive topics with them.

"Our lawsuit says that the NSA's mass surveillance of Internet traffic on American soil - often called 'upstream' surveillance - violates the Fourth Amendment, which protects the right to privacy, as well as the First Amendment, which protects the freedoms of expression and association," according to a Wikipedia op-ed published by the New York Times. "We also argue that this agency activity exceeds the authority granted by the Foreign Intelligence Surveillance Act that Congress amended in 2008."

Criminals took $16 billion from 12.7 million US consumers last year, with a new identity fraud victim every two seconds, according to a new report from Javelin Strategy & Research. Two-thirds of identity fraud victims last year received notification that their personal information was compromised in a data breach, which took over headlines as major retailers were hit.

On the bright side, new account fraud, which is when a criminal opens up an account in a victim's name, dropped to a record low in 2014. In addition, new monitoring and protection systems saw the amount lost due to fraud dropping 11 percent year-over-year, from $18 billion in 2013 down to $16 billion in 2014.

"Despite the headlines, the occurrence of identity fraud hasn't changed much over the past year, and it is still a significant problem," said Al Pascual, director of fraud & security at Javelin Strategy & Research. "Consumers, financial institutions and retailers are all taking aggressive steps, yet we must remain vigilant. The criminals will continue to find new ways to commit fraud, so taking advantage of available technology and services to protect against, detect and resolve identity fraud is a must for all individuals and corporations."

Former NSA contractor Edward Snowden wants to return to the United States in the future, but needs guarantees of a fair trial. The only promise he has been given is that he wouldn't face the death penalty if he is convicted - and privacy advocates believe the US government, which wants to do anything to get him into custody, cannot be trusted.

"He is thinking about it," said Anatoly Kucherena, a Russian lawyer representing Snowden, during a recent news conference. "He has a desire to return and we are doing everything we can to make it happen. Snowden is ready to return to the United States, but on the condition that he is given a guarantee of a legal and impartial trial."

Kucherena also noted that he is working with a group of international lawyers to determine the best method for Snowden's potential return to the United States. Snowden has a three-year Russian residency, but would likely face immediate arrest if he tried to leave Russia.

The US federal government is worried about a growing number of cases related to Stolen Identity Refund Fraud (SIRF), with criminals filing state and federal taxes - and making off with the tax refunds. Tax-related identity theft was the most reported type of fraud submitted to the Federal Trade Commission (FTC) in 2014, with the agency receiving 109,063 complaints.

Recently, the Internal Revenue Service (IRS) issued another public advisory to remind people that any telephone calls or emails claiming to be the IRS are fraudulent. In these scams, criminals ask victims to provide personal information or transfer money to them.

"It is a massive problem," said Brian Krebs, independent cybersecurity investigative reporter, in a statement published by the Milwaukee Journal Sentinel. "It's probably going to emerge as the biggest identity theft problem this year."

Ben Lawsky, a New York financial regulator and head of the New York Department of Financial Services, is reportedly considering new regulation to help prevent against "an Armageddon-type" cyberattack. There is concern that a coordinated cyberattack would be able to hit the "broader economy" of the United States.

"We are concerned that within the next decade, or perhaps sooner, we will experience an Armageddon-type cyber event that causes a significant disruption in the financial system for a period of time," Lawsky said while speaking at Columbia Law School.

To help prevent against a "cyber 9/11," Lawsky wants financial institutions and insurance companies be graded by the DFS. The legislation may also require multifactor authentication and other requirements to keep data secure. Banks also must be proactive in their effort to keep data secure, as foreign-based hackers continue their attempts to disrupt Wall Street.

Lenovo likely only collected $200,000 up to $250,000 for its Superfish adware installations on consumer PCs, according to a report from Forbes. Previous estimates predicted higher figures - but considering the company's major earnings - the low sum likely won't be worth the legal and public relations headaches.

It is alarming Lenovo, which finalized a deal in summer 2014 to pre-install Superfish, received such a small amount for jeopardizing so much. In addition to promising no more Superfish installations, the company's website was reportedly compromised by the Lizard Squad hacker group last week.

It looks like Lenovo is learning from its mistakes, promising to be more transparent about pre-installed software in the future. For new machines running Microsoft Windows 10, the Lenovo standard image will only include the OS, security software, Lenovo applications, and software/drivers required to make hardware work well.

More than five billion downloaded Google Android apps could be targeted by hackers, according to cybersecurity experts. Most forms of malware (96 percent) are focused on compromising Android, according to data from the FireEye cybersecurity firm.

Android is open source and allows more developers to contribute to the OS, but that also gives hackers a great opportunity to create sophisticated malware. Malware targeting Android drastically increased from 240,000 samples in 2013 up to 390,000 unique samples last year - and the problem seems to be accelerating.

"You can get all the code and then you can insert additional instructions and make it look and feel like the original app and no way for a consumer to tell the difference when they download it," said Jason Steer, director of technology strategy at FireEye, in a statement given to CNBC.

Cyberattacks from foreign states and rogue hacker groups have become the top threat to the United States, according to US intelligence experts. Director of National Intelligence, James Clapper, is especially concerned of potential attacks from Russia, China, Iran and North Korea - saying low-to-moderate level cyberattacks pose a long-term threat against critical infrastructure.

In addition to cyberespionage from foreign governments, there is rising concern of hacker groups able to infiltrate government agencies and companies - sometimes with support from foreign governments - with the goal of interrupting business operations, stealing money, and compromising employee and customer personal data.

Unfortunately, the US government has focused more on its cyber surveillance programs while largely neglecting cybersecurity. Even though it's effective to have offensive weapons, the United States has a lot more to lose than other countries if a major data breach occurs - and there is growing focus on being able to identify and defend against attacks.

By 2018, 40 percent of large enterprises will have some type of plan to respond to aggressive cybersecurity business disruptions, a drastic increase from zero percent in 2015, according to the Gartner research group.

Gartner describes an aggressive business disruption attack as a coordinated and sophisticated effort to interfere with and damage business operations - wiped data, servers knocked offline, intellectual property stolen.

"Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as several attack patterns and overwhelming evidence support that a compromise will occur," said Paul Proctor, VP and distinguished analyst at Gartner. "Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program."

Twenty-eight percent of consumers know nothing or very little about mobile malware, while another 26 percent said they are aware of cyber threats but aren't worried, according to the "Consumer Security Risk" survey from Kaspersky Lab.

In addition, 31 percent of Google Android smartphones and 41 percent of tablets aren't password-protected, while 58 percent of Android smartphones and 63 percent of tablets have some form of anti-virus software.

"It is not surprising that mobile users are facing online threats more often now: devices are capable of doing so much more, and many more people are using them, so of course they will attract fraudsters," said Victor Yablokov, head of mobile product line at Kaspersky Lab. "To avoid falling victim to scams, users are advised to protect their devices against cyber threats and be especially careful with any sensitive data store on them."

Even with the rising sophistication of cyberespionage campaigns, US critical infrastructure is less likely to suffer from a single major incident - and faces a higher risk of continued low-to-medium attacks.

"Rather than a 'cyber-Armageddon' scenario that debilitates the entire US infrastructure, we envision something different," said James Clapper, director of national intelligence, in a recent report. "We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security."

Clapper's statements were made as part of a report submitted to the Senate committee, with growing concern regarding cybersecurity.

FireEye's Mandiant found that the average data breach was discovered in 205 days, dropping from 229 days (2013) and 243 days (2012). Enterprises were only able to self-detect 31 percent of breaches, with third-parties and the government helping identify cybersecurity incidents.

Companies are becoming more vigilant in detecting cybercrime-related activity, such as credit card companies noticing fraudulent behavior.

"Over the last several years, organizations like the Federal Bureau of Investigation (FBI) have gotten increasingly involved in notifying US businesses that they have been identified as being compromised," said Ryan Kazanciyan, technical director at Mandiant, in a statement to eWEEK. "The result of the FBI's efforts has led to increasing numbers of victim notifications."

Europol's European Cybercrime Center is actively dismantling the Ramnit botnet, which relies on up to 3 million malware-infected zombie PCs. Twenty-seven percent of Ramnit infections were identified in India, with Indonesia (18 percent), Vietnam, the United States, Bangladesh and the Philippines also impacted.

Europol didn't say if any arrests were made at this stage of the investigation, but offered this public statement:

"This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime," said Wil van Gemert, Deputy Director of Operations at Europol. "We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes."

Anthem confirmed millions of non-Anthem customers are at risk, and 8.8 million up to 18.8 million customers could be at risk. Following discovery of the breach on Jan. 29, Anthem began contacting customers, but found millions of incomplete data records in its database.

The estimate counts 14 million incomplete records:

"While Anthem is not able to match incomplete records to a specific member, it does have valid mailing addresses for some of these records," an Anthem spokesperson told ABC News. "Anthem will distribute member notifications to the valid address on file as part of its effort to notify every potentially impacted member."

The FBI says it is "close" to identifying the cybercriminal group responsible for breaching Anthem, but didn't confirm if a public announcement would be made. The targeted attack against Anthem, the No. 2 health insurance company in the United States, left up to 80 million members compromised.

China is suspected in the breach, with Beijing reportedly improving its cyberespionage capabilities.

"We're close already," said Robert Anderson, head of the FBI's cybercrime branch, during a recent media briefing. "But we're not going to say it until we're absolutely sure. I don't know if it's China or not, by the way."

Millions of smartphones and mobile devices are vulnerable due to mobile app developers being lackadaisical issuing patches and security updates, according to a report from McAfee Labs.

Last year, it was discovered that at least 20,000 mobile apps have an easily exploitable SSL vulnerability, according to the Carnegie Mellon University computer emergency response team. McAfee tested the 25 most popular apps listed by Carnegie Mellon, and found that "poor programming practices" were prevalent - putting app users at risk.

"A lot of the discussion right now is about the value of data on your device, in this case your cellphone," said Gary Davis, McAfee spokesman, in a statement published by CBC. "Addresses, dates of birth, these are all data elements you'd need to in essence steal somebody's identity, or perhaps conduct insurance fraud, and it's all being made available through different applications."

The FBI is aware of at least 60 cybercriminal groups with state-sponsored support, according to Joseph Demarest, senior bureau chief and head of the FBI cybercrime division.

Demarest also said the FBI was able to trace the Sony Pictures Entertainment hack was tied to North Korea within one month - showing that the unstable country has increasingly sophisticated cyberattack capabilities. State-sponsored cyberespionage is a booming business, with the FBI and other departments suspecting China, Russia, Iran, and other countries of relying on hackers.

In addition, the FBI announced a $3 million reward for the arrest or conviction of Evgeniy Bogachev, operator of GameOver Zeus. The bounty is the largest offered for a cybercriminal, and the Russian has been charged with computer hacking, conspiracy, wire fraud, bank fraud and money laundering - and faces a federal charge of bank fraud conspiracy.

Do you remember when 6.5 million LinkedIn user's passwords were leaked in 2012 by Russian hackers? We leaned that apparently some people log-in to their professional social media with passwords like 'swampass' and 'squirter'.

A class action lawsuit has seen this company brought to their knees, offering a massive $1 each to the 800,000 Premium Users who joined up the fight. Just in case you were wondering if this might have been a typing error or mistake, it's not - they're giving $1 of cold-hard US dollar to each of the 800,000 Premium Users in which joined this lawsuit.

A LinkedIn spokesperson said to the New York Times that the purpose of this move is "to avoid the distraction and expense of ongoing litigation," even though they deny that they are at fault for the breach.

The National Security Agency (NSA) still has a fragile relationship with Silicon Valley companies, and both sides are trading shots at one another. In the most recent incident, a Yahoo executive challenged the NSA regarding its demand for encryption backdoors.

"If we're going to build defects, backdoors or golden master keys for the US government, do you believe we should do so for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government?" said Alex Stamos, CISO of Yahoo.

NSA Director Adm. Michael Rogers initially tried to deflect the question, and then offered the following answer: "I think that we're lying that this isn't technically feasible - now, it needs to be done within a framework. I'm the first to acknowledge that," Adm. Rogers said.

It was only last week that it was revealed that the National Security Agency hacked into Gemalto, the largest SIM card maker in the world, which broke just after we wrote about the NSA reportedly having access to backdoors in Western Digital and Seagate firmware.

The NSA is back in the news once again, with its director, Mike Rogers, wanting to see calmer action in regards to the government's plans to keep its backdoors operating smoothly. Rogers said that maintaining these "backdoors" would not be harmful to citizens' privacy, would not "fatally compromise encryption and would not ruin international markets for US technology products", reports The Guardian. Rogers said: "If you look at the topology of that attack from North Korea against Sony Pictures Entertainment, it literally bounced all over the world before it got to California. Infrastructure located on multiple continents, in multiple different geographic regions".

Rogers wasn't too clear on how legal or technological protections could be installed so that the various government agencies wouldn't take advantage of having all of this data. The White House is working directly with tech giants like Apple, Yahoo and Google on their encryption for the government to access their mobile data, cloud computing and more.