Week of May 12, 2017


Week of May 12, 2017

Hackers Hit Dozens of Countries with a Stolen N.S.A. Tool*:

  • Hackers using a tool stolen from the United States government conducted extensive cyber-attacks that hit dozens of countries around the world.
  • The attacks amounted to a global blackmail attempt spread by the internet and underscored the vulnerabilities of the digital age.
  • The attacks appeared to be the largest ransomware assault on record, but the scope of the damage was hard to measure.
  • The attacks began with a simple phishing email, then quickly spread through victims’ systems using a hacking method that the NSA is believed to have developed.
  • Finally, they encrypted the computer systems of the victims, locking them out of critical data.
  • The attacks appeared to be the first time a cyberweapon developed by the NSA and stolen by an adversary had been unleashed by cybercriminals against patients, hospitals, businesses, governments, and ordinary citizens.
  • The United States has never confirmed that the tools posted by the Shadow Brokers belonged to the NSA or other intelligence agencies.
  • The recent attacks are likely to raise questions about whether the growing number of countries developing and stockpiling cyberweapons can avoid having those same tools stolen and turned against their own citizens.
  • In Britain, hospitals were locked out of their systems and doctors could not call up patient files.
  • In Russia, the Interior Ministry confirmed that around 1,000 computers were infected, but technicians had contained the attack.
  • Other targets included corporate computer systems in many other countries.

*Source: New York Times, May 12, 2017


Intel Chip Vulnerability Lets Hackers Easily Hijack Fleets of PCs*:

  • A vulnerability in Intel chips that went undiscovered for almost a decade allows hackers to remotely gain full control over affected Windows PCs without needing a password.
  • The critical rated bug lies in a feature of Intel's Active Management Technology (AMT) which allows IT administrators to remotely carry out maintenance on entire fleets of computers as if they were there in person.
  • AMT also allows the administrator to remotely control the computer’s keyboard and mouse, even if the PC is powered off.
  • The researchers credited with finding the bug explained that the default “admin” account for the web interface effectively lets anyone log in by entering nothing at the log-on prompt.
  • Intel’s advisory said that systems – including desktops, laptops, and servers – dating back as early as 2010 and 2011 and running firmware 6.0 and later are affected by the flaw.
  • Intel said in a statement that it’s working with its hardware partners to address the problem.

*Source: ZD net, May 07, 2017


Germany Challenges Russia Over Alleged Cyber-Attacks*:

  • The head of Germany's domestic intelligence agency accused Russian rivals of gathering large amounts of political data in cyber attacks.
  • Moscow denies it has in any way been involved in cyber attacks on the German political establishment.
  • Some cyber experts have drawn clear links between APT28 and the GRU Russian military intelligence organization.
  • There had been subsequent attacks after the 2015 Bundestag hack that were directed at lawmakers, the Christian Democratic Union of Chancellor Angela Merkel, and other party-affiliated institutions, but it was unclear if they had resulted in the loss of data.
  • Germany’s top cyber official last week confirmed attacks on two foundations affiliated with Germany's ruling coalition parties.
  • Germany is reportedly working hard to strengthen its cyber defences, but also needs the legal framework for offensive operations.
  • Berlin was studying what legal changes were needed to allow authorities to purge stolen data from third-party servers, and to potentially destroy servers used to carry out cyber-attacks.
  • The German government also remained deeply concerned about the possibility that German voters could be manipulated by fake news items.

*Source: Reuters, May 04, 2017


Wi-Fi Holography Can Be Used to “Spy” on Entire Rooms and Buildings*:

  • We think of Wi-Fi as primarily bathing our homes and offices in a comfy, invisible blanket of data and internet access.
  • The microwave radiation sent out from a hotspot can be used to generate a three-dimensional image of the surrounding environment.
  • Researchers have come up with a process that creates a holographic image of a space from the microwave radiation of a Wi-Fi signal bouncing off people and objects.
  • The scientists say their method could be used in automated industrial settings, to track objects moving through a facility, for example.
  • This new ability to use Wi-Fi to essentially spy on entire rooms and buildings does raise questions of privacy, but it is unlikely the process will be used to look into foreign bedrooms in the near future; for that, you would need a large antenna, which wouldn’t go unnoticed.
  • The holographic imaging system requires simply one fixed and one movable antenna.
  • The technology could advance to be useful in rescue operations to help reach victims buried by an avalanche or a collapsed building.
  • They also hope to learn about materials that are more translucent or transparent to microwaves to provide better privacy protection or allow for better tracking of equipment in factory floors.

*Source: New Atlas, May 06, 2017


Hackers Find Celebrities’ Weak Links in Their Vendor Chains*:

  • In December, hackers impersonating an executive at a record label managed to bypass all the latest in digital defences with a simple email.
  • The hackers urged an executive at September Management, a music management business, to send them Lady Gaga’s stem files.
  • With a click of a button, the files made their way into hackers’ hands.
  • The heist was a classic example of how hackers exploit the weakest link in the extensive chain of vendors that corporations must trust with their most valuable intellectual property.
  • Cybercriminals have found a lucrative niche: they may not be able to break into large entertainment corporations, but those targets are supported by a system of soft targets that do not have the same resources or security technology.
  • Last month, a hacker using the pseudonym “TheDarkOverlord” leaked unreleased episodes of the Netflix series “Orange Is the New Black” after Netflix and Larson Studios refused to pay a ransom amounting to about $45,000.
  • The security weaknesses of vendors are increasingly the weaknesses of their clients, no matter how fortified their own networks.
  • The vast majority of breaches – 80% by some estimates – stem from a supplier or vendor.
  • Security companies have promised to protect their clients from cyber-attacks, while ignoring the less secure vendors, consultants, and distributors in clients’ supply chains.
  • Companies like BitSight Technologies and Security Scorecard in have developed a rating system that allows corporations and government agencies to evaluate how hacker-friendly vendors and other third parties are.
  • For years, hackers tried to extort money from companies by taking their websites offline with floods of internet traffic, but more recently, cybercriminals have deployed ransomware that locks out the user.
  • Hackers are also resorting to extortion – TheDarkOverlord hit a midsize investment bank, a glue company, a cancer charity, health care providers, and other charities across the country last year.

*Source: New York Times, May 07, 2017


Hotel Cyber Attacks: How Guests Can Stay Safe*:

  • One of the world’s largest technology companies, is reporting that “an incident of unauthorized access to payment information,” occurred in one of its reservations systems.
  • There was a great deal of media attention after InterContinental Hotels Group revealed a breach earlier this year that affected up to 1,200 hotels, while the breach of Sabre’s reservations systems that powers more than 30,000 properties has gone largely unnoticed by the consumer press.
  • Sabre isn’t saying much and gives no indication as to the scope of the breach, but says they have contacted law enforcement and retained a third-party expert to investigate.
  • The cyber security community seems to think that the tourism industry can start to expect an increasing number of data breaches.
  • Security experts have some recommendations when it comes to hotels: stop using debit cards to check into hotels, use credit cards instead and when you travel, bring your own router.
  • Connecting to free Wi-Fi hotspots can be a risky practice.
  • A security company set up fake Wi-Fi hotspots at last year’s Republican National Convention to see how many people would log in, and 1,200 people accessed the free Wi-Fi addresses even without knowing the source.
  • Some 68% of those users revealed personal data such as email passwords and bank login credentials while they were logged on.
  • In hotels, hackers can set up a hotspot that mirrors the hotel name, and once the user logs in the hacker can see all their movements as the surf the web.
  • Other recommendations for using public Wi-Fi include only signing into encrypted sites that use an HTTPS (rather than HTTP) address, and never sign into sites that contain your financial information.

*Source: Travel Pulse, May 06, 2017


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top