Data Breach at PIP Printing Company Leaks Thousands of Highly Sensitive Documents*:
- An online security breach at a national printing chain leaked thousands of sensitive documents – from labor filings involving NFL players to lawsuits against Hollywood studios to personal immigration papers.
- The leak at PIP printing, which has more than 400 locations in 13 countries, went on for four months before it was repaired.
- The documents range from emails revealing credit card and social security numbers to extensive medical records belonging to high-profile athletes.
- PIP owner Michael Bluestein told a news outlet that the breach appeared to stem from a third-party IT firm that accidentally misconfigured the backup protocols – essentially leaving a “back door” open in the system.
- He also added that stronger-than-normal protections are being employed now to further lock down the PIP system.
- A number of California-based law firms were also affected in the breach, with papers related to immigration and lawsuits against powerhouse Hollywood studios among those leaked.
*Source: NBC news, February 11, 2017
Hackers May Have Just Cost Yahoo $250 Million*:
- Telecom giant Verizon agreed to buy Yahoo in mid-2016 for $4.8 billion, which would have left shareholders with about $40 billion in stakes in Yahoo Japan and Alibaba.
- A series of cyber-attacks that compromised more than a billion user accounts has led Verizon to reconsider how much it’s willing to pay for the Sunnyvale, California, company’s core Internet assets, including its search and e-mail features.
- Verizon is considering a renegotiated deal that would cut Yahoo’s sale price by about $250 million.
- The deal may be a good one for Yahoo, considering the scope of the hacks, which were among the largest cyber-security breaches in history.
- On news of the renegotiation, Yahoo’s stock climbed 2 percent as Verizon’s fell 0.7 percent.
- The deal was tentatively said to be reached during the first quarter of 2017, it will be delayed to the second quarter.
- Yahoo announced in an S.E.C. filing last month that C.E.O. Mayer, along with several other board members, including Yahoo co-founder David Filo, will step down.
*Source: Vanity Fair, February 15, 2017
UK Hit by 188 High-Level Cyber-Attacks in Three Months*:
- Britain is being hit by dozens of cyber-attacks a month, including attempts by Russian state-sponsored hackers to steal defence and foreign policy secrets.
- The National Cyber Security Centre (NCSC) has blocked 34,550 “potential attacks” on government departments and members of the public in the past six months – about 200 cases a day.
- Attacks by Russian and Chinese state-sponsored hackers on defence and foreign policy servers are among those being investigated by the NCSC.
- The head of the NCSC stated that “over the last two years there has been a step change in Russian aggression in cyberspace.”
- A former defence and foreign secretary warned that hacks could bring down national infrastructure and that even kettles, fridges and driverless cars were at risk.
*Source: The Guardian, February 12, 2017
Mac Malware Attacks Tied To Russian Spy Group That Hacked DNC*:
- Fancy Bear – also known as APT28 and Sofacy – is the Russian hacking unit that hacked the Democratic National Committee.
- They also made headlines when they breached NATO, the White House, and the World Anti-Doping Agency.
- This time they’re in the news for an advanced strain of malware that targets Mac computers; security researchers have labelled it XAgentOSX.
- XAgentOSX will capture screenshots, steal passwords, log keystrokes, and search for desirable files such as iPhone backups, then uploads the information to a remote FTP server.
- This strain of malware is being linked to Fancy Bear because security teams discovered similarities between the Windows malware the group is known to have used in previous attacks.
- The good news is that the average Mac user is not likely to be a Fancy Bear target.
- Fancy Bear is a cyber espionage group, and as such they tend to focus efforts on government and military groups, non-government organizations, and contractors.
*Source: Forbes, February 15, 2017
Link Cybersecurity to Business Outcomes*:
- CIOs need to work with executives to address cybersecurity and risk through a business lens.
- Cybersecurity is no longer just an IT problem; as digital business evolves to include ecosystems and the open digital world, cybersecurity needs to evolve from a back-office IT problem to an enterprise-wide business consideration.
- Actions like securing externally owned infrastructure and establishing digital trust with customers is tied to both cybersecurity and corporate performance.
- IT professionals know there is no risk-free security, but executives think that with enough money and staff, IT can create a risk-free security setup.
- CIOs need to share the narrative that appropriate levels of security balance the need to protect with the need to run the business.
- It’s well-known that people are the biggest security risk, but they can actually also be a security asset – CIOs need to create a people-centric approach to security that shapes behaviour.
- Develop a dashboard of leading technology indicators linked to business outcomes.
- By mapping business outcomes to technology dependencies, CIOs will be able to identify the five to nine metrics to demonstrate both the business value of IT and the appropriate status of risk and security to executives and the board of directors.
*Source: Gartner, February 13, 2017
In Digital Rush, Banks May Let You Down*:
- Reserve Bank of India deputy governor SS Mundra has addressed three conferences and laments that while the threats for over 1.4-billion bank accounts are on the rise, the banks are hardly doing much to protect their customers.
- They don’t even do the mandatory reporting to the regulator on time, let alone take precautionary measures.
- The $1.5-trillion Indian Banking industry in the last 6 months has reluctantly reported that a dozen banks were hit by malware, which included compromising 3.2 million card details.
- Cyber-attacks can really bring down institutions as it recently happened with the Bangladesh central bank were operations came to a grinding halt.
- The state of affairs in Indian banks does not give confidence, and RBI has appointed a standing committee to redraw cyber security preparedness.
- While the regulator mandates reporting of cyber-attacks within 2-6 hours of detection, banks usually skip it, so the official numbers don’t reflect the true story.
- The top 51 banks in India have lost Rs 485 crore ($72.44 million USD) between April 2013 and Nov 2016 and 56 per cent of the money lost is due to Net banking thefts and card cloning incidents.
- There are at least 15 ransomware attacks per hour and one in three Indians falls prey to it.
- Globally, banks set aside 12-15 per cent of the annual tech spend for cyber security, while in India, most big banks do not even spend a couple of million dollars on IT.
- Gartner, a global technology consultant, has predicted that IT spends by domestic banks and securities firms are expected to grow nearly 10 per cent to $8.9 billion in 2017.
- RBI has warned banks that prevention is better than cure and banks will do well to secure themselves from a threat that has the potential to bring down a financial institution.
*Source: The Economic Times, February 15, 2017
Hacker Breached Dozens of Universities and Government Agencies*:
- A hacker has reportedly obtained access to the computer systems of prominent universities, including Cornell and New York University, and is attempted to sell that illegal access on the Internet, according to a research firm.
- The hacker known by the name Rasputin, gained notoriety last November for breaching a U.S. agency responsible for election oversight.
- Recorded Future learned of the hackers as part of its business monitoring Internet forums on the so-called "dark web” where criminals often meet to swap or sell hacking information.
- The severity of the breaches is unclear but the report says all of them pertain to a common database vulnerability known as SQL injection.
- In the case of universities, such a flaw might be found on a library webpage or a course selection tool, or any number of other school websites.
- In theory, the vulnerabilities could allow Rasputin or another hacker to obtain private information about students or staff, or about non-public operations at one of the universities or agencies.
- Recorded Future says it alerted the universities and the rest of Rasputin’s targets prior to publishing news about the vulnerabilities so they could patch website flaws before they became more widely known.
- Other prominent names among Rasputin's targets are: the Universities of Oxford and Cambridge, UCLA, the University of Washington, and the cities of Pittsburgh, Pa. and Springfield, Mass.
- His efforts reflect a variety of new strategies on the part of criminal hackers that have arisen because many older forms of online crime, like selling credit card data, have become less lucrative.
- Recorded Future and similar companies scour the dark web on behalf of corporate clients.
*Source: Fortune, February 15, 2017
Your New Tool to Beat Hackers*:
- Drew Paik, founder of security firm Authentic8, reported that hackers access phones from public outlets and wi-fi via a technique called “juice jacking.”
- It works because your USB cable is designed to transmit data, even when you might not want it to.
- Your whole phone is compromised if you plug into a jacked outlet; hackers can see your photos, texts, emails, and potentially anything else on your phone.
- This form of hacking is absurdly easy to beat: carry a portable battery.
- Charge one from a secure place, and you’ll have a power source that isn’t going to covertly record everything you do.
- You can also buy charge-only USB cables that are incapable of transmitting data.
- Authetic8 put up a charging station at a recent conference and watched the people who used it – RSA is a security conference where you might expect to find cautious people, but Paik said 80-percent didn’t even ask if the public outlet was safe before plugging in.
*Source: The Next Web, February 02, 2017