What if all your private documents are shared across the Internet? What if all your savings are robbed out of your net bank account? What if your mail account has been spammed, or even worse, if your company’s sensitive data has been hacked?
Statistics says India is among the top three countries targeted for phishing attacks. Globally, it is estimated that there are three crore victims of identity theft annually, with losses of nearly Rs.10,00,000 crore to companies.
Has anyone you know ever lost control of a net banking or email or social network account and inadvertently sent spam or worse? Your bank account, money, your photos, your private documents as a whole your identity — if you reuse the same password on multiple sites and one of those sites gets hacked, or your password is conned out of you directly through a phishing scam, it can be used to access some of your most closely held information.
India is one of the countries where the growth of identity fraud is said to be the fastest (at more than 100 per cent). Various banks, enterprises, and government organisations like the Income Tax Department have been targets of multiple phishing attacks over the past two years.
Recently, the government said in a note that 386 phishing incidents were reported to the Indian Computer Emergency Response Team (CERT-In) between January and October in 2011.
Read more…
From compromised machines to mass email lists for spamming, electronically-transferring funds out of bank accounts to phishing attacks—India’s 100 million internet users have become prime targets for hackers across the globe.
A report, titled “Global Risks for 2012”, shows cyber attacks on governments and businesses are considered to be one of the top five risks in the world. Be it cybercrime, cyber-espionage or cyberwarfare — they are on a steady rise. The reason: highly lucrative payout hackers get from stealing data. “There are high profit margins and low-detection rate by law enforcement agencies. Further, half of the data thefts (on both individual PCs and enterprise PCs) are executed from remote or stolen server locations, which only makes prosecution difficult,” points an ethical hacker employed with a large Indian IT outsourcing company.
E-mails, personal data and financial data are the most sought after “goods” in the black market, says Pankaj Jain, director, ESET India. “The e-fraud business that has been traditionally flourishing in India is credit card cloning. The cloning itself is mostly performed by Nigerians living in India, though the card data they get are usually from Russian and former Soviet Union hackers on underground forums,” he says.
The fast-maturing cyber crime economy
Even as enterprises and individuals struggle with internet threats, the underground cybercrime economy has moved on to organised entrepreneurship. An ethical hacker from New Delhi, who regularly accesses the digital black market where cybercriminals advertise and trade stolen information and services, shared how the advertisements are done. “Search, compare, and if you find a better offer we will return your money…,” reads an ad selling user data in black market journals. With the economic crisis looming large, such claims and ads are on the rise.
“Today, the main concern for the data sellers is to generate trust among their clients,” the ethical hacker tells Business Standard. He added that data sellers have started offering free “trial” access to stolen bank or credit card details as well as money-back guarantees and free exchanges. “Since there is a great deal of competition in the cyber black market, the rule of supply and demand ensures that prices are competitive, with operators even offering bulk discounts to high-volume buyers,” says a security consultant at a leading pharmaceutical R&D unit in Bangalore.
Read more…
New documentary We Are Legion puts an actual human face on Anonymous, the hacktivist group whose members usually are seen wearing Guy Fawkes masks — if they are seen at all.
Considering Anonymous’ retaliatory acts against websites run by the Department of Justice and the entertainment industry just last week in response to the government takedown of file-sharing site Megaupload, We Are Legion: The Story of the Hacktivists could almost be mistaken for a 93-minute news segment.
But unlike most news segments about the group, the documentary contains genuine moments with actual Anons (some maintain their anonymity in the doc, but others don’t).
“The last two or three days we’ve seen a lot of what Anonymous does,” We Are Legion director Brian Knappenberger said in an interview with Wired.com here Saturday, the morning after the documentary’s premiere at the Slamdance Film Festival. “You know, there was a film about the Weather Underground that came out a few years ago, and that was made 30 years after they were blowing up buildings, and I love that film. But picture making a film like that while they were still blowing up buildings — that’s what I’m talking about.”
We Are Legion might be the first to portray the group’s members as true revolutionaries, and it could serve as a time capsule if the kind of online sit-ins and retaliatory strikes that Anonymous has helped create become the new model for civil disobedience across the globe.
Read more…
The next time you use your iPhone or Samsung Galaxy tablet, think about this: The person sitting next to you could be stealing the information you type into your email, Facebook or bank account.
Most of us realize digital thieves can infiltrate our computers. But their latest targets are popular smartphones and tablets that they can access using wireless tricks and malicious software.
That’s why I avoid strange links on texts and email from strangers even on my smart phone.
The methods for breaking into a phone or tablet remotely are the same as breaking into your home computer,” said Mark Wuergler, expert hacker and senior security researcher for Immunity, Inc., a South Florida cyber security firm. “Your iPad, iPhone and Android devices all have operating systems on them that can be exploited.”
Exploited can mean many things, from using malicious software to steal passwords, credit card information and your birth date, to highjacking digital footprints of someone happily using free WiFi in a Boca Raton or Hollywood coffee shop.
Read more…
Cybercrime is on the rise, up 10% from 2009. In fact, PriceWaterhouseCoopers found that nearly half of all businesses had been a victim of fraud in the past year. For small businesses, these attacks can be especially harmful to your bottom line, putting your clients’ personal data at risk and threatening to take systems down for days at a time. Below are a few ways cybercrime can affect your business in 2012:
Website compromising.
Website hacking is dangerous because it can influence the way your clients see you. When PBS’s website was compromised in 2011, hackers not only posted a fake news story about deceased rapper Tupac Shakur, they released usernames and passwords for PBS affiliates. SonyPictures.com also suffered an attack last summer in which usernames and passwords were leaked. In both cases, outdated software and security measures were blamed, but it was also noted that many of the passwords being used were surprisingly simple. Small businesses should set strict password standards, enforced server-wide. As recommended by Microsoft, passwords should be at least six characters long and contain a combination of letters, numbers, and special characters.
Keylogging.
Imagine someone having a printout of everything you type, every time you log in to your computer. That’s what keylogging does and it’s one of the ways hackers can gain entry into your system. This is an especially dangerous hack, since it can allow outside entities to gain access to your customers’ credit card data, bank account info, and social security numbers, in addition to the passwords to your business’s databases and in-house software. Keylogging software can either be installed through a virus or directly installed by someone gaining inside access to your computer systems. It is important that small businesses keep all virus definitions up to date and make sure software applications like Java and Adobe Flash are consistently up to date on every PC and laptop in your organization. Having outdated versions of these applications can leave you open to vulnerabilities.
Read more…
With attacks on data and IT infrastructure on the rise — along with the costs and potential business impact of attacks — security professionals are starting to express a sense of futility in their work.
This is especially so following the past couple of years, which have included high-profile and successful attacks on companies that would be expected to have the wherewithal to protect their infrastructure, including RSA Security, Google, NASDAQ Directors Desk, Symantec, and many others.
“There’s a sense that no matter what you do, what steps are taken, if someone wants to hack your systems, your data, they can,” says the security analyst at a midwest manufacturer. “It’s becoming insanely frustrating.”
The U.S. — in what some have argued is a move that both shows the importance of the IT infrastructure and the futility of traditional electronic defenses — last year stated that the government would use military force in retaliation against certain cyber attacks.
“Frustration in the industry has certainly been growing, so much that more on the defensive side have been wondering what could be done to more proactively combat attackers,” the analyst says.
Read more…
In 2012, Ernst & Young’s Simon Placks will be writing for I4S on a monthly basis as we focus anew on the topic of IT security and threats in the digital arena. Here, Simon sets the scene.
In the UK, I often think that if you stand somewhere long enough you will eventually become part of a queue. Try it the next time you’re in a shopping centre. People, it would seem, believe that if you’re standing still when everybody else is running around then there simply must be a pretty good reason for it.
Standing still and not ‘moving with the times’ is generally discouraged in the security world. In the field of computer forensics, practitioners are in a continuous technological ‘arms race’ with wrongdoers while software and devices are constantly changing.
There’s a need to be able to find evidence on whatever technology is out there – including the latest gadgets, satellite navigation tools, tablets or cloud services.
Yet, at the same time, it can be surprising how hesitant practitioners feel as the discipline evolves. In the world of proof and evidence, tried-and-tested technologies and procedures are hard-earned and valued. Despite this discomfort, we’re now seeing the emergence of ‘a new forensics’: a discipline that’s reinventing itself year-by-year, but that remains rooted in stable scientific principles.
Read more…
The year 2011 was one of the landmark years for high-profile cyber attacks. As the trend is said to continue in 2012 with more sophisticated and targeted attacks, security is a major concern for the IT users of all the segments from Home Users to SMB to Enterprise.
The year 2012 will build the foundation for India’s future IT-related crimes. Hactivism will gain momentum. Anonymous, which is mostly active in European Countries and the US, will be seen making active inroads into Asian Countries, especially in India in 2012. India will see a sharp rise in both money mules related activities and credit card-related crimes. As the list of petty criminals is huge in India, the activities of money mules will be outsourced to the country.
The number of data thefts has tripled in the past five years and the graph tends to rise with every passing year. Right from the Government, corporate, data centres and small to medium-sized companies, all have been targeted. With the introduction of IT consumerization, issues such as managing and supporting consumer devices and securing data from criminals, malware and other threats have emerged. Mobility in enterprise sector brings new challenges for managing data, as well as the wide range of devices in the network.
Social engineering attacks pose great risk to large amounts of valuable data that SMBs hold due to lack of data security budgets. Hence, the need to look beyond the basics of policy and procedure development to more advanced technologies such as network monitoring, data leakage prevention, and log file analysis arises. Social engineering tactics on social media that drive its users to disclose sensitive information and download malware are skyrocketing with its increasing popularity, especially amongst the SOHO users.
Read more…
The end of the Cold War combined with the advent of the Internet gave rise to an unprecedented wave of electronic espionage and crime. Michel Juneau-Katsuya witnessed first-hand the rise of cyber crime as a senior manager with the Canadian Security Intelligence Service (CSIS) at the time. In 2000, Mr. Juneau-Katsuya left public service to become founding chief executive of security consulting firm Northgate Group. He recently spoke with Financial Post technology reporter Jameson Berkow about the growing digital threat and how companies should respond. The following is an edited transcription of their conversation.
Q Was there any one event or experience that made you want to quit CSIS and strike out on your own?
A Back in the mid-1990s, I was the chief of the Asia-Pacific region for CSIS, so all operations from North Korea to Afghanistan were under my authority and I would see all the files passing by. At that period I saw a phenomenal amount of spy activities constantly increasing from 1995 and the early days after the collapse of the Soviet Union. I saw next to nothing was being done to try and warn the public and companies so I decided to get out and try to fill that vacuum. Nobody was talking to the private sector or helping it defend itself.
Q How can you quantify the digital threat Canada’s economy is facing?
A Easily. We have confirmed through studies that Canada, among the rest of the G8, is probably the country that is most spied on currently. We lose between $50-billion and $100-billion in Canada every year to economic espionage.
Read more…
Hackers thought to have stolen source code from the Symantec’s extended network have threatened to release the source code for Norton Antivirus tomorrow, but the company says such a release poses no threat.
The hackers, who call themselves “Yama Tough” and employ the “Anonymous” mask in its Twitter avatar, said in a tweet Saturday it would release the 1.7GB source code on Tuesday, along with the message “the rest will follow…”
Several reports surfaced earlier this month that hackers had managed to access the source code for certain Symantec products. Symantec identified the products as Symantec Endpoint Protection (SEP) 11.0 and Symantec Antivirus 10.2 but said the attack did not affect any current Norton consumer products.
The hackers said they found the code after breaking into servers run by Indian military intelligence. The code was apparently left on there by mistake after Indian authorities inspected the sourced code to ensure it was secure, which is where the hackers found the code.
The group said in a Pastebin post that it had the “source codes of dozens of companies” and contained documentation describing the API procedures for Symantec’s virus definition generation service. The group’s post on the Pastebin site has since been removed, though a Google cached version still exists.
Read more…
The majority of data breaches stem from hack attacks, followed by data that’s lost while physically in transit. That’s according to a forthcoming study from the Identity Theft Resource Center (ITRC), which assessed all known information relating to the 419 breaches that were publicly disclosed in the United States in 2011. A copy of the report was provided to InformationWeek in advance of its release.
Last year, data breaches triggered by hacking–defined by the ITRC as “a targeted intrusion into a data network,” including card-skimming attacks–were at an all-time high, and responsible for 26% of all known data breach incidents. The next leading cause of breaches was data on the move (18%)–meaning electronic storage devices, laptops, or paper reports that were lost in transit–followed by insider theft (13%).
Overall, malicious attacks–counting not just hack attacks but also insider attacks–accounted for 40% of publicly disclosed breaches, while 20% of breaches were the result of accidental data exposure.
All told, the ITRC counted 22.9 million records as being exposed in 2011, of which 81% included social security numbers. Of all known breaches, 62% involved the exposure of social security numbers and 27% involved credit or debit card data.
Online attacks aren’t the only data breach threat vector. Notably, 16% of known breaches in 2011 involved paper-based breaches, although only 1.4% of the total quantity of breached records were paper-based. Paper-based breach refers to paper reports or printouts that get lost or stolen. But the ITRC said that one challenge with counting such breaches is that they typically don’t get noticed until they’re spotted by outsiders and reported to local media. Furthermore, many states’ data breach notification laws don’t require companies to report paper-based breaches.
Read more…
Hackers in China have found a way to infiltrate supposedly secure smart cards used by U.S. government employees, according to security company AlienVault.
The security firm said it has seen dozens of such attacks, which tap into a unique variant of a nasty bit of malware known as Sykipot.
The hackers appear intent on stealing data from the Department of Defense and other related agencies. The malware is capable of capturing the PIN numbers used by government smart cards, thereby allowing access to supposedly secure information.
“Like we have shown with previous Sykipot attacks, the attackers use a spear phishing campaign to get their targets to open a PDF attachment which then deposits the Sykipot malware onto their machine,” according to AlienVault. “Then, unlike previous strains, the malware uses a keylogger to steal PINs for the cards. When a card is inserted into the reader, the malware then acts as the authenticated user and can access sensitive information. The malware is controlled by the attackers from the command & control center.”
Government agencies use smart cards as an extra layer of security on top of passwords, according to the New York Times. Since passwords have been easy enough to hack, the smart cards were supposed to provide a final line of defense, at least until the new strain of Sykipot popped up.
Read more…
