By ANDY GREENBERG
ABOUT A YEAR ago, the two-decade-old trail of a group of Russian hackers led Thomas Rid to a house in the quiet London suburb of Hartley Wintney. Rid, a cybersecurity-focused political science professor and historian, wrote a long-shot email to David Hedges, a 69-year-old retired IT consultant who lived there. Rid wanted to know if Hedges might somehow still possess a very specific, very old chunk of data: the logs of a computer Hedges had used to run a website for one of his clients in 1998. Back then, Russian spies had commandeered it, and used it to help run one of the earliest mass-scale digital intrusion campaigns in computing history.
A few weeks later, Hedges answered as if he’d almost been expecting the request: The ancient, beige, HP 9000 computer that the Russians had hijacked was still sitting under his office desk. Its logs were stored on a Magneto optical drive in his home safe. “I’d always thought this might be interesting one day,” Hedges says. “So I put it in my safe and forgot about it until Thomas rang me.”
Over the months since then, Rid and a team of researchers from King’s College and the security firm Kaspersky have pored over Hedges’ data, which recorded six months of the Russian hackers’ moves as they breached dozens of American government and military agencies—a history-making series of intrusions that’s come to be known as Moonlight Maze. In research they’re presenting at the Kaspersky Security Analyst Summit Monday, they argue that their archaeological hacker excavation reveals more than just a digital museum piece from the dawn of state cyberespionage. The researchers say they’ve found a piece of vintage malicious code in that trove that survives today, as part of the arsenal of a modern-day team of Russian hackers—believed to have Kremlin ties—known as Turla. And they suggest that contemporary hacking team—though mutated and evolved through the years—could be the same one that first appeared in the late 90s, making it one of the longest-lived cyberespionage operations in history.
The number of data records breached soared in 2016 over the previous year, with the technology sector facing the brunt of the attacks.
Cybercriminals infiltrated some 1.4 billion data records last year – a whopping 86% increase over the previous year, according to a new report released today by digital security firm Gemalto.
This bounty of information was snagged in 1,792 incidents worldwide, which yielded a larger haul with fewer attempts, according to the report. The number of data record breaches fell 4% in 2016, compared with year-earlier figures.
By Michael Hill
A new type of ransomware dubbed WYSIWYE (What You See Is What You Encrypt) has been detected by researchers at PandaLabs.
As explained in a post on the firm’s website, the standard ransomware technique cyber-crooks employ is to gain access to a computer and then imply execute the corresponding malware automatically to start encryption and ultimately display the ransom message.
However, in an analysis of a recent intrusion, PandaLabs discovered a more personalized type of malware generator which allows attackers “the chance to customize the malware using a user-friendly interface prior to launching it. Making it even easier for those with little technical knowledge to target companies.”
By Klint Finley
GET READY TO say good-bye to your online privacy. Not that you ever really had it anyway.
The House of Representatives voted today to reverse Obama-era regulations preventing internet service providers from selling your web browsing history on the open market. A few Republicans broke rank to vote against the resolution, while Democrats stayed unified in opposing it. (The Senate’s approval last week stuck strictly to party lines.)
The rules, passed by the Federal Communications Commission last year, have yet to take effect. If President Donald Trump signs the resolution, they never will. What’s more, the measure bars the FCC from passing similar protections in the future. Even if Trump were to have an unexpected change of heart, the current FCC chair signaled earlier this month that he would likely kill or suspend the rules anyway. In the meantime, your internet provider is already free to sell your data without your opt-in permission.
Almost a third of European employees have sent unauthorized information to a third party.
According to research of 4000 people in Europe, 29% of respondents have “purposefully” sent information out of their company, while 15% have taken “business critical information with them from one job to another”. Over half (59%) planned to use it in their next job.
Neil Thacker, deputy CISO at Forcepoint, said that the choice to steal information is about responsibility and accountability from a cultural perspective. “Once [an employee] leaves, their loyalty has gone and when loyalty is gone, we do see an essence of data leakage and storing.”
The research also found that 14% of respondents would sell corporate log-ins to an outsider, and 40% of those would do so for less than £200. Perhaps this is because 22% either do not believe data breaches incur a cost to their employers, or were unsure whether they would.
Mobile device malware infection rates increased steadily in 2016, reaching an all-time high
- Smartphones hit hardest: infections rose nearly 400 percent in 2016, and accounted for 85 percent of all mobile device infections in the second half of 2016
- Massive Distributed Denial of Service (DDoS) attacks revealed urgent need for improved Internet of Things (IoT) device security
27 March 2017
Espoo, Finland – Nokia today issued its latest Threat Intelligence Report, revealing a new all-time high in mobile device malware infections, a sharp increase in compromised smartphones and major IoT device security vulnerabilities.
Issued twice per year, the Nokia Threat Intelligence Report examines general trends and statistics for infections in devices connected through mobile and fixed networks around the world.
The latest report revealed a steady increase in mobile device infections throughout 2016, with malware striking 1.35 percent of all mobile devices in October – the highest level seen since reporting started in 2012. The report also revealed a surge of nearly 400 percent in smartphone malware attacks in 2016. Smartphones were the most-targeted devices in the second half of the year, accounting for 85 percent of all mobile device infections.
Thursday, March 23, 2017
As part of its “Vault 7” series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices.
Dubbed “Dark Matter,” the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA called Embedded Development Branch (EDB) – the same branch that created ‘Weeping Angel’ attack – and focused specifically on hacking Mac and iOS firmware.
By Mohit Kumar
If you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th.
It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes gift cards.
The hacking group, who identified themselves as ‘Turkish Crime Family,’ has demanded a ransom to be paid in Bitcoin or Ethereum, another popular crypto-currency.
At the recent RSA Conference, FireMon surveyed the attitudes of 350 IT security professionals towards the skills shortage.
The research revealed that when it comes to hiring, 93 percent of respondents think experience is more important than qualifications. Furthermore, 73 percent said that it didn’t matter whether IT staff were college graduates when it came to getting the job done.
Respondents were split down the middle as to what was more important – good communication skills or the best technical skills.