Personal Cybersecurity #43: Daily news

What you need to know for your personal cyber security life…

Number forty-three in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the informational loop.

And, just so you know, I’ve got 31 years of IT experience, and my day job is with the State of Wyoming as an Information Specialist. I believe an informed prepper is a BETTER prepper. Information is the life blood of being prepared. Learn more with every article in this continuing series. Please ask questions if you want to learn more…I’m here to help.

evil inside

# # #

HEADLINES…for this issue…15 articles

  • This Site Shows Who Is Hacking Whom Right Now — And The US Is Getting Hammered
  • Hebrew no shield from hackers, phony bank app shows
  • Security industry runs aground
  • Sourcefire founder Martin Roesch shares lessons from building a $2.7 billion business
  • Airport breach a sign for IT industry to think security, not money
  • Secure Messaging App Wickr Raises $30 Million Series B
  • Android malware targets South Korean online banking customers
  • Want to know the WIFI password for the Brasil World Cup security center?
  • Hackonomics: Cybercrime‘s cost to business
  • Hospital Networks Are Leaking Data, Leaving Critical Devices Vulnerable
  • At least 32, 000 servers broadcast admin passwords in the clear, advisory warn
  • Garmin tackles ‘misinformation’ on hacking aircraft avionic
  • Microsoft: NSA security fallout ‘getting worse, ‘ ‘not blowing over’
  • USENIX: Unstable code can lead to security vulnerabilities
  • Cybercriminals Zero In on a Lucrative New Target: Hedge Funds

# # #

This Site Shows Who Is Hacking Whom Right Now — And The US Is Getting Hammered

  • By Jeremy Bender
  • Business Insider
  • June 26, 2014

U.S.-based computer security firm Norse has released a real-time animated map that illustrates ongoing cyberattacks around the world. Without a doubt, the U.S. is getting constantly hammered by hackers.

In just 45 minutes, the U.S. was the victim of 5,840 cyberattacks.

Within that span of time, the U.S. suffered from 27 times more cyberattacks than Thailand, the second most targeted country. Thailand was the target of only 220 cyber attacks during these 45 minutes.

The Norse map does not represent all hacking attempts in the world. Instead, according to Smithsonian Magazine, the map relies on a Norse honeypot network — a network purposefully designed to detect hacking — to provide a representative snapshot of global hacking attempts.


# # #

Hebrew no shield from hackers, phony bank app shows

  • By David Shamah
  • The Times of Israel
  • June 26, 2014

Israelis are just as vulnerable as anyone else to hacking and data theft, and their right-to-left language won’t shield them, experts say, after discovering a Hebrew version of a dangerous phony bank app.

While a Hebrew interface is no guarantee of an app’s safety, said Israeli security expert Tal Pavel, seeing their native language is uncommon enough that it would probably lead Israelis to trust the app more. “It’s really a sophisticated form of ‘phishing,’ where hackers use a form of social engineering to steal data,” said Pavel.

In a phishing scam, said Pavel, an expert on Internet usage and crimes in the Middle East, “hackers search for a ‘weak link ,’ matching a message with a potential victim, using threats, rewards, fear or other psychological tactics to get the victim to click on a link or open a document that will install a virus or trojan, giving them access to data.”

In this case, he said, the legitimate-looking Hebrew app that is almost indistinguishable from the real thing would be enough to prompt Mizrahi Bank customers to download the app and allow hackers free access to their data.


# # #

Security industry runs aground

  • By a staff writer
  • 26 June 2014

The IT security industry is unable to cope with cybercrime and needs to come up with a better way of protecting customers.

Eugene Spafford, a computer security expert and professor of computer science at Purdue University, said that the security industry is just adding layers of defensive technologies to protect systems.

However it can’t deal with the most substantial, underlying problems that sustain a sprawling cybercrime syndicate.

Talking at the FIRST security conference in Boston, Spafford said that software makers continue to churn out products riddled with vulnerabilities, creating an incessant patching cycle for IT administrators that siphons resources from more critical areas.

He said that the problem was so bad that today businesses are rushing to invest in many of the latest security technologies designed to detect infections without any ability to efficiently fix them.


 # # #

Sourcefire founder Martin Roesch shares lessons from building a $2.7 billion business

  • By Steven Overly
  • The Washington Post
  • June 26, 2014

Martin Roesch founded cybersecurity software firm Sourcefire in 2001 with the goal of making money on a widely used and freely distributed security program he had built years earlier called Snort. Twelve-and-a-half years later, Cisco bought the company for $2.7 billion. Now that’s what you call making money. In an interview last week at start-up hub 1776, Roesch shared lessons learned along the way with a gathering of tech and security enthusiasts:

Admit what you don’t know.

In 2002, Roesch was flying back and forth between Sourcefire’s Columbia headquarters and the offices of West Coast investors. Every time he returned, there was a new face in the office.

The company went from four employees to 30 in less than six months.

“I was very, very scared. We were growing so quickly and things felt out of control and I didn’t have any experience with what we were doing. I was terrified I was going to screw up and kill us all,” he said.

So Roesch made a decision that more egotistical founders might find difficult: He hired someone to take over as chief executive who had the business acumen to complement his technical know-how.


 # # #

Airport breach a sign for IT industry to think security, not money

  • By Antone Gonsalves
  • CSO Online
  • June 26, 2014

The two U.S. airports that had their computers compromised by an unknown group of hackers is a wake up call that America’s best IT talent needs to focus less on money and more on national security, an expert says.

The Center of Internet Security (CIS), a government-endorsed nonprofit that helps states with cybersecurity, said in its recently released report that it was notified in the summer of 2013 of advanced persistent attacks (APTs) against four U.S. airports.

The CIS later learned that the same attackers were targeting eight other airports.

Because there’s no financial gain from going after airports, “the logical point of these attacks is to be able to support taking down or controlling critical systems in time of war or conflict,” Murray Jennex, a San Diego State University professor and former systems engineer at the San Onofre nuclear power plant in California, said.


 # # #

Secure Messaging App Wickr Raises $30 Million Series B

  • By Sarah Perez
  • June 26, 2014

Self-destructing and encrypted messaging app Wickr raised $30 million in Series B funding, the company is announcing today, in a round led by Jim Breyer, founder and CEO of Breyer Capital, with participation from CME Group and Wargaming. Breyer will now join the company’s board. The new round comes on the heels of Wickr’s $9 million Series A announced earlier this year.

The app was created by CEO Nico Sell, also co-founder of the DEF CON security conference, as a tool that allows senders and receivers to communicate privately. Only the receiver is able to decrypt the message after it’s sent, as the company itself does not hold the decryption keys.

Security and privacy are popular topics in this post-Snowden era, where a backlash against mainstream social services is finding new footing with those of a younger generation, as well as those wanting to protect themselves from overzealous ad-targeting or even in some cases, totalitarian government regimes.


 # # #

Android malware targets South Korean online banking customers

  • By Jeremy Kirk
  • IDG News Service
  • June 26, 2014

Malicious software that swaps itself for legitimate online banking applications is striking users in South Korea, with thousands of devices infected in the last week, according to a Chinese mobile security company.

Cheetah Mobile, formerly known as Kingsoft Internet Security Software, wrote that the banking malware masquerades as a popular game or tool on third-party Android application markets.

Google checks Android applications in its Play store for malicious behavior, but third-party marketplaces are often rife with malicious applications. Security experts advise caution when using such sources for applications.

If the malicious application is installed, it scans for the official applications of South Korean banks including Nong Hyup, Shinhan, Kookmin, Woori, Hana, Busan and the Korean Federation of Community Credit Cooperatives, Cheetah Mobile wrote.


 # # #

Want to know the WIFI password for the Brasil World Cup security center?

  • By William Knowles
  • Senior Editor
  • InfoSec News
  • June 24, 2014

(Updated – June 26, 2014)  The password and WiFi SSID for the World Cup’s security center were exposed after a photograph appeared n the online version of Correio Braziliense.

Luiz Cravo Dorea, head of international cooperation at the Federal Police is standing in the main security center, behind him in the lower corner of the video monitors is the SSID of WORLDCUP and the password: b5a2112014

The Jerusalem Post is reporting that the Rishon Lezion based security company RISCO Group is providing security management at the soccer stadium in Cuiaba, Brazil.

The state-of-the-art 41,000-seat Arena Pantanal, which cost $537 million to build, is one of the 12 host venues for the World Cup.


 # # #

Hackonomics: Cybercrime‘s cost to business

  • By Violet Blue
  • Zero Day
  • ZDNet News
  • June 25, 2014

They say “crime pays” — but we can be certain the paychecks for cybercrime come right out of the pockets of every business with a digital footprint.

In March, Juniper Networks and RAND Corporation released Hackonomics: A First-of-Its-Kind Economic Analysis of the Cyber Black Markets; its conclusion that the “Cyber Black Market” is more profitable than the global illegal drug trade led us to examine the cost of the cyber black market on businesses.

Actual costs of cybercrime are much debated, and the dozens of threat reports issued in 2014 differ on the details. This is likely because companies have a hard time knowing what was stolen, among other complex issues that keep surveys, reports and studies from being accurate.

It may also have a bit to do with the fact that some of the companies issuing reports — namely, ones that sell cybercrime prevention and detection software — are stakeholders in cybercrime’s reputation as a growth industry.

One well-known example of fudging was the 2009 report by the Center for Strategic and International Studies, which estimated hacking costs to the global economy at $1 trillion. President Barack Obama, various intelligence officials and members of Congress have cited this number when pressing for legislation on cybercrime protection.


 # # #

Hospital Networks Are Leaking Data, Leaving Critical Devices Vulnerable

  • By Kim Zetter
  • Threat Level
  • 06.25.14

Two researchers examining the security of hospital networks have found many of them leak valuable information to the internet, leaving critical systems and equipment vulnerable to hacking.The data, which in some cases enumerates every computer and device on a hospital’s internal network, would allow hackers to easily locate and map systems to conduct targeted attacks.

In at least one case, a large health care organization was spilling info about 68,000 systems connected to its network. At this and every other facility that was leaking data, the problem was an internet-connected computer that was not configured securely. Quite often, the researchers found, these systems also were using unpatched versions of Windows XP still vulnerable to an exploit used by the Conficker worm six years ago.

“Now we know all the targeted info and we know that systems that are publicly connected to the internet are vulnerable to the exploit,” says Scott Erven, one of the researchers, who plans to discuss their findings today at the Shakacon conference in Hawaii. “We can exploit them with no user interaction… [then] pivot directly at the medical devices that you want to attack.”


 # # #

Garmin tackles ‘misinformation’ on hacking aircraft avionic

  • By AOPA ePublishing staff
  • June 18, 2014

With much publicity the past several months focusing on hacking and security breaches—in the media, TV shows, and movies—Garmin is setting the record straight on the myths around one such possible breach: hacking aircraft avionics.

Garmin, an industry leader in aviation avionics, said in a blog posted June 17 that avionics manufacturers take numerous measures to ensure that avionics are safe and secure for pilots to use.

Garmin said that its software runs on proprietary operating systems “that would make it much more difficult to successfully accomplish an attack,” and that “proprietary protocols, data input validations, and other mitigations are in place to prevent viruses or malware from infecting, or affecting, our equipment.”

In addition, avionics manufacturers perform safety assessments on what could happen in an aircraft if the avionics data were corrupted, deliberately or not, and then develop mitigations for those possibilities before they go through equipment certification. And, all avionics are able to be overridden by the pilot, if he or she determines the aircraft is not doing what was intended. In many cases, pilots also must validate that their flight plan information is uploaded correctly and accept it before using it for active navigation. These actions help prevent input mistakes by the pilot as well as enhance security.


 # # #

Microsoft: NSA security fallout ‘getting worse, ‘ ‘not blowing over’

  • By Jack Clark
  • The Register
  • 19 Jun 2014

Microsoft’s top lawyer says the fallout of the NSA spying scandal is “getting worse,” and carries grim implications for US tech companies.

In a speech at the GigaOm Structure conference in San Francisco on Thursday, Microsoft general counsel Brad Smith warned attendees that unless the US political establishment figures out how to rein in its spy agencies, there could be heavy repercussions for tech companies.

“What we’ve seen since last June is a double-digit decline in people’s trust in American tech companies in key places like Brussels and Berlin and Brasilia. This has put trust at risk,” Smith said.

“The longer we wait or the less we do the worse the problem becomes,” he explained. “We are seeing other governments consider new procurement rules – procurement rules that could effectively freeze out US-based companies.”


 # # #

USENIX: Unstable code can lead to security vulnerabilities

  • By Joab Jackson
  • IDG News Service
  • June 19, 2014

As if tracking down bugs in a complex application isn’t difficult enough, programmers now must worry about a newly emerging and potentially dangerous trap, one in which a program compiler simply eliminates chunks of code it doesn’t understand, often without alerting the programmer of the missing functionality.

The code that can lead to this behavior is called optimization-unstable code, or “unstable code,” though it is more of a problem with how compilers optimize code, rather than the code itself, said Xi Wang, a researcher at the Massachusetts Institute of Technology. Wang discussed his team’s work at the USENIX annual technical conference, being held this week in Philadelphia.

With unstable code, programs can lose functionality or even critical safety checks without the programmer’s knowledge.

That this problem is only now coming to the attention of researchers may mean that many programs considered as secure, especially those written in C or other low-level system languages, may have undiscovered vulnerabilities.


 # # #

Cybercriminals Zero In on a Lucrative New Target: Hedge Funds

  • By Nicole Perlroth
  • Bits
  • The New York Times
  • June 19, 2014

They say crime follows opportunity.

Computer security experts say hedge funds, with their vast pools of money and opaque nature, have become perfect targets for sophisticated cybercriminals. Over the past two years, experts say, hedge funds have fallen victim to targeted attacks. What makes them such ripe targets is that even as hedge funds expend millions in moving their trading operations online, they have not made the same investment in security.

The latest evidence comes in the form of a new report Wednesday from BAE Systems, a computer security firm, that an unnamed hedge fund lost millions of dollars after criminals installed malware on its trading systems late last year. The malware was designed to insert a lag time in the hedge fund’s trading system and record the details of orders, so the attackers could trade on the information themselves.

According to BAE Systems, the attack began with a so-called spearphishing email, which contained links purporting to be about capital markets. Once they were clicked, an employee inadvertently downloaded malware onto a computer that gave criminals deeper access to the fund’s trading systems. The attack was noticed only after the fund’s analysts and tech staff discovered the lag times in its algorithmic trading strategy and abnormal file movement on its network. The breach, which was first reported by CNBC, cost the fund millions of dollars in recovery, according to BAE Systems, which did not name the fund.

But security experts say the crime is hardly new. “Hedge funds have been victims of targeted cyberattack over the past two years,” said Tom Kellermann, the chief cybersecurity officer at TrendMicro. “Hedge funds are woefully undersecured. The lack of investment in their cybersecurity has placed them in the line of fire.”


 # # #


Updated: July 27, 2014 — 4:13 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 24th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural southern Wyoming, just below the continental divide (long story, that...). Always ready to help others, he shares what he learns on multiple blogs, many social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.