Hacking, Security & Privacy - Page 37

The hack against Sony has been all over the news for a couple of weeks now, but it has reportedly all been tracked back to a single, posh hotel in Bangkok. North Korea has stepped up saying that it was not responsible for the hack, which had people thinking the country had attacked Sony over its movie "The Interview" with Seth Rogen and James Franco.

The hackers were traced back to St. Regis Bangkok, which is a 4.5-star resort where even the most basic rooms cost over $400 per night. We don't know if the hack was done from inside of one of these hotels, or outside in a public area of the hotel, but we do know they came from the St. Regis Bangkok. The investigations into the breach of Sony Pictures Entertainment servers took place on December 2, at 12:25AM local time.

Pro-North Korean hackers could be responsible for a cyberattack that crippled Sony Pictures, according to a statement broadcasted on a state-run television channel. The successful breach will likely cost SPE millions from interrupted business operations, data theft, and screener versions of the movie that have leaked online.

The KCNA news agency said that the "hacking into Sony Pictures Entertainment might be a righteous deed of the supporters and sympathizers with the DPRK in response to its appeal."

There are digital fingerprints that point towards North Korea, and cybersecurity experts and the FBI are helping SPE investigate the incident. Despite extreme poverty that most of the country's citizens endure, the controlling government has reportedly invested a great deal into developing hackers with developed cyberattack capabilities.

Several high-profile cyberattacks launched against Apple have revealed OS X and iOS aren't as secure anymore, with criminals trying to compromise both operating systems. Enterprise workers are at risk because of Apple taking a "whack-a-mole" approach to security, which is a major threat with sophisticated spear-phishing attacks.

"Apple's responses to the WireLurker and Masque Attack operations illustrate that iOS is entering the 'whack-a-mole' era of malware defense, similar to that experienced during the last decade with PCs," said Dave Jevans, Marble Security founder and CTO. "Being proactive rather than reactive is essential in preventing these ioS vulnerabilities and exploits from affecting enterprise networks, and implementing mobile device security solutions is a huge step in achieving this."

Sophisticated cyberattacks target most major technology companies, but Apple previously was left relatively unscathed from most malicious code. However, cybercriminals want to find strategies to steal information and conduct data breaches, with a specific focus on compromising iPhones and iPads in the workplace.

Remember the Sony Pictures hack that saw employee's computers compromised and in-cinemas movies be released to the public? Well, according to recent news - this hack is even more in depth that originally thought.

Thanks to Gizmodo we were able to learn some more information regarding the whole ordeal, including various issues that Sony may face in the near future. As according to BuzzFeed, the 40 gigabytes of data released by these hackers contained everything from medical records to unreleased movie scripts - being claimed as one of the worst corporate hacks in history.

Members of the public have been questioning Sony's security and precautions surrounding this event taking place, some asking why Sony would have this information stored on an open network if it is so sensitive. Continuing with the bad news, BuzzFeed confirmed that the Sony leak included "employee criminal background checks, salary negotiations, and doctors' letters explaining the medical rationale for leaves of absence." This came alongside the release of a "script for an unreleased pilot written by Breaking Bad creator Vince Gilligan to the results of sales meetings with local TV executives."

Data breaches have become an unfortunate reality for US consumers, and the problem seems likely to accelerate in 2015 while cybercriminals perfect their craft. Cybercriminals are aware banks are increasingly issuing chip-and-PIN credit cards - as retailers also switch to support the more secure cards - and will try to compromise companies as fast as they can in early 2015.

"There will absolutely be more breaches in 2015 - possibly even more than we saw in 2014 due to the booming underground market for hackers and cybercriminals around both credit card data and identity theft," said Kevin Routhier, Coretelligent founder and CEO. "This growing market, coupled with readily available and productized rootkits, malware and other tools will continue to drive more data breaches in the coming years as this is a lucrative practice for enterprising criminals."

In addition to consumer payment data, medical records will continue to prove lucrative to cybercriminals. Healthcare providers and companies hosting confidential payment information will have to prepare for an increase in attacks designed to steal this data.

The Target breach was a nasty wakeup call for retailers, cybersecurity experts and consumers, as criminals were able to compromise millions of American shoppers. Since the incident, there has been a reported eight percent increase in IT security spending, but that still hasn't been able to slow down a tidal wave of follow up breaches.

"The reality is that companies that have taken these steps are treating the symptoms but not the underlying problems," said Dr. Barbara Rembiesa, CEO of the International Association of Information Technology Asset Managers (IAITAM). "By focusing only on narrowly focused and superficial IT security 'solutions,' companies are putting the cart before the horse and they're going nowhere."

In fact, security issues will continue to plague retailers in 2015, with companies too focused on trying to fix IT security gaps while not looking at the big picture. Dr. Rembiesa recommends companies to be fully aware of their PC systems and networks, as they cannot defend against a breach if they didn't know which systems are working on their networks.

The Sony Pictures hack has had an immediate impact in the form of several soon-to-be-released movies popping up on torrents, and Sony's employee personal records and passwords have also been leaked. Sony has been placed into a lockdown of sorts, and employees are not being allowed to login to their computers. The long-term effects may be even more devastating, as the FBI is warning that the malware used to execute the Sony attack is on the loose. The FBI's five-page flash warning was issued to major US corporations on Monday. The malware was specifically created to attack Sony, but other hackers often modify existing malware for their own purposes. There is an increasing threat of hackers creating a large number of mutations now that the exceptionally virulent bug is on the loose.

The nefarious bug not only steals data, but it also eventually overwrites all information on the storage device. This is particularly devastating. Once overwritten, the data is almost surely unrecoverable. The malware even overwrites the Windows master boot record (MBR), which makes any hope of salvaging data even harder. The warning from the FBI is targeted at businesses, but as with any malware, it will soon trickle out to the wider world at large. Nation-state developed malware is on the rise as shadowy global cyber-warfare campaigns continue unabated. Nations have many more resources at their disposal to create these electronic arms of mass destruction, but completely ignore the fact that these sophisticated hacks eventually spread to the public.

Components of the insidious malware have been tracked back to North Korea, which was very upset over a pending Sony movie that outlines an assassination attempt of the oft-ridiculed Kim Jong-un. Surprisingly, North Korea has a sophisticated cyber-warfare unit that has been linked to other large scale attacks in the past. A North Korean spokesperson offered a weak denial in the attack, but added in the comment that "I kindly advise you to just wait and see" if they were behind the attack.

Iranian hackers continue to develop their cyberattack capabilities, and have breached some of the leading energy infrastructure and transport companies, potentially leading to physical damage, the Cylance cybersecurity firm warned.

As part of the widespread campaign, companies in the United States, China, Israel, Germany, France, India and Saudi Arabia have been hit - with industries ranging from aerospace research companies, universities, energy firms, telecommunications operators and hospitals being compromised.

"We believe that if the operation is left to continue unabated, it is only a matter of time before the team impacts the world's physical safety," the Cylance report claimed.

North Korea is not surprisingly denying its involvement in the Sony Pictures Entertainment cyberattack last week that brought the company to a grinding halt. The country previously showed displeasure at SPE's movie The Interview, which will be released later this month, featuring a plot by two Americans to assassinate North Korean leader Kim Jong-Un.

"The hostile forces are relating everything to the DPRK. I kindly advise you to just wait and see," a North Korean spokesperson recently said. I do not know anything about this."

Some cybersecurity experts don't believe North Korea has significant infrastructure to launch cyberattacks - but could have called upon China or Russia - to launch the attack on its behalf. Some organized cybercriminal groups are willing to offer their services to the highest bidder, especially if it involves targeting high-profile attacks targeting companies in the United States.

Four different movies from Sony Pictures Entertainment, including Annie, Fury, Mr. Turner and Still Alice, have leaked online via peer-to-peer file sharing networks. The company suffered a major cyberattack last week, which is now being investigated by law enforcement, Sony confirmed. The digital copies are watermarked and were likely caused by the SPE network intrusion, sources have confirmed.

"The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it," a Sony spokeswoman recently said.

Fury made its appearance on file sharing networks on Nov. 27, and has been downloaded at least 888,000 times. This is the largest leak since July, after the Expendables 3 movie was released online almost one month before release in theaters.

Sony Pictures Entertainment has tasked cybersecurity firm Mandiant with helping it clean up after a vicious cyberattack that knocked its computer networks offline last week. The "Guardians of Peace" claimed responsibility for the attack, saying they stole terabytes of data from SPE, with SPE's IT team unable to defend against the attack.

The SPE email system is expected to be restored by end of business tomorrow, while Sony executives remain relatively quiet about the incident.

It is a lucrative time to be in cybersecurity, as companies are turning to private sector companies for additional consultations - as cyberattacks are on the rise, with criminals able to steal internal data, disrupt daily work activities, and compromise customers.

Forget China and Russia - Sony Pictures Entertainment is investigating a major cyberattack that could have originated from North Korea. The attack crippled SPE's email and computer systems since Monday, interrupting employee operations throughout the short holiday week. Several movies being promoted by SPE were also impacted, as Twitter feeds were disrupted by the cyberattack.

The "Guardians of Peace" group claimed responsibility for the attack, and said it has a large amount of internal Sony data that it has taken. GOP is reportedly preparing a "volume of the data" to the Internet in the immediate future.

SPE is the studio behind "The Interview," a geopolitical satire that features James Franco and Seth Rogen as a talk show host and producer turned American operatives tasked with killing Kim Jong Un.

Panda Security collected 20 million new malware samples created worldwide, with an average of 227,747 new samples per day during Q3. The global infection rate increased from 36.87 percent up to 37.93 percent year-over-year, and Trojans are the most common type of malware. Trojans accounted for 78.08 percent of malware types, with viruses (8.89 percent) and worms (3.92 percent) also making an appearance.

Internet users face a cybersecurity threat from hackers, state-sponsored cybercriminals, and national government spy agencies - and trying to stay secure is rather difficult. China (49.83 percent), Peru (42.38 percent) and Bolivia (42.12 percent) are the three countries most targeted by cyberattacks, with nine European countries in the top ten most secure nations: Norway (23.07 percent), Sweden (23.44 percent), and Japan (24.02 percent) are the top three most secure.

"Over recent months cybercrime has continued growing," said Luis Corrons, PandaLabs Technical Director at Panda Security. "Cyber-crooks are still creating malware in order to infect as many computers as possible and access confidential data - but corporate environments have also come under attack. For example, over the last three months large companies have been the subjects of some scandals, such as the infamous 'Celebgate,' in which photos of actresses and models hosted on Apple's iCloud service were leaked, or the theft of Gmail and Dropbox passwords."

Following a massive data breach that left 56 million debit and credit card details stolen, along with 53 million email addresses, the company spent $43 million during Q3 to deal with the aftermath. The company expects to receive $15 million reimbursement as part of a $100 million network liability insurance policy - and must now work to ensure the problem doesn't occur again.

Meanwhile, the company faces multiple lawsuits and will "incur significant legal and other professional services expenses" due to the incident. The company's payment card data network was complaint in fall 2013, and was undergoing 2014 certification when the breach occurred, according to an independent auditor.

"The forensic investigator working on behalf of the payment card networks may claim the company was not in compliance with those standards at the time of the data breach," Home Depot noted.

Former GCHQ boss Sir John Adye believes current generation biometrics need more control, as he has concerns related to fingerprint scanners used by the Apple iPhone 6 and other devices. Despite believing the use of biometrics is a positive step toward device security, Sir John also is concerned about what happens to people's data when using these devices.

Sir John called out Apple specifically, with Apple Pay now allowing users to make payments simply with their fingerprint.

"I think Apple has done some good things. They appear to have a good system at the moment for protecting their operating system so it's difficult for anyone outside to penetrate it and retrieve data from it. But how long will that last, because the criminals... are very inventive at finding ways in, and although you can protect it in that way on the device itself, what happens if the device is lost or stolen?"

The FBI stepped over its boundaries with this particular case, where the US agency wanted to gain entry into a particular hotel guest's room, all without a warrant. When they couldn't secure one, they did the next best thing: posed as Internet technicians, gaining access to the hotel room, all without a warrant.

From the motion to suppress, we find out: "The next time you call for assistance because the internet service in your home is not working, the "technician" who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and -- when he shows up at your door, impersonating a technician -- let him in. He will walk through each room of your house, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have "consented" to an intrusive search of your home".

The FBI agents secured evidence from the hotel room, and submitted it to a magistrate to get a warrant. Kind of the reverse of what should happen, but they obviously wouldn't have told the judge that they posed as the Internet technicians in order to get into the room to secure the evidence they required to obtain the warrant in the first place.

The Southern District of Texas offered a misdemeanor plea deal to hacker Fidel Salinas, 28, just a few months after the hacker was charged with 44 felony counts of computer fraud and cyberstalking. Each count had a maximum 10-year prison sentence, totaling a potential 440 years in prison.

Instead, the suspected Anonymous-linked hacker plead guilty to one misdemeanor count of computer fraud and abuse - and must also pay $10,000. He faces up to one year in prison when sentenced on February 2, 2015, and his attorney will argue the monetary restitution is enough.

Salinas reportedly tried to access the Hidalgo County administrative website, using a script that racked up more than 14,000 access attempts. The brute force attack led county IT administrators to be locked out of the system themselves.

Anonymous has continued its #OPKKK campaign against members of the Ku Klux Klan in Missouri, after the group brazenly challenged the hacker collective online. The @KuKluxKlanUSA Twitter account was compromised last week, and the hacking fun was only beginning for Anonymous.

I won't link directly to the dox page, but it doesn't take much imagination into how one would easily find the information posted online, courtesy of Anonymous. Frank Ancona, the "KKK Imperial Wizard," had his address, phone number, Social Security number, credit card information, and other personal information - with the dox also targeting his wife - posted online.

Anonymous also might target government websites and infrastructure in Missouri to respond for the Grand Jury failing to indict Officer Darren Wilson: "We find it disturbing that you, the grand jury, have chosen this patch as everyone will not choose to stand calm and let you choose to let him walk free. As you've seen all the riots and businesses, police cars, etc., being burned down while Anonymous shall target any Missouri government or bank sites now, so you better increase your security because we're here and we're not going to stand by and watch you let this man walk free."

Former NSA contractor Edward Snowden was disgusted by NSA and GCHQ mass surveillance activities, and disclosed the questionable actions of both agencies. However, multiple lawmakers and politicians have spoken out against his actions, saying he has put military personnel and intelligence agents at risk.

British lawmakers hope to push the Communications Data Bill, which would force ISPs and mobile service carriers to keep Internet browsing activity, social media, email correspondence, voice calls, Internet gaming activity, texting, and other records on file for a minimum of 12 months. Phone and email contact data is already retained due to the Data Retention Regulations 2014 bill.

"Consequently there are people dying who actually would now be alive," said Lord West, a former UK security minister and Navy admiral. "It is now critical that we move forward the Communications Data Bill that was paused so unreasonably because there is a very real danger that unless we do this, I think it is not exaggerating to say that people will die in this country who would have been safe if that had been in place."

The British government requested data on one journalist as part of Operation Elveden, focused on alleged bribes made to public officials for information, and "accidentally" received data on 1,000 News UK staff. Vodafone said there was some type of human error that led to the extra data being supplied, while police officials said they returned the information.

Police wanted information focused on one journalists that worked for News UK from 2005 to 2007, and used the Regulation of Investigatory Powers Act (RIPA) to receive the data - and the information was returned back to Vodafone after about four months.

"Unfortunately, there was a human error during the processing of this information - which was drawn manually from a legacy system - as a consequence of which the Met Police were supplied with a corrupted dataset containing a significantly higher volume of metadata than had been the focus of the warrant received by Vodafone. The metadata in question relates to call logs and other information, such as pricing data, not the content or location of any communications."