now browsing by tag


The most #notorious #hacks in #history, and what they mean for the #future of #cybersecurity

Source: National Cyber Security News

Where has the time gone? February is almost over, and already we’ve seen several major vulnerabilities and hacks this year! As we head further into what’s sure to be another busy year for cybersecurity, it’s important to take a step back and examine how we got here.

For nearly four decades, cyber criminals have been exploiting the latest and greatest technology for fun, profit and power. In that time, the word “hacker” has taken on many meanings. At first, it referred to mischievous young techies looking to build a reputation on the internet, but it has since become a worldwide title for data thieves, malicious online “entrepreneurs” and geopolitical operatives. The threats and tactics that hackers use have evolved, too – from small-time scams to dangerous worms and earth-shaking breaches.

As a result, the security industry has been in game of “cyber cat and mouse” for the better part of a half-century, looking to evolve security technology to thwart the constant evolution in malware and techniques used by sophisticated threat actors.

Let’s take a look back at the past four decades to assess the most notorious hacks in each era, why they mattered, and how the security industry responded.

Read More….


View full post on National Cyber Security Ventures

PayThink #Users are #compromising #most #security #tech

Source: National Cyber Security – Produced By Gregory Evans

It took Bonnie and Clyde three years to rob about a dozen banks, but the scourge of bankers today is a quiet Russian hacking group called, appropriately enough, MoneyTaker, and they don’t need nearly as much drama to abscond with cash.

Using often tailor-made hack attacks that regularly rely on near-undetectable fileless malware, the MoneyTaker gang has, in barely a year and a half, robbed millions from 20 banks so far and counting. What’s worse is that the gang has stolen data that could let it hijack Swift transactions, leading Swift for the first time to issue a report on cyber-vulnerabilities with the banks it works with.

While hackers usually don’t discriminate, they’ve got no problem attacking servers at hospitals, schools and corporations with trade secrets and valuable intellectual property, banks hold a special place in their heart as that is where the money is, as yet another famous Depression-era bank robber once said.

Once a bank’s security is compromised, hackers can pay themselves from the funds on hand, transferring sums large and small to their accounts. However, with information about the global payment systems like Swift that’s also available only at the bank, hackers can do a lot more damage.

Hackers are getting better at “data mining” all the time. According to Kaspersky, Russian hackers operating just a couple of Darknet marketplaces in 2017 were offering this year an astounding 85,000 servers for sale (meaning, the authentication information that will let a hacker take control of the server), some for as little as $6! In 2016 there were “only” 70,000 such servers for sale, meaning that whatever we are doing to keep hackers at bay, it isn’t enough.

Included in those compromised servers are apparently some containing key Swift information, and it’s just a matter of time before the MoneyTaker gang will also use that information for fun and profit.

How are gangs like MoneyTaker getting away with this, especially with servers belonging to banks which are presumably protected by the latest cybersecurity systems? According to a study by the SANS Institute, it’s the “human factor” that is at work: As many as 95% of all attacks on enterprise networks begin with a spear phishing attack in which hackers dispatch their malware hidden inside email attachments. That attack could consist of trojans that pave the way for malware that allows hackers to take over servers, or the newer fileless malware attacks (where an agent installs itself in memory, hijacking servers for the use of hackers).

Cybersecurity systems, as sophisticated as they are, are clearly not doing the job — and maybe they never will, given that in the end the effectiveness of those systems can be overridden by workers inside the organization. The best systems then are the ones that take away from users and employees any opportunity to override security by responding to the phishing messages that get them, and their organizations, into trouble.

Systems like that need to be able to analyze messages and incoming files for malware or threats, and remove them before passing the file or message on to workers.

In addition, the system has to be robust and innovative enough to arrest malware that is passed on in innovative ways with traditional cybersecurity systems, like sandboxes that are perhaps not up to date on phenomena like fileless malware. With thousands of security systems out there, organizations are understandably confused about what systems are the most effective. But in our opinion, the systems that will perform best are the ones that limit opportunities for spearphishers to have their way with employees.

The post PayThink #Users are #compromising #most #security #tech appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cisco: Most #IoT projects are #failing due to lack of #experience and #security

Source: National Cyber Security – Produced By Gregory Evans

Three quarters of all Internet of Things (IoT) projects are “failing”, according to Cisco’s Australian CTO Kevin Bloch, primarily because they have been designed to solve individual problems, and have become siloed and unsupported as a result.

“The inaugural phase of IoT is characterised by numerous point solutions from a multitude of new — often startup — vendors. Typically, these solutions have been designed to solve a particular societal problem such as lighting or parking. In each case, a complete IT stack needs to be built in support of the solution,” Bloch explained.

“Eventually, customers find themselves with multiple siloes from multiple vendors that don’t interoperate, are not cybersecure, use different protocols, and generate more complexity at greater cost.”

According to Bloch, this is why Cisco is constructing an “IoT Phase 2” foundation, which consists of a platform that is able to cope with multiple different sensors, vendors, applications, and data interchanges.

The CTO added that IoT projects are also failing due to a lack of cybersecurity, qualified skills by those running them, project definition, governance, and support.

Released alongside nine other axioms on the IoT landscape, Bloch said Cisco hopes to aid other companies in launching successful connected solutions by discussing both pitfalls and successes.

The lack of cybersecurity made up a second of his axioms, with Bloch saying that if something is not secured, it should not be connected.

“Cybersecurity crime is already at an all-time high and negatively impacting global economies by upwards of 1 percent of GDP,” he said.

“We are becoming more mobile, we are using more cloud services, and we are expanding IoT deployment to tens of billions of connected things, thereby expanding exploitation and attack opportunities. Our situation will inevitably get worse if we don’t take the right precautions.

“If you don’t secure it, don’t connect it.”

Again, Bloch said that most of the new IoT solutions being brought to market are being developed by companies or startups without any experience — including experience in security.

As a result, he said Cisco is continuing to invest billions of dollars into cybersecurity solutions for IoT, mobility, and cloud. One such product was Cisco’s IoT Threat Defense solutionlaunched in June in an effort to mitigate and solve common security issues threatening the deployment and operation of connected devices, with the networking giant at the time saying many vendors and companies strip security mechanisms out of devices in order to keep them at low cost.

Cisco IoT CTO Shaun Cooley in June explained that as many devices also don’t have the power to protect themselves, network-side security must be emphasised, along with improving processors, enforcing the better labelling of devices, and requiring a notification and approval process prior to allowing connectivity.

The IoT Threat Defense suite is also enabled by Cisco’s network intuitive, which combines the technologies Cisco has been working towards for the past few years: Software-defined networking, software-defined access, network function virtualisation, APIs, and intelligent WAN capabilities.

A third axiom saw Bloch argue that IoT is about collecting data and about the data itself — not about connecting things, with Cisco predicting that connections will cost nothing within a decade.

Under this axiom, Bloch said there are two main components needed to be able to “measure” the physical world and enable automation: Sensing via a camera, sensor, or processor; and connectivity, or the transferring of data measurements to a computer.

“Sensing and connectivity provide data that enable a product to externalise its capabilities and provide a range of new opportunities and services,” he explained.

Another of Bloch’s IoT axioms argued that the key is having the right data, knowing what to ask of the data, and knowing how to find the answers — with the CTO correlating this to another assumption: That by 2025, 40 percent of all data will never make it to the cloud.

“While amassing data may seem important, the critical question to ask is ‘what do you need the data for?’” he said.

“Most organisations already have more data than they can manage, yet most often don’t have the right data. If they did, would they know what to ask of the data? If they are able to formulate the problem, how would they go about finding the answers needed within the data?”

The key for organisations is finding the answers to those three questions by utilising a combination of compute, artificial intelligence, and machine learning, he argued.

Cisco has been focused on providing IoT solutions globally, in June announcing its Kinetic IoT operations platform with a focus on managing connections, “fog” computing, and the delivery of data, which “streamlines the capability of companies bringing their IoT initiatives to market”.

“It’s really a platform for getting data off of your devices,” Cisco SVP and GM of IoT and Applications Rowan Trollope said at the time, adding that it will complement Cisco’s Jasper IoT platform.

“We’re extending from the edge all the way onto the device to provide an amazing platform to get way more data.”

According to Trollope, trillions of terabytes of data is “locked up” on unconnected devices across the world, which Cisco Kinetic could help extract. It will also speed up the time between proof of concept and implementation for customers.

The post Cisco: Most #IoT projects are #failing due to lack of #experience and #security appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Third-party #cyber security failures cost #businesses the #most

Source: National Cyber Security – Produced By Gregory Evans

Third-party #cyber security failures cost #businesses the #most

Third-party cyber security failures are costing businesses the most – up to £1.5m – as security budgets shrink, a study by Kaspersky Lab and B2B International reveals

Companies suffer the greatest damage as a result of cyber security incidents relating to their partners, according to research.

This is the finding of a study examining whether cyber security is a cost centre or a strategic investment by Kaspersky Lab and B2B International.

Incidents affecting infrastructure hosted by a third party cost small businesses £106,000 on average, while large enterprises lost nearly £1.5m as a result of breaches affecting suppliers they share data with, and £1.2m because of insufficient levels of protection at providers of infrastructure as a service (IaaS).

These findings indicate that companies should not only invest in their own protection, but also pay attention to that of their business partners.

As soon as a business gives another organisation access to its data or infrastructure, the report said weaknesses in one may affect them both.

There is a growing list of examples of data breaches that can be traced to third-party suppliers, from the Target breach in 2013, to more recent cases such as insider trading by hacking newswire services and fraudulent tax claims by compromising a feature on the US Internal Revenue Service website that was hosted by a third party.

This issue is becoming increasingly important as governments worldwide introduce legislation requiring organisations to provide information about how they share and protect personal data.

“While cyber security incidents involving third parties prove to be harmful to businesses of all sizes, their financial impact on a company has the potential to result in twice as much damage,” said Alessio Aceti, head of the enterprise business division at Kaspersky Lab.

“This is because of a wider global challenge – with threats moving fast, but businesses and legislation changing slowly. When regulations like GDPR [General Data Protection Regulation] become enforceable and catch up with businesses before they manage to update their policies, the fines for non-compliance will further add to the bill,” he said.

According to the study, 63% of companies are investing in cyber security regardless of return on investment (ROI).

However, the study also shows that businesses around the world are starting to view cyber security as a strategic investment, and the share of IT budgets that is being spent on IT security is growing, reaching almost a quarter (23%) of IT budgets in large corporations.

This pattern is consistent across businesses of all sizes, including very small businesses where resources are usually in short supply. However, while security appears to be receiving a larger proportion of the IT budget, the overall budget is getting smaller. For example, the average IT security budget for enterprises in absolute terms dropped from £19.2m in 2016 to £10.3m in 2017.

As security budgets shrink, the cost of security breaches is going up. In 2017, small to medium-sized enterprises (SMEs) are paying an average of £66,800 per security incident, compared with £65,900 in 2016, while enterprises are facing costs of £756,000 in 2017, up from £655,000 in 2016.

To help businesses with their IT security strategies, based on the industry threat landscape and specific recommendations, Kaspersky Lab has introduced an IT Security Calculator.

The tool is aimed at providing a guide to the cost of IT security based on the average budgets being spent, security measures, the major threat vectors, money losses and tips on how to avoid a compromise.


The post Third-party #cyber security failures cost #businesses the #most appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Michigan among #states most #vulnerable to #identity theft, fraud

Source: National Cyber Security – Produced By Gregory Evans

Michigan among #states most #vulnerable to #identity theft, fraud

Michigan ranks among the worst states for identity theft and fraud, a new analysis by a personal finance website shows.

The report by WalletHub put Michigan at No. 6, behind California, Rhode Island, Washington D.C., Florida and Georgia, and just ahead of Nevada, Texas, New York and Connecticut.

The Michigan attorney general’s office, which is charged with protecting consumers, suggested that identity theft and fraud is likely not as bad in the state as the report suggests.

“It could be underreported in other states,” Andrea Bitely, a spokeswoman for the attorney general’s office, said, challenging the report’s results. “The more people in a state, the more likely you are to be up at the top.”

“But,” she added, “the attorney general is not taking this lightly.”

October has been designated National Cyber Security Awareness Month by the U.S. Department of Homeland Security.

WalletHub, which is based in Washington D.C., compared all 50 states and the nation’s capital this week using a data that looked at identity theft, fraud and public policy aimed at keeping personal information out of the hands of thieves.

While Michigan ranked No. 6 overall, it was No. 8 specifically for identity theft, No. 12 for fraud, and No. 10 for public policy.

Michigan was No. 2 for the most identity theft complaints per capita, behind Washington D.C., and ahead of Florida, and No. 4 for the most fraud complaints per capita, behind, Washington D.C., Florida, and Georgia and ahead of Texas.

“Equifax has proven that absolutely no one is immune to cybercrime,” the report said. “In September 2017, the credit bureau announced that it had fallen victim to one of the biggest data breaches in recent history.”

Moreover, the WalletHub report said: “Even credit bureaus, government agencies, and financial institutions — the organizations consumers trust and expect to treat their confidential information with utmost care and security — cannot take enough precautions to prevent such attacks.”

Earlier this month, Equifax announced that 2.5 million more consumers were impacted by the breach than originally thought, bringing the total number of Michiganders with potentially compromised information to 4.6 million.

To raise awareness of identity theft, the state attorney general’s office is holding two free seminars:

  • From 12:05 to 12:50 p.m. Friday at 525 West Ottawa Street, Lansing, in the G. Mennen Williams Auditorium.
  • From 12:05 to 12:50 p.m. Wednesday at 3068 West Grand Blvd., Detroit, in Room L150.

Still, the WalletHub report warned:

“While the federal government and various businesses in recent years have taken more aggressive measures to build up our defenses, criminal strategies continue to evolve and grow in sophistication, keeping consumers vulnerable to identity theft and fraud.”

The post Michigan among #states most #vulnerable to #identity theft, fraud appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Toshiba #Hacking Drama #Enlivens Tech’s Most #Boring Sector

Source: National Cyber Security – Produced By Gregory Evans

Toshiba #Hacking Drama #Enlivens Tech’s Most #Boring Sector

One of the technology industry’s most humdrum sectors found itself some drama in the past few weeks amid a cyber attack and lost production.

NAND flash is important stuff — your holiday snaps and favorite apps depend on it. But amid the rush to sharper displays and high-resolution cameras, few stop to think about the chips inside the iPhone that store all that important (and useless) data.

These are the chips that attracted a bevy of international suitors to the door of Toshiba Corp. earlier this year. Western Digital Corp. and Apple Inc. rely on them, and Bain Capital Private Equity and Foxconn Technology Group wanted more control over them. Bain, teaming up with Apple, won the $18 billion battle for Toshiba’s chip business.

Then came the alleged hack attacks. Digitimes, a Taipei-based tech news site, reported Monday that ransomware forced Toshiba to halt production for a few weeks, cutting output by 100,000 wafers. That’s a big number, equal to around 20 percent of Toshiba’s monthly capacity, according to researcher TrendForce Corp.

In an email reply to Gadfly, Toshiba denied that it suspended production at Yokkaichi,  the site of its NAND factory, and said it wasn’t approached by Digitimes for comment.

Still, a person familiar with the matter told Gadfly that the company was struck by a virus — not ransomware —  in early September that affected some production facilities and prompted Toshiba to advise clients of minor delays in delivery. Since the virus remained within the company, it decided not to disclose which facilities were affected or the exact scale.

Even before the Digitimes report, TrendForce senior research manager Alan Chen had heard the rumors and jumped on the phone to check with his sources: yes, there was some incident at Toshiba; yes, production was affected; no, the scale wasn’t as vast as 100,000 wafers. It was less than half of that, he told Gadfly.

Such a blip highlights the importance of the sector and its lack of transparency. Toshiba is the second-largest supplier of NAND flash with a 17.5 percent share, behind Samsung Electronics Co. on 35.6 percent, TrendForce estimates. What’s more, supply this year is already forecast to fall 2.9 percent short of demand as growth outstrips capacity expansion. Heavy new investment, including 330 billion yen ($2.9 billion) from Toshiba, is expected to bring the industry back into balance next year.

That makes any potential supply constraint a big deal, especially amid concern that the iPhone X is facing production shortages and with numerous other smartphones being introduced from brands including Huawei, Google, Xiaomi and Samsung.
The drama also adds to the opacity of the flash market. Manufacturers have been shutting or slowing lines in order to convert their facilities to better equipment, while some are adding entirely new factories. This process crimps output in the short term, but once the upgrades are complete their capacity jumps, and it’s the scale and timing of these changes that’s made the global supply-demand picture unclear.

As industry stakeholders — including investors and global electronics brands — try to keep tabs, there’s every chance that more rumors and incidents will make the dullest of tech sectors just that little bit more interesting.

This column does not necessarily reflect the opinion of Bloomberg LP and its owners.
Tim Culpan is a technology columnist for Bloomberg Gadfly. He previously covered technology for Bloomberg News.


The post Toshiba #Hacking Drama #Enlivens Tech’s Most #Boring Sector appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Third party Cybersecurity Failures Cost Businesses the Most

Source: National Cyber Security – Produced By Gregory Evans

While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of a cybersecurity incident is growing. According to the report ‘IT Security: cost-center or strategic investment?’, the…

The post Third party Cybersecurity Failures Cost Businesses the Most appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The 3 Most Common Misconceptions About Cyber Defense — ‘Culture, Complexity, Commitment’

Source: National Cyber Security – Produced By Gregory Evans

Traditionally, tacticians in war have said, “The best defense is a good offense.” However, that statement couldn’t be farther from the truth when it comes to creating a cyberwar defense strategy. We spoke with Joshua Douglas, Chief Strategy Officer of Cyber Services at Raytheon, to uncover other misconceptions about best…

The post The 3 Most Common Misconceptions About Cyber Defense — ‘Culture, Complexity, Commitment’ appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Researchers claim that most WhatsApp and Viber users are exposed to fraud and hacking

Source: National Cyber Security – Produced By Gregory Evans

Do you know that despite the end-to-end encryption provided by popular messaging platforms like Facebook Messenger, WhatsApp and Viber, your sensitive information is vulnerable to hacking? A new research has highlighted the importance of what is called an ‘authentication ceremony’ to help mitigate the risk. Researchers from Brigham Young University…

The post Researchers claim that most WhatsApp and Viber users are exposed to fraud and hacking appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Developers are most wary of these technologies being hacked

Source: National Cyber Security – Produced By Gregory Evans

In a new survey by Netsparker Ltd., a provider of web applications security, developers agreed that the government and financial services are the two sectors most vulnerable to hacking and that smart home IoT is the most vulnerable technology. Propeller Insights conducted the recent survey of U.S.-based software developers for…

The post Developers are most wary of these technologies being hacked appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures