Security Fears Have Held Companies Back from Adopting Cloud Services*:
- Cybersecurity concerns have discouraged companies from moving their data and applications from their private servers to public clouds according to a recent study.
- Less than half of companies surveyed have moved more than 10% of their workloads to public cloud services such as Google Cloud and Amazon Web Services, though many more plan to increase their reliance on such services in the next three years.
- The study surveyed 90 companies across multiple industries.
- 80% of companies in the study plan to move more than 10% of their workloads onto public cloud systems or plan to double their use of cloud services in the next three years.
- This prospective embrace of cloud services may be due to companies' CISOs beginning to trust the security provided by large service providers.
- CISOs are now primarily concerned with figuring out how to update their own security practices and hardware to be as secure as possible while using cloud services.
*Source: Business insider, January 04, 2018
The Biggest Hacks and Data Breaches of 2018*:
- There's already been a number of high profile cybersecurity incidents in 2018, despite it only being mid-January.
- Fined: Carphone Warehouse: The UK's data protection regulator, the Information Commissioner's Office (ICO), hit Carphone Warehouse with a £400,000 fine after the details of three million customers were accessed in 2015.
- Data breach: US Homeland Security: The US department of Homeland Security told 247,167 of its employees there had been a "privacy incident" with one of its databases for those that worked there in 2014.
- Data breach: Aadhaar: India's giant one billion person public database was compromised in January 2018.
*Source: Wired, January 15, 2018
OnePlus Site was Reportedly Hacked to Steal Credit Card Details*:
- Anybody who used a credit card to purchase a new OnePlus handset from the company’s official site ought to immediately contact their bank: hackers might be out to steal your funds.
- Cyber-security firm Fidus has discovered a vulnerability that might have allowed malicious agents to sweep sensitive credit card data from the website of the China-based phone-maker.
- Hundreds of affected users have reported suspicious activity on their credit cards, with the first fraud attempts coming within a year of purchasing items from OnePlus.
- Research does not confirm that the OnePlus site was breached; rather, it suggests where the attacks might have come from – and it seems the weakest link might be the Magento eCommerce platform.
- The cybersecurity specialist says the payment integration, which has previously been hacked on several occasions, is often targeted by malicious actors.
- While the Chinese phone-maker has yet to release an official statement with regards to this ordeal, a moderator on its forum has since cast doubt on the accuracy of Fidus’ research, arguing that the suggested attack vectors are not consistent with the evidence.
*Source: The Next Web, January 15, 2018
Hospital Sent Offline as Hackers Infect Systems with Ransomware, Demand Payment*:
- A US hospital has been forced to shut down its computer systems after criminal hackers infected the internal network with file-locking ransomware and demanded payment.
- Hancock Regional Hospital in Indiana confirmed that it was running on pen and paper following the malicious cyberattack.
- Officials stressed that doors remained open, and that patient data was not compromised.
- The hospital's IT administrators called in the FBI after realising the scale of the incident had escalated out of their control.
- Hackers use ransomware, which typically spreads via email attachments, to lock down computer files, then demand money for a decryption key needed to free the network.
- Both cybersecurity firms and law enforcement experts advise against paying hackers' demands.
- It remains unclear how much money the digital crooks demanded in this case.
*Source: IB Times, January 15, 2018
Hackers are Attacking the Electric Grid*:
- Last September, news broke that hackers had laid siege to the US power grid, probing deep into dozens of energy firms, looking for weaknesses to exploit.
- The Department of Homeland Security issued a threat warning about an ongoing stream of malware attacks that could one day lead to disruption in every sector of the economy.
- Girding our grid (some of which dates back to 1917) could cost $500 billion – too pricey for the more than 3,200 private companies that own its hardware.
- To shore up defences, the feds are funding small and nimble teams of experts to develop security and detection patches that will hopefully protect the system and help it recover should malicious actors succeed.
- A hacker’s ultimate goal is to own a master control center.
- Within these critical hubs, system operators rely on video-covered walls and button-filled consoles to keep the grid going; so some power companies are creating duplicates.
- These twin nerve centers trade off grid-control duties and can also access pre-hack backups, allowing workers to replace a virus-infested system with a clean version.
- When a Black Sky hits, engineers have three days before food spoils, medicine and water run out, batteries die, and the public loses its collective marbles.
- Utilities increasingly rely on smart meters: wireless devices that relay data about homes’ power usage to companies for monitoring and billing.
- Like all networked devices, smart meters are vulnerable to cyber-attacks, so some companies are developing ways to keep hackers off the network.
- Protected with heavy encryption and multiple authentication checks, it can secure these devices while utilities shore up the rest of the grid.
*Source: Popular Science, January 17, 2018
Facebook Password Stealing Apps Found on Android Play Store*:
- Security researchers have now discovered a new piece of malware, dubbed GhostTeam, in at least 56 applications on Google Play Store that is designed to steal Facebook login credentials and aggressively display pop-up advertisements to users.
- Discovered independently by two cybersecurity firms, the malicious apps disguise as various utility, performance-boosting, entertainment, lifestyle, and video downloader apps.
- Like most malware apps, these Android apps themselves don’t contain any malicious code, which is why they managed to end up on Google's official Play Store.
- Once installed, it first confirms if the device is not an emulator or a virtual environment and then accordingly downloads the malware payload.
- As soon as users open their Facebook app, the malware immediately prompts them to re-verify their account by logging into Facebook.
- Instead of exploiting any system or application vulnerabilities, the malware uses a classic phishing scheme in order to get the job done.
- These fake apps simply launch a WebView component with Facebook look-alike login page and ask users to log-in.
- Stolen Facebook accounts can expose "a wealth of other financial and personally identifiable information," which can then be sold in the underground markets.
- Security firms believe that GhostTeam has been developed and uploaded to the Play Store by a Vietnamese developer due to considerable use of Vietnamese language in the code.
- According to researchers, the most users affected by this malware reside in India, Indonesia, Brazil, Vietnam, and the Philippines.
- Besides stealing Facebook credentials, the GhostTeam malware also displays pop up adverts aggressively by always keeping the infected device awake by showing unwanted ads in the background.
- All the apps have since been removed by Google from the Play Store after researchers reported them to the company.
- Users who have already installed one such app should make sure they have Google Play Protect enabled.
- The best way to protect yourself is always to be vigilant when downloading apps, and always verify app permissions and reviews before you download one.
- You are also strongly advised to keep a good antivirus app on your mobile device that can detect and block such threats before they infect your device.
*Source: The Hacker News, January 18, 2018
Most IT Execs Have Zero Control Over Password Hygiene*:
- Despite the clear danger that passwords pose to organizations, more than half of IT executives in a recent survey said they rely solely on employees to monitor their own password behavior.
- The survey from LastPass and Ovum, which queried a few hundred IT executives and corporate employees in EMEA, revealed that 76% of employees regularly have problems with password usage or management, and nearly a third of users need help desk support at least once every month.
- This onus on personal responsibility translates into companies wrestling with a lack of visibility and control.
- 62% of IT executives rely exclusively on employee education to enforce strong passwords, with no technology in place to enforce any password strength requirement.
- 75% of IT executives lack control over the cloud-based applications used by their employees, subsequently leaving the company at risk – and shining a light on the disconnect between IT policy and human behavior.
- When asked how they guard against unnecessary password sharing, 63% of IT execs had no technology in place and only 14% have the automated control facilities in place to know when it is happening.
- Far too many organizations are leaving the responsibility for password management to their employees and don’t have the automated password management technology in place to identify when things are going wrong.
*Source: Info Security, January 19, 2018