Use Wufoo integrations and get your data to your favorite apps.
[email protected]

Category: cyber security

There are 28 posts published under cyber security.
8 Jul, 2014

How to Be Secure With an Insecure Internet

Governments have been spying on their citizens since the dawn of time. From McCarthyism to PRISM, the scale of surveillance throughout history has varied according to the resources it took to dig up information on people.

Back in the 1950s, it cost tens of thousands of dollars to investigate one person, and it might have taken days, weeks, months, or years to find anything. Now, it costs the NSA just 6.5 cents an hour to spy on you.

Of course, the everyday low, low price of surveillance is great for unraveling terrorist plots, but what happens when it costs practically nothing to spy on thousands or millions of people?

These government agencies are going to collect whatever information we put out there, and we’re putting out a lot.

Think about a government or corporate entity having access to your entire Google search history, private emails, instant messages, purchase behavior, or even location data that shows where you’ve been. This is information we readily volunteer when we agree to many “free” services’ terms and conditions, trusting that companies will be responsible stewards of our private data.

The Reality of the Internet

While we’d like to believe that changing our passwords constantly is enough to protect the vast amount of information we supply on a daily basis, data security is a mathematically impossible myth. You have data; that data is private or public, sensitive or immaterial. The more powerful the data, the more you have to think about how to protect it.

Just as governments can potentially investigate anything they deem a threat due to the low (or nonexistent) cost of advanced surveillance, so can “the bad guys.” Large bureaucracies are no longer the only entities that can possess and utilize such powerful and precise resources. There’s a cyber war underway today, and we’re all in a battle to protect our privacy and integrity.

Guarding Your Digital Self 

Ultimately, the responsibility of security on the Internet rests in your hands. You can control how much information you share or supply digitally.

1.     Your Stream

Any time your data is online, you have a personal responsibility to exercise due diligence. You can’t necessarily control what your kids do with tech out in the world, but you can keep them secure by teaching them responsible device usage at home. The more powerful the data you possess, the more you have to think about how to protect it.

Always encrypt your data, and if your data is important or extremely sensitive, think very carefully about where you share that information. This idea applies to your digital integrity and even your family’s personal safety. Consider these factors when deciding how much control you need to have over your child’s Facebook posts or your sharing of family information. Unguarded information can, unfortunately, provide anyone the opportunity to see what your child likes and where he or she hangs out. Be proactive in protecting your data. The costs of not doing so could greatly outweigh the inconvenience. 

2. Governments and Corporations

If you trust data to make decisions — which you do every time you turn on your phone or swipe a credit card — make sure that data has integrity. Pressure the companies you do business with to protect your data, and realize that once it’s out of your hands, you have to trust that company’s encryption and integrity. Make sure you choose those companies wisely.

Again, the safest data that exists is the data that isn’t connected to the Internet. That’s why some of the most sensitive government and corporate environments have air gaps, meaning they literally aren’t connected to the Internet.

Resetting the Internet

If you don’t trust other entities to handle your data, you may be thinking, “Can’t we erase it and start over?”

The simple answer is no. Some have tried to imagine what an Internet 2.0 would look like, but the Internet is just an agreement between individuals on how they communicate with each other. As long as people are generous with their data, there will be those looking to exploit it.

The chaos of the Internet is part of its beauty, and a lack of central authority has been its strength. Not until very recently have we started to allow corporations and governments to control that here in the U.S., and it’s a slippery slope that will continue to push the Internet into a controlled environment until we say enough is enough.

 

Daniel Riedel is the CEO of New Context, a systems architecture firm founded to optimize, secure, and scale enterprises. New Context provides systems automation, cloud orchestration, and data assurance through software solutions and consulting. Daniel has experience in engineering, operations, analytics, and product development. Previously, he founded a variety of ventures that worked with companies such as Disney, AT&T, and the National Science Foundation.

Guest Author
2602
17 Mar, 2014

The Importance of Maintaining Web Security in a World of Hackers

The vast majority of Internet users have shared personal information such as credit card numbers and routing numbers at some point in their online lives. These sales account for a large portion of profits in nearly every industry imaginable, with eMarketer estimating total online sales of $259 billion in 2013. Despite the prominence of e-commerce in today’s society, online shoppers continue to worry about security breaches. This worry is understandable. After all, identity theft is a real problem that can have a devastating impact on consumers’ finances. Thanks to prominent breaches through such corporate leaders as Target, shoppers are beginning to think twice before sharing personal information. As a business maintaining an online presence, it’s in your best interest to ensure that all customer information is kept secure at all times.

 

The Implications of Security Breaches

A security breach can be devastating for your company, particularly if customers or clients have entrusted you with private information, such as their phone numbers, addresses, credit card numbers, or social security numbers. Not only could you be liable for financial damages resulting from this security breach, you may lose the goodwill and trust you’ve worked so hard to build over the years. The poor reputation resulting from a hacked website may result in the loss of your loyal customer base, plus a greater degree of difficulty in attracting new business.

 

Data Breaches Hit In Spite of Internet Upgrades

Hackers excel at their craft. In other words, no organization is truly safe from their reign of terror. Even seemingly tech-forward firms can prove susceptible. In early 2014, a prominent French aerospace firm suffered attacks through Internet Explorer 10, according to Reuters. Although Microsoft executives used this incident as a reminder for users to upgrade to Internet Explorer 11, this alone may not be enough to keep information safe. Computer World reports that researchers easily hacked Internet Explorer 11 at the 2014 “PwntoOwn” contest, as well as updates for Firefox and Chrome. Thus, while regular upgrades remain advisable, they alone do not prove sufficient for warding off Internet attacks. Rather, multifaceted approaches regarding identity theft protection prove most successful in terms of keeping hackers at bay.

 

Preventing Website Security Breaches

Unfortunately, for every security provision you put in place, there exists a hacker capable of breaking through; given a sufficient level of time and effort. However, by engaging in a multifaceted approach to website protection, you can minimize the chances of a severe security breach. If you utilize a shared web host, you’ll want to look into the details of its security provisions. Depending on the nature of your website, a transition to a virtual private server (VPS) may be worth your consideration. CIO.com also recommends using Secure Sockets Layer authentication (SSL) if online checkout is provided through your website. This will encrypt all data shared on your site, not to mention, reassure customers that your online platform is secure.

 

Cherie Nelson
3256
29 Jan, 2014

5 Ways to Protect Your Cloud Storage From Cyber Criminals

Cloud storage is becoming a standard option for more and more people wishing to store their data conveniently and securely, but are we taking that security for granted?

If you make the decision to store your files using a cloud service, you need to bear in mind that all this means is that they are being stored on servers controlled by your service provider. Some cloud service providers may also be using another organization’s cloud services, so you should check the security and availability of a cloud service before deciding whether it is right for you. 

 

This article will take a look at just some of the way you can protect your cloud storage data from possible threats.

 

1. Think about who can access your files

 

Cloud storage services usually allow for three types of privacy settings, allowing you control over who views your files. These settings are:

 

Private – The files are only accessible to you (although the cloud storage provider may still have access to them, depending on the service).

Public – The files are visible to everyone, no restrictions.

Shared – People can only view your files when they are invited to do so.

 

These three settings can be applied to specific files within a folder, or the entire contents of a folder.

 

2. Think carefully about your passwords

 

Just like other online services, access is controlled with a set username and password. Try to use a strong and unique password for every online service you use, especially if you’re using the cloud to store important information and files. It is a common mistake to use the same username and password across a number of different sites, which leaves you vulnerable to hackers. After all, if one website is hacked, attackers could use the same credentials to access your other online accounts.

 
3. Check the terms

 

A decent cloud storage provider will outline clear terms and information about how their services are used, how your personal information is secured, and what they will do with it, if anything. If this information is missing, or the terms seem vague and suspicious, it’s a good idea to shop around and find a service that you are happy with before you sign up.

 

4. What kind of encryption is offered by the cloud storage provider?

 

Some storage providers safely store data in an encrypted form. When you log in with your credentials, they can decrypt your files, allowing you access. This is good for when you want to invite other people to log in and look at your files.

 

You can also use your web browser to encrypt information so that it cannot be read or modified when it is being sent between the cloud storage provider and your computer.

 

5. Can you encrypt the files yourself? 

 

The safest way to use a cloud service to store your files is to encrypt them yourself. By holding the key yourself, no-one else will be able to decrypt your information, but it will make sharing your files a lot tougher. There are various software options available to help you manage your file encryption.

Akash Valand
1022
28 Jan, 2014

Big Data Reality Causes Privacy Concerns

Twice a year, ThoughtWorks publishes the “Technology Radar”—our view on the technology trends that are important in the industry right now, and the trends that will be important in the near future.

 

It’s a unique perspective from ThoughtWorks and our 2,500 consultants around the world, based on first-hand experiences delivering real software for our clients. Third parties cannot pay to have themselves featured on the Radar and the report is entirely independent in which technologies we include and what we say about them. The latest edition of the Radar was published this week.

 

One of the large themes we have been tracking over the past couple of years is around Big Data and Analytics. We think the “big” part of Big Data is over-hyped; most of the time you don’t actually need a massive cluster of machines to process your data. But the sheer variety, or “messiness” of all of this data presents new challenges, and there’s a real opportunity to use Advanced Analytics—statistical modeling, machine learning and so on—to gain new insight into your business and into customer behavior. An important trend we note in the Radar is the accessibility of all of these new Analytics techniques. If you do truly have lots of data you can simply go rent a portion of the cloud to process it, with SaaS offerings from Amazon, Google, Rackspace and others. If you want to analyze your data you can do it with point-and-click tools or open-source offerings such as the amazing D3.js JavaScript library.[1] Open-source is a huge democratizing factor here—you no longer need to pay for an expensive “big iron” solution for data processing and analysis.

 

We’re excited about the increased awareness around data because software systems can use data and analytics to provide significantly better end-user experiences, as well as delivering increased value to businesses. As has already happened with unit-testing, we expect it to become every developer’s job to understand the importance of data and what can be done with it. That’s not to say every developer needs a statistics degree or a PhD, but we’re expecting data engineering and analysis to become a bread-and-butter part of a developer’s job rather than some weird thing “those data science people” do in a corner.

 

While there’s much to be gained from better retention, analysis and understanding of data, it comes with a darker side. Companies employing advanced analytics have quickly realized that they need to avoid being too accurate with their insights or people feel unnerved, even violated. One way to avoid spooking people is to deliberately include less-relevant offerings and advertisements to a customer, so they don’t feel targeted. The strategy is to get right up to the “spookiness” line but not to cross it.

 

As we’ve seen over the past few months, any digital trail can potentially be considered an indelible record. Responsible organizations need to look at these revelations, as well as the weekly news of private-sector security breaches, and consider their response. In Europe, many companies are adopting a strategy of Datensparsamkeit[2], a term that roughly translates as “data austerity” or “data parsimony.” The method originates in Germany where data privacy laws are significantly stricter than in the US. Rather than taking an approach of storing and logging every possible scrap of information about a customer and their interactions, Datensparsamkeit advocates only storing the data you absolutely need in order to provide your service to that customer. This way their privacy is maintained even in the unfortunate event of a data breach.

 

Society is increasingly driven by technology, and changing at an ever increasing pace. As technologists it’s our responsibility not just to consider what we can do with our new tools, but whether it’s the right thing to do. Ethics are not the sole purview of philosophers, lawyers and politicians: we must all do our part.

 

Mike Mason
342
4 Dec, 2013

The Best Security Defense is a Good Open Source Offense

The hackers who compromised Adobe’s network knew, when they hacked into the system, that the most valuable prize would be the one that was the most secretive – their source code.

 

Exploiting secrets is the name of the game for the hacking community, but now, the new hot secret to steal is beyond personal data, it’s the code that makes things tick.

 

In the past, companies viewed source code as their best defense. Develop a code, hold it tight to the vest, and your system would be as secure as a maximum-security prison, or so they thought. Today, many of the same organizations, which thought keeping their code closed was a best practice in security, are finding themselves in hot water and re-evaluating their security policies.

 

What’s the solution? It’s quite simple. The best security defense is a good open source offense. Instead of holding your code so close, open it up and share it with the community. Although it may seem counter-intuitive to share more, if there’s no secret, there’s nothing to steal.

 

Greater scrutiny

 

Oftentimes, rather than thinking of open source as an offensive strategy to protect against security breaches, people believe that sharing code makes you more vulnerable to security threats. The truth is that open source code goes through much more vigorous scrutiny and is, therefore, less likely to have security holes. Not only are you one step ahead of the hackers by sharing your past secrets, but you have an entire community of developers helping you to make sure that bugs are flagged and fixed faster, assuring that the code does not become vulnerable to any future attacks.

 

Quicker evolution of code

 

Open source is inherently dynamic – constantly evolving with faster releases compared to proprietary code. And, with the software quickly changing, hackers have less time to infiltrate the code. Since the hacker community is constantly looking for new ways to attack companies and software, it is important that security holes get identified quickly.  When code is open source, everyone from end-users to community developers is able to identify issues and fix them quickly. Hackers might be fast, but when there is a community evaluating code, organizations have the opportunity to be much faster.

 

Transparent solutions

 

Companies often use proprietary software from third-party vendors. As a result, they do not have a clear and transparent view of how their software works while using the code. Proprietary vendors hold on to their “secrets” and, if there is a security issue, customers are unable to get a full picture of the problem. Organizations can find themselves in a situation where they know they have a breach, but are unable to identify the source. In the meantime, their customers are waiting for them to resolve the problem. If they had chosen an open source software solution instead, they would have a much easier time identifying and understanding the issue. Open source provides a complete picture of the software and how it is integrated with the overall product, providing a tremendous advantage when answering the big question – “what went wrong?”

 

The more inter-dependencies, the bigger the issue

 

Software has several interdependencies and if one portion is hacked, it’s very likely that other parts of the product will also be affected. Open source operating systems (OS), like Linux, are modeled on UNIX – a modular OS. These systems are not only transparent to users and administrators, but also have fewer interdependencies in comparison to proprietary systems. When there is an issue with one part, it’s easier to work on fixing it without having to worry about its impact on other components. And of course, if one part is hacked, it doesn’t mean that the entire system has been compromised.

 

As we all know in the security world, hackers are always thinking of new ways to attack our systems, and open source is not going to solve all security challenges, but going on the offensive is the first step in taking back control. The characteristics of open source, such as constant evolution, quicker fixes and lesser interdependencies, can be a huge advantage when facing hackers. Evaluating security policies to understand the “secrets” in an organization’s IT vault and how they are impacting the organization is critical in assuring that the next breach is merely an inconvenience rather than a catastrophe.

 

Security cannot be taken for granted and requires constant vigilance. There are no easy fixes and substitutes for being aware of ones environment and vigilant for threats and attacks. Using open source software is one tool in an entire arsenal of protective strategy that is needed to ensure security in the modern enterprise.

Allan Foster
295
18 Nov, 2013

Server Configuration Can Protect against Fast-Growing CHARGEN Attacks

Hundreds of thousands of Internet servers sit at risk of being used in a fast-growing technique to reflect and amplify distributed denial of service (DDoS) attacks, despite the fact that a simple server configuration change could eliminate the DDoS threat.

 

Incidences of DDoS attacks using the character generator CHARGEN protocol rose sharply in the third quarter of 2013, according to data reported in the Q3 2013 Global Attack Report from the Prolexic Security Engineering and Response Team (PLXsert).

 

Attacks using the CHARGEN protocol, which was noted as vulnerable to these types of attacks as early as 1999, were the fastest-growing type of DDoS attack in Q3 2013, with attackers using vulnerable servers around the world to reflect and amplify data onslaughts at target servers.

 

The CHARGEN protocol was initially created to enable testing and measurement of servers. Today, it is obsolete, and it should be disabled. Many legacy servers have it turned on by default.

 

Despite its age, the re-emergence of CHARGEN attacks within the underground DDoS-as-a-Service marketplace suggests the abuse of this internet protocol retains value to malicious actors engaging in distributed reflected denial of service (DrDoS) attacks.

 

In Q3, Prolexic observed CHARGEN DrDoS attacks against its customers in the gambling and entertainment industries. Prolexic’s experts mitigated these attacks before they affected the availability of the customers’ servers. A subsequent analysis found similar CHARGEN attack patterns in each case.

 

In the gambling industry attack, most of the reflected traffic originated from Asia, and particularly China. The attack lasted 1.5 hours and reached a peak rate of 2 Gbps.

 

In the entertainment industry incident, although much of the traffic originated in China CHARGEN servers from all continents except Antarctica were engaged in the attack, which lasted a half-hour and reached a peak rate of 2 Gbps.

 

Because vulnerable servers used to reflect CHARGEN data may respond with as much as 17 times more data than they receive, attackers find the approach  attractive. An attack launched with just one or two servers can overwhelm a standard 1GB virtual private server in a matter of seconds. In addition, the use of the UDP CHARGEN enables spoofing of IP addresses, which provides pseudo-anonymity for attackers.

 

Meanwhile, hundreds of thousands of CHARGEN servers lie susceptible to use as attack vectors, a situation that can be readily addressed with a simple change to the server configuration. Of 1,000 attack events involving CHARGEN analyzed by PLXsert, more than 99 percent were found to have taken advantage of Windows servers – from Windows NT to Windows 2008 R2.

 

Step-by-step instructions explain how to disable CHARGEN on a Windows server in a case study on new DDoS techniques, including CHARGEN attacks, available in the Q3 2013 Global Attack Report from Prolexic.

 

More information is available in the Q3 2013 Global Attack Report.

Michael Donner
363
14 Nov, 2013

DDoS Attackers New Tactics Amplify Attack Sizes and Hide Identities

Distributed denial of service (DDoS) perpetrators changed tactics in Q3 2013 to boost denial of service attack sizes and hide their identities. By employing a type of DDoS attack called a reflection attack, which leverages the capabilities of vulnerable servers, malicious actors launched high-bandwidth attacks with fewer resources with the intent to cause outages at their intended targets.

 

As reported in Prolexic’s Q3 2013 Global Attack Report, the reflection attack method grew in popularity among malicious actors by 265% year-over-year compared to Q3 2012 and by 70% in just the past quarter. Attackers are flocking to these distributed reflection denial of service (DrDoS) attacks, because this type of attack method provides them with significant benefits.

 

One benefit of DrDoS attacks for the malicious actor is the obscuring of the source of the attack (anonymity). By going through a victim server, the original attacker’s identity is hidden. Instead, it looks like the victim servers initiated the attack against the target.

 

The other benefit of DrDoS attacks for malicious actors is the ability to use the bandwidth of intermediary victim servers to make the attack more powerful. Because the amplification factor is so large – for one type of protocol attack the amplification factor is 17 – less outbound bot traffic is needed and the botnet can be much smaller.

 

In DrDos attacks there are always two or more victims: the malicious actor’s intended target and the intermediary servers. The intermediary victims usually participate unknowingly. They aren’t infected with malicious code. Instead, they may have a server feature turned on that DrDoS attackers have learned to exploit opportunistically – typically a common network protocol such as DNS or CHARGEN.

 

In Q3 there was a big jump in UDP attacks and a corresponding drop in SYN attacks. The increase in UDP attacks is part of this reflection attack trend.

 

Other DDoS trends identified in Q3 was related to the number of attacks. We found that the total number of DDoS attacks launched against our clients in Q3 2013 remained high and represented the highest total ever for one quarter. Usually Q3 is a relatively quiet month, but the DDoS attack trend showed a consistently heightened level of DDoS activity around the world over the last six months.

 

Since Q3 2013, we have seen a 58 percent increase in total DDOS attacks, 101 percent increase in application layer (Layer 7) attacks, 48 percent increase in infrastructure (Layer 3 & 4) attacks and 12.3 percent increase in the average attack duration.

 

Prolexic’s Q3 2013 Global DDoS Attack Report is available as a free PDF download. It includes a detailed analysis of the DDoS trend toward DrDoS reflection attacks. The analysis examines DrDoS attack methods, tools and services – specifically CHARGEN attacks being integrated into the DDoS threatscape – and provides steps for remediating CHARGEN attacks.

Michael Donner
611
4 Oct, 2013

Top Startup and Tech News Today: 7 Things You Missed Today

1. Twitter Dishes Tantalizing Tidbits In IPO Treatise

 

On Thursday, Twitter released an 800-page filing that talked about its attempt to make money, its growth, and its intention to its IPO. The suspense surrounding Twitter’s decision to its IPO is heightened by Twitter’s keeping their IPO documents secret until management is ready to appeal to investors. Twitter’s lack of secrecy means that the company may start pitching to investors as early as Oct 24th. Twitter’s report referenced some key components about Twitter. The report relayed facts, such as how, when Twitter was first opened, management focused on attracting more users and making the service more reliable; Twitter didn’t even try to make money during its first couple of years. But, the company isn’t incredibly profitable; Twitter’s losses hit $69 million the first half of this year. Twitter is, however, getting more mobile than Facebook, and its market value could be as high as $20 billion.

 

2. iPhone 5C Price Slashed To $50 At Best Buy After Just 2 Weeks

 

Best Buy has slashed the price of the iPhone 5C in half after just two weeks. From now until October 7th, Best Buy will give iPhone 5C buyers a $50 gift card with the phone. Best Buy has offered similar deals for iPhones in the past, but this is the first time a deal has been offered for a brand-new iPhone that was only so recently launched. Analysts generally agree that Apple’s lower-costing iPhone 5C was not priced aggressively enough to appeal to consumers in emerging markets. Best Buy’s slashing of the prices in order to sell units supports this idea; we will have to wait and see if other American retailers decide to follow Best Buy’s lead.

 

3. Samsung Reports Record-High Profit for 3Q

 

Profit at Samsung hit a record-high in the 3rd quarter. This is most likely driven by large sales of Samsung’s cheaper smartphones in developing countries. Samsung said that their third-quarter operating income rose 25% over the past year to $9.4 billion. This result was slightly better than the market prediction of $9.3 billion. Third quarter sales were $55 billion. No other details of Samsung’s financial performance were disclosed.

 

There had been expectations last month of slowing growth in sales of smartphones, and while Galaxy S4 sales did plunge during the three-month period, Samsung sold more smartphones than the previous due to the sales of its cheaper smartphones.

 

4. Hackers Steal Data From 2.9 million Adobe Customers

 

Adobe Systems warns that hackers stole the credit card numbers and other information from 2.9 million of Adobe’s customers. The information stolen was believed to have included customer names, credit or debit card numbers, expiration dates, and order information. “Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving illegal access of customer information as well as source code for numerous Adobe products,” said Adobe chief security officer Brad Arkin. “Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems… We deeply regret that this incident occurred… We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.”

 

5. Apple Buys Cue

 

Apple has acquired Cue, a personal assistant startup app. Apple doled out around $50-$60 million for this acquisition. Cue provides mobile apps for iOS that collects relevant information from users’ email, social, and professional networking platforms (Facebook, Twitter, Linkedin, etc.) It then displays all this on the mobile screen occasionally, letting users get all the information they want from a single app. This acquisition will help Apple integrate social networking capabilities into its operating system. Google Now has similar capabilities; it is a large possibility that Apple acquired Cue in order to play catch-up with Google Now.

 

6. Google Backs Sydney Student Startups

 

INCUBATE, an award winning startup accelerator program, has launched 16 ventures from students at Sydney University. INCUBATE has found a backer in Google and is now set to expand this entrepreneurial program to universities across Australia. “With Google’s help, we want to take the accelerator program to other campuses to create Australia’s first national network of global-thinking entrepreneurs at universities,” said program manager James Alexander said.

 

Through INCUBATE, startups receive $5,000 seed funding, a co-working space on campus, office resources, internet, printing, and mentoring from some of Australia’s most experienced business minds and industry experts. INCUBATE was co-founded in 2012 by two students and developed by the University of Sydney Student Union.

 

7. Google Acquires Gesture Recognition Startup Flutter

 

Google has acquired the gesture recognition startup, Flutter. Neither companies have disclosed the financial terms and other details of this acquisition. However, it is speculated that Flutter has been acquired for roughly $40 million. Flutter was created three years ago by Navneet Dalal and Mehul Nariyawala, and is based in India. They develop gesture recognition technology that can be used to control apps such as Youtube, Pandora, and Netflix through the webcam. CEO Navneet Dalal of Flutter was quoted as saying, “Today, we are thrilled to announce that we will be continuing our research at Google. We share Google’s passion for 10x thinking, and we’re excited to add their rocket fuel to our journey.”

Jessie Yen
230
1 Oct, 2013

Cyber Mercenary 'Icefog' Attacks South Korean and Japanese Supply Chains

An advanced persistent threat (APT), named Icefog, has been detected; mostly targeting South Korean and Japanese supply chains, including: government institutions, military contractors, maritime and ship-building group, telecom operators, satellite operators, industrial and high technology companies and mass media.

 

Icefog, tracked by Kaspersky since 2011, was recently discovered in June 2013 following an attack sample which was retrieved from Fuji TV. Upon analysis, different variants were identified — 6 to be exact. It was also found that these attacks were essentially a newer form of an original attack on the Japanese Parliament in 2011.

 

Icefog follows an ongoing trend, consisting of a relatively small group of attackers that perform hit-and-run tasks with a focus on supply chain. The attack is done, initially, through spear-phishing emails — the victims get an email with an attachment or link to malicious sites with downloadable files. When the files are downloaded, a backdoor is dropped into the system, giving Icefog access to the machine. Then specific, sensitive information is extracted with surgical precision. Special to Icefog’s method of attack, once information has been acquired, the group moves on to another machine in sharp contrast to the usual, long-time infection that other APTs maintain.

 

So, who, in general, is susceptible to Icefog’s attack? Their attacks are done through the use of custom-made cyber espionage tools that act on Microsoft Windows and Apple Mac OSX, leaving Linux computers immune to hacking attempts. An Android variant is suspected to exist, but has not yet been found.

 

Considering some of the major tensions in East Asia, Icefog’s attack pattern begs the question “are these attacks sponsored by a state?” Usually, a state is inferred and determined based on the motivations of the campaign, which tends to last a long time. Because of the hit-and-run method of attack by Icefog, it’s hard to determine an overarching theme beyond supply chain and, thus, makes it difficult to pinpoint anyone. Though, it should be mentioned that, based on the IP addresses used to monitor and control the infrastructure, the ones that could be responsible for Icefog could be deduced to: China, South Korea, or Japan.

 

Fortunately, Kaspersky found a few command-and-control servers and sinkholed some of them — preventing access to hundreds of users. Additionally, Kaspersky is able to identify and neutralize all variants of Icefog. Despite the work being done towards these APTs, Kaspersky says that “In the future, [they] predict the number of small, focused APT-to-hire groups to grow, specializing in hit-and-run operations, a kind of ‘cyber mercenaries’ of the modern world.”

Dat Mai
277
23 Sep, 2013

Top Startup and Tech News Today-7 Things You Missed Today

1. LinkedIn Sued by Users Who Say It Hacked Email Accounts, Stole Contact Lists

LinkedIn users claim that LinkedIn accessed their email so the company could mine out a list of contacts and then send spam-like emails. The suit claims that “Linkedln is able to download these addresses without requesting the password for the external email accounts or obtaining users’ consent.” The complaint argues accessing “the users’ email accounts and downloading of all email addresses associated with that users’ account is done without clearly notifying the user or obtaining his or her consent” and is essentially hacking.

 

The suit doesn’t make clear how LinkedIn is hacking these email accounts – there are no specifics, except for the accusation that LinkedIn is hacking the email accounts. LinkedIn is denying the accusations, and put out a statement, saying that. “LinkedIn is committed to putting out members first, which includes being transparent about how we protect and utilize our members’ data… We believe that the legal claims in this lawsuit are without merit, and we intend to fight it vigorously.”

2. BlackBerry Returns to Corporate Roots to Save It From Oblivion

BlackBerry is cutting its workforce and product line in order to refocus on the demographic that first brought them success: corporate customers. BlackBerry announced last week that they were cutting 4,500 jobs and taking a writedown of up to $960 million for unsold phones. BlackBerry’s Z10 phone, which was supposed to make BlackBerry relevant and a smartphone leader again, was released to mediocre reviews. BlackBerry’s attempts to find an acquirer have been fruitless so far.

 

BlackBerry’s shares have fallen 17% to $8.73 since September 20th. The stock has fallen 94% since its 2008 high. BlackBerry, which was credited with inventing the first smartphone more than a decade ago, has not managed to keep pace with Apple and Samsung. The company continues to produce news models and products of smartphones, however, none have managed to become a hit with the consumer audience so far.

3. New Surface expected from Microsoft at NYC event

Microsoft is expected to announce new Surface tablet computers in New York on Monday. One version of the Surface tablet is expected to have a smaller screen to compete with Apple’s iPad Mini. The new Surface tablets are expected to be lighter and thinner, thanks to a new processing chip that uses less energy and doesn’t require a fan.

 

Microsoft released Surface tablets last October but sales have generally been slow. During the April-June period, they accounted a $900 million charge in expected losses for the Surface RT after they slashes prices. Microsoft is trying hard to join the personal tablet trend, although they are still not the leaders of the industry.

4. German group claims to have hacked Apple iPhone fingerprint scanner

A group of German hackers have claimed to have hacked the iPhone fingerprint scanner, just two days after Apple launched the new technology. Two prominent iPhone security experts validated the claim made by the German hacker group, the Chaos Computing Club. Apple representatives did not comment.

 

The Chaos Computing Club, one of the larger and more respected hacker groups, posted a video on their website showing somebody accessing an iPhone 5S with a fake fingerprint. The website then continued to describe hoe members of their biometric teams had been able to crack the fingerprint scanner. “Fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints,” Starburg, another hacker, said on CCC’s site.

5. Tests: New iPhones Less Durable Than iPhone 5

SquareTrade, which provides protection plan for gadgets, tested Apple’s iPhones to see if they could withstand drops, dunks, and other common smartphone injuries. It found that the latest models of iPhones were not as durable as last year’s iPhone 5.  However, the biggest disappointment was Samsung’s Galaxy S4, says SquareTrade, which stopped working after being submerged in water and being dropped a height of five feet. The phone that withstood these challenges the best was Googles Moto X.

 

“We were expecting that at least one of the new iPhone models would up its game, but surprisingly, it was the Moto X that proved most forgiving of accidents,” said chief marketing officer of SquareTrade, Ty Shay. Generally, with every iPhone the upgrade, the phone becomes more durable and stronger; it seems as though this time, it is not the case.

SquareTrade reviewed each device based on eight factors, including the material, the phone’s size, it’s weight, the phone’s ability to withstand drops of five feet, and the phone’s ability to stand being dunked in water for 10 seconds.

 

Officials from Samsung, Google, and Apple have not responded.

6. Nokia racks up the retweets by poking fun at Apple’s iPhone 5C

A tweet posted to Nokia’s Twitter account said “thanks, Apple” and was juxtaposed with images of the rainbow-hued Nokia Lumia product line, along with the text “imitation is the best form of flattery.” The photo has received over 38,000 retweets and is one of the most successful branded tweets ever. Business Insider reports that Twitter has confirmed that this tweet is in the “top echelon” of marketing tweets throughout all the site’s history.

 

Although Nokia didn’t invent multi-colored electronics, and Apple’s been pushing colored iPods for year, the Lumia did bring back color to the cell market in a noticeable way. And besides, it’s a war between brands on Twitter – generally, anything goes in these situations.

7. Sprint confirms ‘One Up’ early phone upgrade program

On Friday, Sprint confirmed their early-upgrade program, “One Up,” that will let customers pay in monthly installments and change their phones annually. Spring is the last of the four major carriers to offer such a program. Under the plan, subscribers could get an unlimited talk, text, and data plan for as low as $65 a month. New or existing customers who have owned their phone for at least a year are eligible. Customers who are eligible don’t have to trade in their phone during the sign up process if they don’t want to.

Jessie Yen
211