Hacking, Security & Privacy - Page 39

The adoption of virtual currencies, mainly bitcoin, has continued to expand in 2014 - with a growing number of businesses accepting bitcoin payments - but legitimate securities offerings showing greater interest in virtual currencies face cybersecurity problems.

In addition to currency volatility, which has scared some investors away, associated anonymity and growing risk of cyber theft from hackers is increasing.

"We are living in an age where traditional financial and investing relationships are being transformed rapidly and sometimes in confusing fashion by technology and innovation," said Glenn Moyer, Secretary of Banking and Securities. "It is especially important that investors fully understand where they are putting their money, and with whom they are investing it."

Police authorities in Beijing have detained three suspects accused of creating the "WireLurker" malware targeting Apple iOS and OS X computers and mobile devices in China. The Chinese security firm Qihoo 360 Technology provided a tip that led to the arrest of three suspects, Chen, Wang and Li, and all three have been charged with the creation and distribution of WireLurker. It appears WireLurker was created to generate monetary profits for the organizers, which wouldn't be a surprising confirmation that cybercriminals are racking up large amounts of profits from cybercrimes.

Apple moved quickly to block the WireLurker malware from spreading any further, and recommended users only download apps from trusted sources.

It's ironic that China, believed to be one of the largest state sponsors of organized cyberattacks against the Western world, moved so quickly to arrest the creators of WireLurker - the malware victimized Chinese users only, and didn't have a widespread presence outside of the country.

Security threats continue to give IT professionals headaches, but hardware failure, lost data, and other potential problems are often overlooked. Even though almost nine out of 10 IT professionals have lost data, half of respondents don't back up data because they forgot to do it, according to a new survey published by the CloudBerry Lab backup and management solutions company.

Furthermore 88 percent of IT professionals suffered lost data due to hardware failure, data corruption, malware or accidental deletion. In a rather surprising finding, 38 percent have never bothered to test recoverability of backed up data, while 47 percent end up waiting up to one month before backing up data.

Depending on the type of business, IT professionals recommend at least weekly data backups - though some industries should have critical information backed up on a daily basis. CloudBerry Lab found 32 percent of IT professionals understood they weren't protected or were unsure if their backups were secured with encryption, password protection, or some other type of security protocol.

The FBI is aware of state-sponsored cyberattacks, with a large volume of attacks blamed on the Chinese and Russian governments, but finding ways to arrest and prosecute hackers overseas is difficult. Companies are struggling to keep their networks secure, as more employees and customers are at risk of data breaches with these groups evolving into better organized, well-funded cybercriminals.

"Since cybercrime is not found in only one country and is globally dispersed, law enforcement agencies must work together on identifying and arresting the actors perpetrating the crimes," a Special Agent from the FBI recently said during a webinar. "The biggest challenge is when these actors live in countries where the cybercrime laws are not distinct, or in some cases non-existent. There have been cases where these actors have traveled through cooperative regions of the world and arrests have been made."

Realistically, many of the state-sponsored cybercriminals will remain out of the reach of the FBI - and other Western European governments - but China, Russia, and select other countries are the largest perpetrators of attacks.

Apple hasn't heard reports of any users that have been compromised by the "Masque Attack," but cybersecurity experts are still asking Apple engineers to develop new protections to ensure enterprise users are more secure.

"We designed OS X and iOS with built-in security safeguards to help protect customers and warn them before installing potentially malicious software," an Apple spokesman recently said. "We're not aware of any customers that have actually been affected by this attack."

Cybercriminals want to hijack OS X and iOS users - and have largely struggled to find security loopholes - but are increasing their efforts into malware development.

Airplane flights have given the US Department of Justice (DoJ) the perfect opportunity to snoop on American citizens with a custom surveillance program operated by the US Marshals Service. The covert program originally started in 2007 and uses "dirtboxes," portable cell towers, that can secretly collect identity and phone locations on subscribers.

The flights leave from five different airports across the United States, and can snoop on thousands of citizens during any given flight. Specific details regarding the program remain unclear, but the US Marshals conduct these missions "on a regular basis" - and not surprisingly, the DoJ is refusing to comment. The phones are in continuous communication with local cell towers, providing a great opportunity to snoop while being discreet.

Following former NSA contractor Edward Snowden's mass surveillance disclosures, American citizens have become more concerned of government spying.

Cybersecurity experts continue to have concerns over state-sponsored hacking activity, with China and Russia typically blamed for organized cyberattacks. There were a number of significant data breaches throughout 2014, and it would appear many of them were conducted by state-sponsored hacking programs orchestrated by organized, knowledgeable computer specialists.

Following troubling news that Chinese-sponsored hackers breached the National Oceanic and Atmospheric Administration (NOAA), there has been more attention on hackers that are well-paid and well-organized.

"Whether or not China perpetrated this particular hack or not, the fact remains that nation states are sometimes our enemy," said Robert Twitchell, Jr., President and CEO of Dispersive Technologies, in a statement. "Many of them, including China and Russia, will engage in hacking to steal corporate secrets (for economic advantage), military secrets (for national defensive AND offensive purposes), to embarrass the US and show their technical superiority, and to divert our attention from other activities."

Online privacy is something that most Americans believe they have lost control of, as governments and companies collect and use even more personal information, according to a survey from the Pew Research Internet Project.

"It's a bundle of concerns," said Lee Rainie, a Pew researcher involved in the project. "It's party surveillance, it's partly tracking, and this generalized sense that I'm losing control of my identity and my data."

The survey also found that 91 percent of adults "agree" or "strongly agree" that consumers no longer have control over how their personal information is collected and used by companies - and with the government collecting even more data about citizen phone calls and Internet communications, 80 percent of adults "agree" or "strongly agree" that Americans should be concerned about the government monitoring.

The recent report from Palo Alto Networks that disclosed the WireLurker malware targeting Apple iOS and Mac OS X was a sudden wakeup call to users. Even though it was isolated to China, and Apple has blocked the malware, cyberattackers are finding new ways to compromise iPhones and Mac OS systems. The company has done a great job to keep its software ecosystem secure, especially if devices aren't jailbroken, but cybercriminals are becoming more sophisticated in their research strategies.

Here is what Ryan Olson, Palo Alto Networks intelligence director, recently told eWeek: "We will continue to see new malware for both Mac OS X and iOS, and they will incrementally get better and better. I would be most worried about high-value targets," with a focus on government officials and political rivals.

Cyberattacks targeting Google Android and Microsoft Windows will remain more prevalent, but Apple users - many of them used to being relatively secure - could also be caught off guard when major security issues are released in the wild.

Just a couple days after Palo Alto Networks spilled the beans on the WireLurker malware targeting Apple iOS and Mac OS devices, Apple has blocked infected apps so they will be unable to run on devices. The company didn't provide specifics into how the malware is being blocked, but did recommend users run anti-malware security software - and only download apps from the official Apple App Store.

The company confirmed it is "aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching."

WireLurker is the first known malware that spread to a large number of users that didn't jailbreak their devices - and shows cybercriminals are just as anxious to compromise Apple products as Google Android and Microsoft Windows.

Companies operating in the European Union (EU) recently held another round of cyberattack simulations, designed to help test cyberattack response ability. The European Network and Information Security Agency (ENISA) used white hat hackers to mock attack 200 companies located in 25 EU nations for a 24-hour period.

The Cyber Europe 2014 drill focused on financial institutions, security companies, government ministries, energy providers and Internet service providers (ISPs), with distributed denial of service (DDoS) attacks, data exfiltration, and Web defacement attacks.

"The outcome of today's exercise will tell us where we stand and identify the next steps to take in order to keep improving," said Udo Helmbrecht, ENISA executive director.

Pirate Bay co-founder Gottfrid Svartholm Warg was found guilty in the Danish Court of Fredriksberg, after facing charges of hacking and serious vandalism. Warg and a 21-year-old co-defendant broke into servers hosted by CSC in April 2012, and kept control of the mainframes until August. He accessed hundreds of thousands of records of Danish residents, including Social Security numbers, extradition agreements and criminal records, along with additional private data.

Since this is Warg's second high-profile, significant hacking conviction - he was already serving a one-year sentence for hacking a different IT consulting firm - Danish prosecutors hope for a minimum five-year prison sentence.

Luise Høj, Gottfrid's attorney, had this to say before the ruling: "My recommendation has always been that the investigation has focused on finding clues that point to my client, even though the tracks have also pointed in another direction. I have recommended that the court dismiss the case based on the remote access argument. It is clear that my client's computer has been the subject of remote control, and therefore he is not responsible."

The CurrentC mobile payment program, which has been selected by retailers as a viable rival to Apple Pay, confirmed the service has been breached. Best Buy, Rite Aid, CVS, Best Buy, and around 50 retailers back CurrentC under the Merchant Customer Exchange (MCX). Many compromised email addresses were dummy accounts and the CurrentC app wasn't breached, according to an MCX spokeswoman.

"In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties," MCX said in an email to CurrentC testers. "We take the security of your information extremely seriously, apologize for any inconvenience and thank you for your support of CurrentC."

CurrentC could be in more than 110,000 locations across the United States in 2015, and this is a significant setback - traditional point of sale (POS) systems have proven to be susceptible to cyberattacks - and any type of mobile payment system must ensure their systems aren't compromised.

A likely Russian state-sponsored hacker group is being blamed for launching cyberattacks against NATO, Georgia, the Caucasus, Eastern Europe and Western European defense contractors, according to a report from FireEye. The APT28 group launches phishing attacks with links to websites that look like authentic news, with compromised information the type of data the Russian government would be interested in acquiring.

"The Sofacy group is using multiple malware families, including some that are not mentioned in the FireEye paper," said Aleks Gostev, Kaspersky Lab chief security expert of Global Research and Analysis. "They have been very active lately and have registered many domains in order to launch phishing attacks."

The FireEye report also notes APT28 sought "sensitive tactical and strategic intelligence" from governments in the region. Russia has been blamed for a number of coordinated cyberattacks against targets across Europe and in the United States, including a recent attack on the White House - and breaching point of sale (POS) machines of Home Depot.

The White House, also known as the Executive Office of the President (EOP), is familiar with enduring cyberattacks on a frequent basis. However, a recent attack was found to be organized and significantly powerful, with the White House's networks enduring a few days of consistent downtime.

"In the course of assessing recent threats we identified activity of concern on the unclassified EOP network," an anonymous source recently told the media. "Any such activity is something that we take very seriously. In this case we took immediate measures to evaluate and mitigate the activity."

In addition to state-sponsored hacker groups in China and Russia, other nations have shown interest in advanced cyber espionage tactics. The computers and systems were not damaged, but suffered extended downtime that has been largely resolved by federal cybersecurity experts, according to reports.

Americans are "occasionally" or "frequently" worried about having their credit card data stolen by hackers and having their PC or smartphone hacked more than any other crimes, according to a recent Gallup poll. A whopping 69 percent of poll respondents are worried about store data breaches leading to personal information being stolen, while 62 percent are worried about PC or smartphone security - significantly ahead of the 45 percent of people worried about their home being burglarized while away.

Consumers with salaries $75,000 or above are most concerned about potential debit and credit theft, as they spend more and are more likely to have multiple credit cards.

The high-profile data breaches of Target, Home Depot, and other major retailers helped finally wake up more Americans about the potential of data breaches. However, consumers and business users are still vulnerable to phishing and malware attacks, which haven't received the same amount of media attention.

Robert Dubuc was sentenced to 21 months in prison after pleading guilty for breaking into banks and government agencies while trying to steal $15 million. He pleaded guilty to wire fraud conspiracy, identity theft and conspiracy to commit access device fraud earlier in the year, as one of his co-defendants, Oleg Pidtergerya, will be sentenced later this year.

The ringleaders of the cybercriminal group have been indicted but haven't been arrested, likely in the Ukraine or elsewhere in Eastern Europe. They targeted the US Department of Defense, PayPal, JPMorgan Chase and Citigroup, among other companies - with stolen money transferred to their bank accounts.

The US federal government wants to take a more proactive approach against cybercrime - as the attacks continue to amount - but actually locking up prolific hackers remains extremely difficult.

Consumers are going to take to the Internet and retail stores in a big way this holiday shopping season, but with numerous significant data breaches, there is concern over shopper security. For shoppers preparing to head out and visit local retailers, if you're not paying cash, then the next best thing is using a credit card if worried about security. "You're just better off by and large paying with a credit card because you have more rights and you're not out the money," said Susan Grant, Consumer Federation of America Director of Consumer Protection.

Credit card companies can cancel charges - with very little impact to consumers - while compromised debit card information often leads to major headaches. Beyond having data stolen, criminals are able to drain accounts, while also cloning the card and making ATM withdrawals. It's not uncommon for bank customers to have a hold placed on their account while an investigation is conducted, and shoppers are out their own money.

Financial intuitions are given up to 10 days before they need to refund fraud related to debit cards, and that sometimes leads to missed rent, utility bills, and other significant headaches. Retailers are under siege, and it seems cybercriminals are preparing to launch additional point of sale (POS) malware attacks, cybersecurity experts warn.

Estonian hacker Sergei Nicolaevich Tsurikov was sentenced to 11 years in prison, for his role in a cyberattack that stole $9.4 million in 2008. Tsurikov previously pleaded guilty to his role in hacking the Royal Bank of Scotland Group, creating fake payroll debit cards, and withdrawing funds from more than 2,100 ATMs in more than 280 cities.

Tsurikov and his team were described as "one of the most sophisticated cybercrime rings in the world," according to Sally Quillian Yates, Northern District of Georgia attorney. He will also have to pay $8.4 million in restitution.

Handing down actual prison sentences against cybercriminals has been difficult, but the US federal government wants to track down - and prosecute - as many of them as they can.

Office retailer Staples was the latest high-profile company hit by a data breach, with customers in the Northeastern United States affected. The US Secret Service is now investigating the incident, which involved debit and credit card data of an unknown number of customers. It appears retail locations in Pennsylvania, New Jersey and New York were hit, but it's possible stores in other states were also targeted.

"We take the protection of customers information very seriously, and are working to resolve the situation," Staples said in a statement. "If Staples discovers an issue, it is important to note that customers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis."

Retailers are struggling to keep data secure, as similar attacks have victimized Target, Home Depot, Kmart, Sears, with millions of customers across the country affected by these breaches.