Hacking, Security & Privacy - Page 27

Companies are under cyberattack, and many of them are being caught off guard when a data breach occurs. More than half of small and midsize businesses (SMBs) don't have an appropriate breach response plan currently in place, according to a survey from Software Advice.

There are 47 states with breach notification laws that force companies to disclose data breaches when personal information is impacted. However, just 33 percent of SMB decision makers feel "very confident" they understand their state laws regarding breach notification - and it remains a confusing matter.

"Most of the time, when [valuable] information leaks out of a company, it is instantly being monetized on underground forums," said Bogdan Botezatu, senior e-threat analyst of the Bitdefender antivirus firm. This data can be moved quickly, as cybercriminals tend to want to exploit data before changes are made - and companies must inform their clients and customers promptly.

Vladimir Drinkman, 34, has pleaded not guilty after being charged of allegedly serving as part of an international hacker ring responsible for stealing up to 160 million credit cards. The group is accused of installing malware on vulnerable computer systems, with stolen information sold on the black market.

Drinkman's specialty was penetrating networks to gain access to corporate databases that could later be mined.

The hacker group hit NASDAQ, 7-Eleven, Dow Jones, JetBlue, and other high-profile targets - with the "far-reaching" scheme responsible for compromising usernames, passwords, along with debit and credit card numbers.

To help defend against cyberattacks, executives at private corporations need assistance from the US government and cybersecurity firms.

It took longer than experts would have liked, but it appears 90 percent of CEOs in the United States find cybersecurity strategically important, according to a PwC survey. The survey also found 87 percent are worried about cyberattacks, and 45 percent are extremely concerned about mounting attacks - many aimed at stealing employee and customer personal data.

President Barack Obama hosted a cybersecurity summit last week at Stanford University, seeking greater cooperation between the United States and Silicon Valley. "When you step back and look at the role of a company versus the role of a government, clearly if we're going to provide the safest possible [customer] experience in [the] aggregate, government and companies need to work together," said John Donahoe, CEO of eBay, in a statement to Fortune.

The Operation Arid Viper campaign has successfully stolen more than 1 million files with current malware campaigns underway, though it's not the usual suspects, according to Kaspersky Lab and Trend Micro.

The Arab-speaking group, with ties to Gaza, have targeted foreign government offices, critical infrastructure, military, universities, and other high-profile targets. The attacks likely occurred starting in mid-2013 and a full investigation into their actions is underway.

"Whoever the real culprits are, it is clear that they are part of the Arab world, evidence of a budding generation of Arab hackers and malware creators intent on taking down their chosen adversaries," researchers said in a study. "Some of the black hats - be they mercenaries or cybersoldiers - are actively targeting countries such as Israel due to political motivations. We have seen all of the ingredients of a cyberskirmish guerrilla war that goes unnoticed by mainstream IT security media."

Japanese infrastructure endured 25.6 billion cyberattacks in 2014 alone, with 40 percent reportedly traced back to Chinese sources, according to Japan's National Institute of Information and Communications Technology (NICT).

It wouldn't be surprising to hear Japan faced a large number of cyberattacks tied to China, especially with political turbulence between Tokyo and Beijing. There were a number of attacks originating from the United States, South Korea and Russia - as cybersecurity efforts continue to grow.

When the survey was first conducted, in 2005, there were just 310 million cyberattacks detected by the Japanese government. The latest NICT report discovered a growing number of attacks aimed at compromising home and business routers, IoT-enabled systems, networks, and security cameras.

A recent flaw has been discovered in multiple Netgear router models, reportedly allowing hackers to bypass administrator authentication and gain full access to the device as found by Network engineer, Peter Adkins.

Adkins discovered that routers in the popular Netgear 'WNDR' range are running a Simple Object Access Protocol (SOAP) service as part of the Netgear Genie device administration application. Seemingly secure, he was able to bypass filtering and authentication for the SOAP service over a Wi-Fi connection without much effort.

Once the connection had been established, Adkins was able to extract the admin password, Wi-Fi interface credentials, station identifiers, the device serial number and even information on connected clients. He then notified Netgear of this security issue, however was met with a response which included "the network should still stay secure" - apparently due to hidden built-in security features.

Following news that millions of dollars have been stolen from banks by cybercriminals was yet another startling wakeup call for cybersecurity experts. Not surprisingly, hackers delivered the malware payload via social engineering phishing attacks targeted at reckless employees.

"Even after 20 years, social engineering is still the easiest way into a target's network and systems, and it's still the hardest attack to prevent," said Kevin Mitnick, legendary hacker and Chief Hacking Officer of KnowBe4.

Companies need to be aware that employees - in a number of different departments - are often untrained and rather careless when checking their emails. Spear-phishing tends to be a popular choice among cybercriminals, able to trick employees by using a customized approach.

Kaspersky has some damning claims against HDD giants Seagate and Western Digital, where it has said that the NSA has spying backdoors installed onto the HDD firmware of the leading HDD manufacturers products.

The cyber-security giant says that the US spy agency has full access to raw data, agnostic of partition method (low-level format), file system (high-level format), operating system, or even at the user access level. Kaspersky has said that it has found PCs in at least 30 countries with the spying programs installed, with the most infections found in Iran. After that, we have Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria.

Kaspersky has said that the HDD firmware backdoors are used right now to spy on foreign governments, telecommunication giants, banks, nuclear researchers, the media, and many more. Kaspersky isn't outright naming the company that has designed the malware, but it has said that the company responsible has close ties with the development of Stuxnet. But it does get worse, as the company adds that each time you turn your PC on, the malware is activated, which means it has utter control to all of the critical OS components - possibly gaining access to your network, and file system.

Mobile phones are under attack by cybercriminals, trying to steal personal data and possible financial information stored on devices. Studying information collected on cellular networks, 0.68 percent of mobile phones suffer from malware infection, according to Alcatel-Lucent.

Google Android devices - the No. 1 mobile OS across the world - make up 99 percent of the infected devices, with infection rates increasing. Adware.Uapush, Trojan.Ackposts and SMSTracker are the top three infections, commonly hidden in legitimate looking mobile applications.

"Most importantly is the fact that there is less control - you can download the apps from third-party app stores and there is very little checking of the digital signature that you sign the app with," said Kevin McNamee, director of Alcatel-Lucent's Motive Security Labs.

Cybercriminals carrying out data breaches on organizations are helping create a suddenly booming cyberattack liability insurance market.

Traditional insurance companies - and a growing number of niche cyberattack insurance providers - are overwhelmed by an avalanche of new applications. The cyberattack insurance industry reached close to $2 billion in 2014, which is double the previous year, according to industry analysts.

"Think of a massive cyberattack as an intelligent hurricane," said Ty Sagalow, COO of the eBusiness division of AIG, in a statement published by the Los Angeles Times. "If it hits a house that doesn't fall down it learns why the house didn't fall and it changes. It is a scary thing... scary things sell insurance."

North Korea isn't a cyberespionage powerhouse like Russia or China, but the country has a budding cyber warfare program that could cause major headaches for the United States and South Korea. Pyongyang is investing more resources into its cyber capabilities, evolving attack habits to be highly disruptive.

"A prime example could be if we're imagining that North Korea was under attack from South Korea, which was being supported by the US Army," said Egle Murauskaite, trainer at the US National Consortium for the Study of Terrorism and Responses to Terrorism, in a statement to the Christian Science Monitor. "North Korea could attack satellites to disrupt communication between the US and allies and imped the US ability to reach targets."

Along with satellites, precision guided missiles largely rely on electronics, so there are fears that attacks would be able to effectively disrupt these signals.

Companies and government agencies understand the need for improved cybersecurity to help defend against attacks and insider threats. It's a confusing mix of trying to defend against outside threats, and keeping reckless and improperly trained employees from causing harm.

Fifty-three percent of federal IT professionals believe insider threats, whether from intentional threats or untrained employees, remains the largest threat, according to a report from IT software firm SolarWinds. Furthermore, 64 percent of those surveyed think insider threats can be as damaging - or more damaging - than malicious external threats posed by hackers and cyberespionage.

"Contrasting the prevalence of insider IT security threats against a general lack of threat prevention resources and inconsistently enforced security policies, federal IT pros absolutely must gain visibility into insider actions to keep their agencies protected," said Chris LaPoint, group VP of product management at SolarWinds. "However, given the unpredictability of human behavior, the 'Why?' of those actions is an elusive query."

The surging biometrics market is predicted to reach $13.8 billion in 2015, largely due to government adoption, however, there could be growing interest in the private sector, according to the ABI Research group.

The United States and European Union nations will continue to adopt biometrics, with fingerprint recognition still the leading solution. Consumer and private sector biometrics spending could outpace government spending in 2018, according to ABI, as wearables and smartphones implement enhanced security protocols.

The healthcare industry is still trying to cope with news that Anthem suffered a major data breach - and there are increased talks regarding cybersecurity technologies that can be utilized to prevent future incidents. As more companies transition to electronic health records, biometrics supporters hope that it will present a great opportunity for hardware and software adoption.

According to some security researchers at Kaspersky, a group of hackers have used tricky malware to steal at least $300 million from bankers throughout 30 countries across the world.

The hackers tricked bank staff into installing a virus, or malware, through a spoofed email, where they spied on staff to learn their behavior. From there, they were able to mimic bank staff, to learn telltale signs that money is being taken from the bank, and transferred to various accounts. The attacks did just that, transferring money to other bank accounts, but some of it is sent to ATMs where criminals are monitoring specific ATMs.

The banks that were hit are now aware of the attack, but Kaspersky cannot name the banks due to non-disclosure pacts. Some of the firms don't want to admit they were hit, as they would be looked at as victims, and that their security has failed them. As for the breaches of security, the hackers injected malware into banks in the United States, Russia, Japan and many more countries.

Companies are scrambling to defend against cyberattacks in an effort to prevent data breaches, but are struggling to find success. Cybersecurity experts warn they must realize that hackers will likely enter their systems, and have to find ways to defend attacks after unauthorized access already occurs.

Worldwide IT security spending was around $70 billion in 2014, according to Gartner research group estimates - but that figure will top $109 billion by 2020 for just banks, energy and defense contractors. Spending is going to keep increasing with the number of attacks also reaching new levels, experts warn.

"Once an attack has made it past those defenses they're in the gooey center, and getting around is relatively simple," said Ryan Wagner, director of product management at vArmour, in a statement to Reuters. "You need to make sure that when you close the door, the criminal is actually on the other side of the door."

Insurance companies and other healthcare-related businesses can expect additional cybersecurity scrutiny in the future, after Anthem suffered a major data breach.

To better fight against cyberattacks - and subsequent data breaches - companies should conduct cyber vulnerability risk assessments and penetration testing. Just a few years ago, these types of activities were seen as luxuries that very few companies engaged in, but now business leaders must look to ensure their networks are secure.

Cybercriminals are extremely opportunistic and look for any opportunity they can manipulate for their benefit:

President Barack Obama claims he supports strong computer data encryption more than many law enforcement agencies, though sided with them regarding the need to keep the public safe.

To help address the issue, Obama wants a "public conversation" to discuss encryption and security efforts.

"And so this is a public conversation that we should end up having," Obama told Re/code. "I lean probably further in the direction of strong encryption than some do inside of law enforcement. But I am sympathetic to law enforcement because I know the kind of pressure they're under to keep us safe. And it's not as black and white as it's sometimes portrayed."

The Internet of Things (IoT) offers great connectivity for consumers, but is becoming a soft target for cyberattacks, according to the Nexusguard "2015 Internet Security Trend" report. Of note, distributed denial of service (DDoS) attacks greatly concern cybersecurity researchers, with criminals hoping to interrupt access to connected technology.

The current IoT infrastructure largely relies on shared libraries and a fast development cycle, with security sometimes included as an afterthought. To make matters worse, cybercriminals can hijack poorly secured "Things" and help use them in botnet attacks against other targets.

"With the Internet of Things, people are posting personal or commercially sensitive information," said Terrence Gareau, Chief Scientist of Nexusguard. "It's a very complex question how people are going to secure that data, especially with increasingly sophisticated attacks. Furthermore, hackers may be incentivized to infect IoT devices and use them as an army for botnet attacks. Additionally, the smokescreen of DDoS attacks used for covering up data exfiltration, market manipulation and extortion, are ever more present."

Credit card company Visa plans to release a new location-based feature that will give cardholders the chance to update their location via smartphone. Banks will include the Visa software in their smartphone apps starting in April, and cardholders will have a chance to opt into the program.

When the cardholder's smartphone enters a new city or country, the app updates Visa so they are aware if credit card transactions take place in the new geographic location. This will prevent charges from being declined - and members won't have to call to confirm their whereabouts.

"We will be able to compare the merchant's location to the most recent cellphone location to show it's a less risky transaction," said Mark Nelsen, executive at Visa, in a statement published by the AP.

Apple has today announced a two-step verification process for iMessage and FaceTime applications, announced in the wake of the massive celebrity leak uncovered late last year.

This new system means that users will be asked to supply their username and password alongside a verification code that Apple will send to a device with granted access to these services. This process has been recommended by computer security experts, with them stating the obvious - a hacker gaining control to your username and password is much easier than doing the former and stealing your phone.

The username and password issues most commonly seen are due to people using the same email and password combination for numerous accounts. This means that if a hacker has access to your iCloud, they likely have access to your Facebook, email, Twitter and more.