WEEKLY DATA SECURITY NEWS ROUND UP Ed. 27 May 13, 2013
Cyberattacks Against U.S. Corporations Are on the Rise
THIS WEEK’S NUMBER
$45 million: Amount of $
looted in two big cyberheists just from ATM machines
Obama’s Executive Order now has a “warning” out - but just like the Executive Order, it lacks any bite
This headline hit the NYTimes this morning, but what is it really about? It doesn’t have an actual percent increase of cyberattacks on corporations nor is it even pinpointing a very recent hack as an example. It’s really about the trend that the “cyberattack” has the intent of destroying data, not just stealing it, which we’ve known for months. For the press, it all started with the Saudi Aramco hack last year that affected 30,000 computers. The attackers framed the motive under “hacktivist” reasons, but many security and government officials believe it was a convenient cover-up, and that the attack was likely from Iran. Since then, there have been numerous other targets, most of them being energy companies. The source locations vary from China to the Middle East. As a result of this, the Obama administration along with agency ICS-Cert has issued a “warning” in conjunction with the Executive Order passed over a month ago to “make sure that the volume and timeliness of the information [pertaining to hacks] improves.” I want to emphasize that the Executive Order that passed over a month ago contains no teeth, it was entirely voluntary. That’s why it’s completely irrelevant at this moment and you haven’t a heard a peep about it since it passed. I don’t see why this “warning” would be any different. The government along with many other experts realize how serious the situation is, but given the nature of how difficult this issue is to tackle with pen and paper, their actions are empty gestures. Along with this issue, many top security heads have left the Department of Homeland Security in the past four months including Mark Weatherford, the department’s top cybersecurity official. This leaves the government in an awkward and unqualified position to tackle this issue correctly, and it’s showing.
DID YOU KNOW? Obama’s Executive Order was the only tangible advancement made in government cybersecurity regulation made in years.
Feds Charge 8 Alleged Mules in $45 Million Global Cyber Bank Heist Two large-scale global “cyberheist” operations that occurred on December 22nd and February 19th now have eight suspects in custody. The amount stolen on these two days total over $45 million, and it was all done through ATM machines. The story and the people involved is a complex tale, but what isn’t so complex is how they pulled it off.
We’ve come a long way since this infamous scene in Terminator 2 with little John Connor hacking an ATM
In the first operation, hackers infiltrated the system of an unnamed Indian creditcard processing company that handles Visa and MasterCard prepaid debit cards. Such companies are attractive to cybercriminals because they are considered less secure than financial institutions, computer security experts say.
Once they hacked the lesser-protected processing company, they then raised the withdraw limit on prepaid debit cards. Once the withdraw limit was raised, task forces were sent out to hit thousands of ATMs across the globe and wipe out millions in one swoop. The word “cybercrime” gets thrown around a lot, but this deserves the title 100%.
Zero-Day Exploit Published for IE8 Last week, The K logix Weekly showed the U.S. Department of Labor site getting hacked. It was a “high-profile” attack, and the method was using a zero-day exploit found in IE8. The Krebs on Security blog states: Security experts are warning that a newly discovered vulnerability in Internet Explorer 8 is being actively exploited to break into Microsoft Windows systems. Complicating matters further, computer code that can be used to reliably exploit the flaw is now publicly available online. Alienvault Labs, one of the websites that researched the U.S. Department of Labor hack, found that the IE8 exploit was already used in 9 other hacks. The best answer for now is to probably use another browser. Microsoft has released a “fix-it” tool for blunt attacks as a response, but whether it works for targeted attacks is still to be determined. Thanks to the Krebs on Security blog.
Nordstrom tracking customer movement via smartphones’ WiFi sniffing Nordstorm, the popular retail outlet, now has 17 stores in the U.S. that track your every move within their store through WiFi tracking. Nordstorm plugged in the software starting in October and hasn’t done anything with the data yet. It’s meant to be used for better staffing during high-traffic and getting a better understanding for foot traffic in the store. With your smartphones constantly pinging for WiFi service, this is just one of the ways it can be used in ways that you didn’t even know were happening. Luckily, Nordstorm isn’t planning on doing anything harmful with this data, but it wouldn’t surprise me if this became an emerging trend in larger stores around the country. Thanks to the Naked Security Blog.