Hacking, Security & Privacy - Page 36

Billionaire investor Mark Cuban was caught up in the data breach suffered by Sony Pictures Entertainment, as Sony Pictures Television President Steve Mosko, Cuban, and Cuban Companies attorney Robert Hart were discussing contract negotiations for "Shark Tank." Cuban was not pleased to be offered $30,000 per episode in season 5, $31,200 per episode in season 6, and $32,488 per episode in season 7.

Cuban now speaks directly with Mosko via Cyber Dust, Cuban's free texting app, providing a secure platform in which messages and photos are purged after 30 seconds. Similar to SnapChat, however, it would appear Cyber Dust messages can be captured - but indicates a growing trend among users looking for more secure communications.

"For those following the Sony hack situation, you may have seen one of my emails about my Shark Tank salary and deal emerge," Cuban recently said via Cyber Dust. "What they don't know is that I moved all the rest of my discussions to Cyber Dust! That's why there was only one email. Moral of the story is that the 'no big deal' email you send today can easily be part of tomorrow's big hack leak. No matter who you are, someone you know is getting hacked and it could impact you."

The Anonymous hacker collective and Lizard Squad aren't happy with the Swedish government for dropping The Pirate Bay, and is launching cyberattacks to compromise government officials. Hackers provided the URL and IP addresses used by the Swedish police force, inviting other hackers to target its website. Additional attacks related to the remove of The Pirate Bay are expected to continue in coming weeks from a number of different groups.

Last week, Swedish ISP Telia also suffered cyberattacks, causing online services disruptions and connectivity issues for subscribers throughout the country. Usernames and passwords of numerous Swedish government officials were posted online by Anonymous. Hackers also targeted government email addresses for representatives in Argentina, Israel, India, Mexico and Brazil.

Trying to prevent these cyberattacks proves difficult for government agencies and companies, especially with Anonymous operating as an organized, decentralized collective of skilled hackers.

Point-of-Sale (PoS) vendors are facing an increasing number of cyberattacks, as organized hackers find new methods to compromise customer data. The Charge Anywhere payment gateway solution provider announced it was compromised, with the breach first occurring in 2009.

The PoS infrastructure, especially as more companies begin to test mobile payment services, will become a major target for criminals. In addition to Charge Anywhere, PoS system vendor Signature Systems also confirmed it suffered a data breach in September, with custom malware installed to steal data. Trying to crack down - and limit - these types of attacks will be extremely difficult, with a growing number of highly-organized cybercriminal groups trying to steal US consumer payment data.

"I would expect attacks like this to become more frequent and more widespread for the reason that seems to be underreported on this breach - the substantial increase in mobile payments due to ease of use, and the ability to accept payments equickly, especially to smaller businesses," said Tom Bain, CounterTack VP of security strategy, as noted by Dark Reading. "Users expect and have a blind trust in applications that support their business - and just expect that security measures are taken to protect them. In just a six-month span this year, mobile malware attacks have increased [by six times] globally."

The Guardians of Peace hacker group, which has taken credit for compromising Sony Pictures Entertainment, has offered to withhold compromising data: employees only need to email them their name and business title to be spared. The unique correspondence comes ahead of another promised round of published email correspondence between SPE employees.

Here is what the group said in an email: "Message to SPE staffers. We have a plan to release emails and privacy of the Sony Pictures employees. If you don't want your privacy to be released, tell us your name and business title to take off your data."

The message also has an ominous warning to SPE executives: "The sooner SPE accept our demands, the better, of course. The farther time goes by, the worse state SPE will be put into and we will have Sony go bankrupt in the end."

Sony Pictures Entertainment is still trying to recover from a nasty data breach, and now the company's attorneys are taking aim at the media. Hackers have released eight rounds of data, much of it embarrassing, as SPE's attorneys want journalists and bloggers to stop publicizing leaked data.

"We are writing to ensure that you are aware that SPE does not consent to your possession, review, copying, dissemination, publication, uploading, downloading or making any use of the stolen information," according to a letter written by attorney David Boies, and sent to several tech media outlets.

The Supreme Court previously found a radio not liable for broadcasting an illegally recorded conversation, as the station was a third-party and didn't participate in actively making the audio recording. It would seem unlikely the SPE can make any legal demands of journalists for posting the data - and outlets will continue to air SPE's dirty laundry in public.

Before Sony Pictures Entertainment was compromised in a significant cyberattack that crippled its computer systems and led to large amounts of data stolen, the company was warned of lapses in cybersecurity. SPE's firewall and at least 100 other devices were being monitored by the studio's in-house team instead of Sony's corporate security team, according to an audit done by PricewaterhouseCoopers (PwC).

"Security incidents impacting these network or infrastructure devices may not be detected or resolved [in a] timely [manner]," according to a PrincewaterhouseCoopers confidential report available in September. Re/code received a copy of the report and indicated SPE knew of significant security problems, but had a slow reaction time before trying to resolve problems.

Hollywood studios and other major corporations have the opportunity to learn from SPE's significant data breach, at Sony's expense.

The Internet of Things (IoT) is expected to explode in popularity in coming years, but trying to keep a growing number of connected devices secure from cybercriminals remains a major effort. To help get a step ahead of malicious criminals, companies are embracing white hat hackers specialized in finding and exploiting potential security loopholes - and then sharing details with the company.

"Source code analysis, integrating security testing into the normal test cycle, and penetration testing at the end," said Michael Murray, director of GE Healthcare cybersecurity consulting and assessment, in a statement published by Dark Reading. "I'm [still] breaking lots of stuff. I'm just breaking it before it gets to the customer to make sure bad things don't happen to people out in the world."

Connected devices are increasing to vehicles, our homes and apartments, medical devices, and virtually everywhere else - but keeping consumers and users secure is a major effort.

Despite major ramifications from its data breach suffered last month, with Sony still seeing bulk amounts of information leaked online, the company must continue moving forward. However, hopefully some people in the movie industry can now appreciate that public figures will remain a target of interest among hackers.

Agents, actors and movie studios in Hollywood can certainly learn from Sony's glaring mistakes, understanding that those emails with snide marks about others - which they expect to be confidential - shouldn't be sent, in fear potentially being leaked.

"[T]here's going to be consequences for senior people at the studio," said Sharon Waxman, founder and editor-in-chief of TheWrap, speaking to CNBC. "The studio has to go on with its business and it's drip drip drip everyday of an unknown damage hitting the studio - and embarrassment, another piece of information."

Chinese cybercriminals are finding success using social engineering attacks to easily compromise companies, with an increased focus on universities, financial institutions, defense contractors, and critical infrastructure. Likely state-sponsored cyberattackers were able to breach the Canadian National Research Council, searching around for scientific research information and possible trade secrets.

A spear-phishing attack, with the email including an attached piece of malicious code, found its way onto the organization's network. The Canadian government didn't disclose what type of information could have been compromised from the breach, which took place earlier in 2014.

It is also unclear as to whether any personal information has been compromised," said Tobi Cohen, a privacy commissioner spokeswoman, as noted by the CBC. "We are satisfied that the organization took appropriate steps to notify employees and other parties about the cyber-intrusion and that efforts are underway to update [information technology] systems and security procedures to prevent this from happening again."

The Guardians of Peace released more information stolen from Sony, and promised a large "Christmas gift" of additional data taken in a breach Sony suffered that started late last month. The leaked content reportedly contained more email correspondence and information related to Crackle, the online video website.

Here is part of the post from hackers (via Pastebin): "We are preparing for you a Christmas gift. The gift will be larger quantities of data. And it will be more interesting. The gift will surely give you much more pleasure and put Sony Pictures into the worst state."

The cybercriminals behind the Sony breach have released seven waves of stolen data and movies to the Internet, and will continue to do so. The FBI and cybersecurity companies are helping Sony clean up the mess, but the damage has clearly already been done.

It very well could have been a symbolic victory and nothing else, after The Pirate Bay was shuttered, but digital piracy levels didn't significantly drop. Piracy torrent statistics have been made available courtesy of the anti-piracy Excipio firm, which tracks movie, TV shows, music, video games, and software torrent downloads - and on Dec. 8, the day before Pirate Bay servers were seized, there were 101.5 million IP addresses engaged in torrent downloads.

The number dropped to 99 million on Dec. 9, then down to 95 million on Dec. 10, and 95.6 million downloads on Dec. 11, according to Excipio. However, the number again topped 100 million on Dec. 12, which noted that the daily average of torrent downloads worldwide since Nov. 1 was 99.99 million.

For interested Internet users, there are dozens of other websites that allow access to torrent downloads, and Internet piracy will continue to be a thorn in the side to governments and copyright holders.

US companies need to be aware of increasingly sophisticated Iranian cyberespionage operations, according to the FBI, with targets ranging from educational institutions, energy firms, defense contractors, and additional critical infrastructure.

As part of Operation Cleaver, there have been 50 victims in 16 countries reported so far, according to cybersecurity company Cylance. The FBI's "Flash" report also included technical details about sophisticated malware and attack strategies that are likely being used by Iranian cybercriminals. "It underscores Iran's determination and fixation on large-scale compromise of critical infrastructure," Cylance CEO Stuart McClure reportedly noted.

Potential victims have been asked by the FBI to speak with them, especially if potential links point towards foreign cybercriminals.

Apple OS X users in the United States faced a large number of cyberattacks, with almost 100,000 users being targeted, according to a Kaspersky Lab report. Not surprisingly, that accounted for 39 percent of total Mac OS X cyberattacks - largely because the US has the largest number of Apple product owners - as cybercriminals pay more attention to iOS on smartphones and tablets, along with OS X on desktop computers and laptops.

AdWare programs were the most popular method of attack against OS X users, accounting for almost half of the top 20 list, according to Kaspersky.

OS X users are strongly urged to install some type of anti-virus and anti-malware software solution, as cybercriminals pay more attention to compromising Apple products.

AirWatch's on-premise mobile device management solution has recently received a major update - patching a flaw that enabled users who manage MDM solutions in multi-tenant environments to access other users data and information.

The patch was issued this week, closing the 'information disclosure hole' in its services. iTnews reported that the published security advisory VMSA-2014-0014 addressed the issue, with them claiming this was due to "AirWatch On-Premise having direct object reference vulnerabilities which could allow a manager of an MDM deployment in a multi-tenant environment to see organisational information and statistics of other tenants."

These direct object reference vulnerabilities will allow criminals to bypass user authentication and access all of your databases and sensitive files directly - rendering any security measures in place as useless. According to the Open Web Application Security Project this flaw is quite common and widespread, seeing it exploited by hackers globally in the past and present. Due to this flaw, there have been previous reports of up to 500 Dodo Power and Gas customer information being compromised two years ago, alongside Australia Post removing its Send and Click service due to a similar discovery.

The FBI is still unsure what hacker group successfully compromised Sony Pictures Entertainment, but said 90 percent of companies would likely fall victim to the same tactics. FBI officials also have reportedly met with Sony employees to explain how to protect themselves due to personal information being stolen as part of the breach.

"[T]he malware that was used would have gotten past 90 percent of the Net defenses that are out there today in private industry and [would have been] likely to challenge even state government," said Joe Demarest, assistant director of the FBIU cyberdivision, at a Senate Banking Committee hearing.

Sony is working with Mandiant, a cybersecurity forensics company, and CEO Kevin Mandia confirmed that this type of attack would be difficult to prepare for. The Guardians of Peace took credit for the attack, with purported GOP members emailing the media additional details of the breach.

Sony has been accused of launching distributed denial of service (DDoS) attacks against websites hosting its stolen content, using Amazon Web Service as a launch pad, according to unnamed sources speaking with Re/code. It would seem extremely unlikely - and easily identifiable - if Sony decided to use AWS to launch any form of DDoS attacks, with network monitoring company CloudFlare suggesting Sony didn't launch any counter-attacks.

Amazon sent the following statement to TweakTown:

"AWS employs a number of automated detection and mitigation techniques to prevent the misuse of our services. In cases where the misuse is not detected and stopped by the automated measures, we take manual action as soon as we become aware of any misuse. Our terms are clear about this. The activity being reported is not currently happening on AWS."

Sony is still reeling from its major cyberattack and brutal data breach, now deciding to use the Amazon Web Services (AWS) to allegedly launch distributed denial of service (DDoS) attacks against websites. Movie studios have tried to counter piracy hubs by flooding them with fake files - and launch cyberattacks against them - with varying levels of success.

"The AWS acceptable usage policy explicitly prohibits initiating denial of service attacks from their service; it's unlikely that Amazon would let this activity continue," said Tim Erlin, Tripwire director of security and risk. "Taking the step to 'hack back' against perceived legitimate targets, based on their own assessment of guilt, presents a myriad of potential legal problems."

If these accusations are true, trying to launch attacks against websites hosting stolen Sony movies isn't the best idea.

Major technology companies want to hire hackers to help identify potential software vulnerabilities before products are released - and real cybercriminals are able to exploit any problems. The "bug bounties" program is being embraced by Facebook, Mozilla, Google and other major Silicon Valley companies, providing thousands of dollars to help identify bugs.

"The trajectory we're on now is completely unsustainable," said Vikram Phatek, NSS Labs CEO, when discussing the current cybersecurity landscape. "There will not be a person in the country who will not have a compromised computer if this goes on. We are ripe for having a major catastrophe."

Despite some resistance from companies weary of paying outside sources to identify security flaws, trying to prevent cybersecurity data breaches will remain a major effort. However, compromising widely used software is a lucrative effort for cybercriminals, with more money seemingly available on the black market.

The FBI has tried to crack down on the Anonymous hacker collective, including turning a former high-ranking member into an informant - but the group is still alive and well. Hector Monsegur, operating under the hacker name of "Sabu," admits to a large number of attacks against select targets.

Since being flipped by the FBI, Sabu spent three years communicating with Anonymous and LulzSec members, with the government listening in. His actions reportedly helped prevent more than 300 major cyberattacks against government and NASA PCs and networks.

Sabu says he didn't identify Anonymous members and turn them over to the FBI - and cooperated to help identify attacks, and work to prevent them in the future. "It wasn't a situation where I identified anybody. I didn't point my fingers at nobody. My cooperation entailed logging and providing intelligence. It didn't mean, 'Can you please tell me the identity of one of your mates?'"

Things just don't seem to be getting better for Sony. Hot on the heels of a shocking data theft at Sony Pictures, a new attack occurred today on the PlayStation store. Suspicions are centered around North Korea for the Sony Pictures hack, and the custom malware designed for that hack is now on the loose, threatening the world at large with a devastating over-write malware.

A group called The Lizard Squad is taking responsibility for the latest attack on the PlayStation Store this morning via a Twitter message that simply reads: "PSN Login #offline". This latest attack appears to be a denial-of-service attack, which overruns the website and prevents users from logging in. However, the full scope of the attack is not yet known, and Sony is currently investigating the breadth of the assault. Word on whether there was a data breach associated with the attack will come forward in the next few days. Sony and The Lizard Squad have a contentious history, to say the least. Earlier this year Lizard Squad issued a warning there were explosives on a domestic flight, resulting in its diversion. There just so happened to be a Sony executive on the flight.

Lizard Squad also claimed responsibility for a recent attack on the PlayStation network earlier this year. This attack was another denial-of-service attack that shuttered the large PlayStation network. The PlayStation network has been the constant target of attacks, in 2011 more than 70 million user accounts were compromised, and the associated data was stolen. Sony has since invested an untold amount of money on reducing their vulnerabilities, but from the looks of it that effort isn't going well.