Looking at Cyber Crime

Looking at Cyber Crime
We are hooked on the internet and demand to be connected to the digital world 24/7. Our reliance on the online world and willingness to divulge our personal information with websites creates unique opportunities for criminals to steal our data, an extremely valuable commodity that can be exploited for vast profit.

Many people fail to recognize just how much of a widespread issue cybercrime is and as a result, fail to sufficiently protect themselves against it. Every individual and business with an online presence is vulnerable.

Although cybercrime cannot be stopped entirely, we can still take important measures to prevent it, which is why the cybersecurity industry is now worth a staggering $120 billion, a figure only likely to rise over the next few years. Even free anti-virus software like Avast can help protect against malware threats, which is why every computer or mobile device should have it installed.

To learn more about cybercrime and the role it’s now playing in our world, take a look at the updraft word press plugin blog post, who have provided an excellent infographic to visually demonstrate the realm of cyber crime.

Winter Olympics Targeted by Hackers

Winter Olympics Targeted by Hackers
Hackers have attempted to steal sensitive data from groups involved with next month’s Winter Olympics, cyber-security firm McAfee said. The report found malware-infected emails were sent last month to organisations linked to the Pyeongchang Games. It did not identify those responsible, but said more attacks tied to the upcoming Olympics were likely. In similar past attacks, hackers tried to obtain passwords and financial data.

McAfee said a number of groups associated with the Olympics had received malicious emails – including several affiliated with ice hockey.

“The majority of these organisations had some association with the Olympics, either in providing infrastructure or in a supporting role,” the security firm said.

“The attackers appear to be casting a wide net with this campaign.”

The emails were sent from a Singapore IP address and told readers to open a text document in Korean.

McAfee said the hackers were trying to trick recipients into believing the emails had come from South Korea’s National Counter-Terrorism Centre – which at the time was in the process of conducting anti-terror drills in the region.

In some cases the hackers used a technique in known as steganography which hides malware in text and images.

McAfee echoed recent warnings from University of California researchers to expect more cyber-attacks targeting major sporting events. “With the upcoming Olympics, we expect to see an increase in cyber attacks using Olympics-related themes,” the security firm said.

It comes as Pyongyang prepares to hold official talks with South Korea for the first time in more than two years.

North Korea accepted an offer to attend the meeting on 9 January that will focus on finding a way for its athletes to attend the Games.

Equifax Removes Webpage after Malware Issue

Equifax Removes Webpage after Malware Issue
Equifax has taken down a customer help web page amid concerns over malware linked to the site. The firm said it took down the link for credit report assistance “out of an abundance of caution”. The problem did not compromise its systems or affect the dispute portal, the firm added in a later update.

Equifax is still reeling from discovery of a breach that compromised personal data of more than 145.5 million Americans and about 8,000 Canadians.

Equifax has also said a file containing names and birthdates of 15.2 million people in the UK were accessed. The firm is contacting nearly 700,000 of them, because more serious information was compromised. The new issue involved a webpage that asked visitors to download fraudulent Adobe Flash updates, according to Ars Technica. The problem was first publicly identified by an independent security analyst.

Equifax said it had traced the problem to a third-party vendor it used to track website data and removed that vendor’s code from the site. “Equifax can confirm that its systems were not compromised and that the reported issue did not affect our consumer online dispute portal,” the company said.

News & Sports Websites Vulnerable to Attack

News & Sports Websites Vulnerable to Attack
News and sports websites have some of the lowest levels of security adoption, a study has suggested. A team of cyber-security experts looked at the security protocols used by the top 500 sites in various industries and online sectors. They found that fewer than 10% of news and sports websites used basic security protocols such as HTTPS and TLS.

Even those that do are not always using the “latest or strongest protocols”, one of the study’s authors said.

“As time goes by, all encryption gets weaker because people find ways around it,” Prof Alan Woodward, a cyber-security expert at the University of Surrey, told the BBC. “We tested the University of Surrey’s website using a site called Security Headers a couple of weeks ago and it got an A,” he explained, “but it’s only a C now.”

The research, published in the Journal of Cyber Security Technology, shows that some sectors seem much more security-conscious than others. The websites of computer and technology companies and financial organisations showed a much higher level of adoption than shopping and gaming sites, for example.

“In the financial sector, almost every one of the sites we looked at had encrypted links”, Prof Woodward said, “but even in retail the adoption of the very latest standards is low.”

A quarter of the shopping sites studied were using Transport Layer Security (TLS), which offers tools including digital certificates, remote passwords, and a choice of ciphers to encrypt traffic between a website and its visitors. But among news and sport websites fewer than 8% were found to be using the protocol. Among those that did, many failed to make use of some of the strongest tools available, such as HSTS, which automatically pushes users accessing an unsecured version of a website on to the encrypted version instead.

“It’s like news and sport content providers don’t value the security of their content,” Prof Woodward said. “They’re leaving themselves vulnerable to attacks like cross-site scripting, where an attacker can pretend something’s come from a website when it hasn’t.”

But Prof Woodward warned against putting too much faith in sites that appear to have the most up-to-date and comprehensive security protocols in place.

“People assume that because they’re using TLS they’re having a secure conversation, but there’s no guarantee about who they’re having that secure conversation with,” he explained. “Some of those spoof sites are using more up-to-date security than the genuine sites. You’ve got to click on that padlock and check who it is you’re talking to.”

Theresa May: Online Extremism Must be Tackled

Theresa May: Online Extremism Must be Tackled
Theresa May has urged world leaders to do more to combat online extremism, saying the fight against so-called Islamic State is “moving from the battlefield to the internet”. At the G7 summit in Sicily, the PM said tech companies had to do more to identify and remove extreme material. She also urged more action on tackling foreign fighters who travel to join IS.

Meanwhile, UK police have arrested another man in connection with Monday’s terror attack in Manchester. Twenty-two people were killed and 116 injured when a suicide bomber targeted an Ariana Grande concert in Manchester Arena on Monday evening.

Mrs May warned that fighters returning to their home countries from countries like Iraq and Syria posed a new terrorist threat and urged G7 members to work with “our partners in the region to step up returns and prosecutions of foreign fighters. “This means improving intelligence sharing, evidence gathering and bolstering countries’ police and legal processes,” she said. G7 members needed to be able to share data securely in order to track fighters as they cross borders and make decisions about whether to prosecute them, she said.

The PM also sought common ground on tackling online extremism as she chaired a counter-terrorism session at the summit in Italy, looking at how countries could work together to prevent online plotting of terrorist attacks and to stop the spread of extremist ideology. She also argued that, as IS militants lose ground in the Middle East, the threat was “evolving rather than disappearing” and that the industry had a “social responsibility” to do more to take down harmful content, arguing it had taken some action but had not gone far enough.

She wants an international forum to develop the means of intervening where danger is detected, and for companies to develop tools which automatically identify and remove harmful material based on what it contains and who posted it.

French President Emmanuel Macron vowed France’s total support for Britain’s fight against terrorism as he met Mrs May at the summit. “We will be here to cooperate and do everything we can in order to increase this cooperation at the European level, in order to do more from a bilateral point of view against terrorism,” he told her, in their first formal meeting since he took office.

Security minister Ben Wallace told BBC Radio 4’s Today programme that the use of online communications was “one of the biggest challenges” in the fight against terrorism, with encryption making it “almost impossible for us to actually lift the lid on these people. The scale of it is not just the UK, it is across the whole of Europe, across the world.”

He said the giant American tech companies like Facebook and Google could be doing more. “We are determined to not let these people off the hook with the responsibility they have in broadcasting some horrendous [material], not only manuals about how to make bombs, but also grooming materials,” he said. “We all think they could all do more… we need to have the tools to make them, where we need to, remove material quicker.”

Google said it was committed to creating an international forum designed to tackle extreme content online, to make sure “terrorists do not have a voice online”. “We employ thousands of people and invest hundreds of millions of pounds to fight abuse on our platforms, and will continue investing and adapting to ensure we are part of the solution to addressing these challenges,” it added.

Cyber Attack may have North Korea Link

Cyber Attack may have North Korea Link
The BBC news website is reporting that the WannaCry ransomware cyber-attack may have North Korea link. You may not have heard of the Lazarus Group, but you may be aware of its work. The devastating hack on Sony Pictures in 2014, and another on a Bangladeshi bank in 2016, have both been attributed to the highly sophisticated group.

It is widely believed that the Lazarus Group worked out of China, but on behalf of the North Koreans.

Security experts are now cautiously linking the Lazarus Group to this latest attack after a discovery by Google security researcher Neel Mehta. He found similarities between code found within WannaCry – the software used in the hack – and other tools believed to have been created by the Lazarus Group in the past. To read the complete posting visit this BBC News page.

Nearly Half of Firms had a Cyber Attack or Breach

Nearly Half of Firms had a Cyber Attack or Breach
Nearly half (46%) of British businesses discovered at least one cyber security breach or attack in the past year, a government survey has indicated. That proportion rose to two-thirds among medium and large companies.

Most often, these breaches involved fraudulent emails being sent to staff or security issues relating to viruses, spyware or malware.

The survey was completed by 1,500 UK businesses and included 30 in-depth interviews.

The government said a “sizeable proportion” of the businesses still did not have “basic protections” in place.

While many had enacted rudimentary technical controls, only one-third had a formal policy covering cyber security risks.

Less than a third (29%) had assigned a specific board member to be responsible for cyber security.

FBI Pressured on Cost of iPhone Hack Tool

FBI Pressured on Cost of iPhone Hack Tool
Three news organisations have asked a US judge to force the government to reveal the amount it paid for technology to unlock an iPhone used by the San Bernardino gunman. In the court filings, the organisations said that there was “no adequate justification” for the FBI to continue to withhold the information. They added that they did not seek information that would jeopardise national security. The groups sued the FBI last year.

Associated Press, Vice Media and Gannett, the parent company of USA Today, are seeking to learn more about the circumstances surrounding the event.

The FBI has never named the security firm or group of hackers who helped unlock the phone, which was used by killer Syed Rizwan Farook. The process would have involved finding a way to bypass the passcode on a locked phone. In normal circumstances, if 10 incorrect attempts at the code are made, the device will automatically erase all of its data.

“While it is undisputed that the vendor developed the iPhone access tool, the government has identified no rational reason why knowing the vendor’s identity is linked in any way to the substance of the tool, much less how such knowledge would reveal any information about the tool’s application,” lawyers for the news organisations wrote in the filing to the US District Court in Washington.

“Release of this information goes to the very heart of the Freedom of Information Act’s purpose, allowing the public to assess government activity – here, the decision to pay public funds to an outside entity in possession of a tool that can compromise the digital security of millions of Americans.”

Farook and his wife killed 14 people in the Californian city in December 2015.

In February, a court order demanded that Apple help unlock the phone, something which Apple resisted, saying it was unable to do so. It added that it hoped that the government would share with the company any vulnerabilities of the iPhone that might come to light.

There was speculation that the FBI paid at least $1.3m (£1.05m) to break into the phone, based on calculations following comments by FBI director James Comey who said that the agency had paid more to get into the phone than he “will make in the remaining seven years” in his post. He added that it was worth it, even though no details of what was found have been released.

Internet Security – Getting the Basics Right

Internet Security – Getting the Basics Right
Taking some simple actions and practising safe behaviours will reduce the risk of online threats to your business.

cybersecurity

Download software updates
Download software and app updates as soon as they appear. They contain vital security upgrades that keep your devices and business information safe.
Visit www.cyberstreetwise.com/software-updates for further advice on updates.

Use strong passwords
Use strong passwords made up of at least three random words. Using lower and upper case letters, numbers and symbols will make your passwords even stronger.
Visit www.cyberstreetwise.com/passwords for further advice on passwords.

Delete suspicious emails
Delete suspicious emails as they may contain fraudulent requests for information or links to viruses.
Visit www.cyberstreetwise.com/common-scams for further advice on suspicious emails.

Use anti-virus software
Your computers, tablets and smartphones can easily become infected by small pieces of software known as viruses or malware. Install internet security software like anti-virus on all your devices to help prevent infection.

Visit www.cyberstreetwise.com/security-software for further advice on security software.

Train your staff (& family members)
Make your staff aware of cyber security threats and how to deal with them. The Government offers free online training courses tailored for you and your staff which take around 60 minutes to complete.
Visit www.nationalarchives.gov.uk/sme to find out more and take the course.

For further simple tips on how to protect your business, visit www.cyberstreetwise.com

Students Warned of New ‘Phishing’ Scam

Students Warned of New ‘Phishing’ Scam
New students are being alerted to a scam where fraudsters claim to offer a “educational grant” in a bid to con them into divulging bank details. The personal finance site Money Saving Expert says it is aware of students at major universities being targeted in a new wave of “phishing emails”.

At Queen Mary University London, one student was tricked out of £300. University of Glasgow said it was also aware of the scam and had advised students to ignore the email.  The mother of the QMUL student said her daughter had received the scam email last week. It looked as if it had come from the university’s finance department, complete with the logo, and invited the young woman to claim a government bursary.

An online form asked her for personal and banking details and took her to a bank verification page, which was when she became suspicious. But, MSE says, the student found the fraudsters had already taken £300 from her bank account.

In a statement QMUL said: “We were made aware late last week that a number of QMUL students had received these phishing emails.

“QMUL proactively monitors its systems to prevent and detect breaches, and there is no evidence to suggest any system has been compromised in this instance. A message was sent to all students warning them about the scam and providing them with advice on how they can protect themselves online, including details of our cybersecurity training courses.”

The university said it did not believe the scam had affected many students and said it was confident its own systems had not been breached.

The University of Glasgow said it would never ask for banking information in this way. In an email to all students, the university said it had become aware of a scam email headed: “Educational Grant Information”.

“This is an email message that appears as if it has come from the University of Glasgow’s finance department. It has not,” the university said.

Earlier this year, the police site Action Fraud warned of a similar “phishing” campaign at universities.

The Student Loans Company said students were particularly vulnerable to “phishing” attempts around the main payment dates, in September, January and April. “Phishing emails are sent in batches so there will be more in circulation,” it said.

“We want to remind students to stay vigilant with the details they provide online,” said Paul Mason, the SLC director responsible for combating fraud. He advised students receiving unsolicited emails to be alert to poor spelling and grammar and to demands for a rapid response. They are also advised not to reply and not to click on any links.

Suspected attempts should be reported to phishing@slc.co.uk or to Action Fraud.