Monthly Archives: May 2016

14 cybersecurity terms you need to know

Posted on May 31, 2016 | Leave a comment

Cyber_Security

Taking a proactive approach to your online security can help you avoid becoming a victim. Start by familiarizing yourself with these computer security terms. Understanding them can help you recognize a cyber threat — and can also help you protect your computer from one.

1. Adware

Adware is software that displays advertisements on your computer. It can take various forms, but is often a popup ad or an ad displayed in a sidebar in your browser. Typically, adware is more of an annoyance than a security risk, but in some cases it could be monitoring your online browsing activities and relaying that data to a third party.

2. Antivirus software

Antivirus software monitors your computer to find and block malicious programs like viruses. McAfee and Norton are two popular antivirus software packages. To protect your computer against new viruses, it’s important to regularly update your antivirus software.

3. Encryption

Encryption transforms plaintext (readable data) into ciphertext — which is unreadable without an encryption password. Once the user enters the correct encryption password, the text is decoded. Consider using a secure email service like GhostMail to encrypt the content of your sensitive messages.

4. Firewall

A firewall creates a barrier between the internet and your computer to help block hackers, viruses and other threats. Many security suites — like Symantec, Norton, Security Premium and Bitdefender Total Security — include firewall protection.

5. Hacker

A hacker is any unauthorized user who gains access to private data. While hacking can be used for many purposes, some criminal hackers purposefully disrupt or permanently damage an individual computer or an entire network of computers. Hacking attacks cost the average American company more than $7 million per year.

6. Keylogger software

Keylogger software is a type of spyware that records information about your computer keyboard activities — such as your internet browsing, emails, and instant messages — and then sends the data to a third party.

7. Malware

Short for “malicious software,” malware is an umbrella term used to describe software or code that’s designed to damage a computer or collect information from it. Adware, Trojans, and spyware are examples of malware.

8. Phishing

Phishing is a scam where cyber criminals send victims an email that appears to be from a legitimate business or organization. The email convinces the victim to disclose sensitive information such as their date of birth or account numbers, which the criminal often uses to steal their identity. SMiShing is a fraud that’s similar to phishing, but the victim is baited through bogus text messages rather than through email.

9. Security patch

A security patch is used to fix software or operating-system vulnerabilities that hackers could use to infect computers with a virus or another type of malware. It’s best to set up your computer to check for security patches automatically, but you can also go to the software maker’s website and manually download them.

10. Spyware

Spyware is a type of malware that’s used to monitor your activities, collect specific data, and communicate this information to a third party. Spyware can capture everything from screenshots to passwords and emails.

11. Secure Sockets Layer

SSL is a network security protocol that secures information traveling over the internet. Websites that start with “https” use an SSL connection to help keep user information safe.

12. Trojan

A Trojan is a type of malware that appears legitimate or useful — but once it’s installed, a Trojan can allow cyber criminals to do things like delete or modify your data, steal sensitive information, or disrupt your computer’s performance. Most Trojans are delivered through emails, online services, and downloads such as free games and music.

13. Virus

A virus is a self-replicating type of malware designed to corrupt or modify your computer’s programs and files. In some cases, a virus can slow your computer’s performance or stop it from working altogether. Viruses are spread in various ways, but one of the most common is through infected email attachments. Before opening any email attachment (even one from someone you know), contact the sender and confirm its legitimacy.

14. Personally identifiable information

PII, also referred to as sensitive personal information , is any information that can be used on its own — or in tandem with other information — to identify, locate, or contact a person. Driver’s license numbers, Social Security numbers, and home addresses are a few examples of PII that are often used to perpetrate identify theft. Use extreme caution when providing PII online, and, for extra security, disable auto-fill settings on your web browser.

 

 

Once you’ve familiarized yourself with these terms, protect yourself further by following basic computer security practices and learning about current online threats and scams.

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Security

Tagged , , , ,

Apple hires Encryption Expert to Beef Up Security on its Devices

Posted on May 27, 2016 | Leave a comment

 

Apple
The FBI and other law enforcement agencies have waged legal war on encryption and privacy technologies.

You may have heard many news stories about the legal battle between Apple and the FBI over unlocking an iPhone that belonged to the San Bernardino shooter. However, that was just one battle in a much larger fight.

Now, in an effort to make its iPhone surveillance-and-hack proof, Apple has rehired security expert and cryptographer Jon Callas, who co-founded the widely-used email encryption software PGP and the secure-messaging system Silent Circle that sells the Blackphone.

This is not Apple’s first effort over its iPhone security.

Just a few months back, the company hired Frederic Jacobs, one of the key developers of Signal — World’s most secure, open source and encrypted messaging application.

Now Apple has rehired Callas, who has previously worked for Apple twice, first from 1995 to 1997 and then from 2009 to 2011.

During his second joining, Callas designed a full-disk encryption system to protect data stored on Macintosh computers.

Apple’s decision to rehire Callas comes after rumors that the company is working on improving the security of its iOS devices in such a way that even Apple can’t hack.

“Callas has said he is against companies being compelled by law enforcement to break into their own encrypted products,” the report reads.

“But he has also said he supports a compromise proposal under which law enforcement officials with a court order can take advantage of undisclosed software vulnerabilities to hack into tech systems, as long as they disclose the vulnerabilities afterward so they can be patched.”

Earlier this year, Apple was engaged in a battle with the US Department of Justice (DoJ) over a court order asking the company to help the FBI unlock iPhone 5C of San Bernardino shooter Syed Farook.

Basically, the company was deliberately forced to create a special, backdoored version of its iOS, so that the FBI may be able to Brute Force the passcode on Farook’s iPhone without losing the data stored in it.

Although Apple refused to do so, and now the Apple wanted to remove its own ability to break its iPhone security in future iPhone models, thereby eliminating the chances for government and intelligence agencies for demanding backdoors.

 

Leave a comment

Posted in Cyber Security, Encryption, Hacking, Security

Tagged , ,

What is the cloud and how does it work, “Unlock the Cloud”. Part 2

Posted on May 27, 2016 | Leave a comment

Unlock_the_Cloud

We  kicked off a  cloud series called, “Unlock the Cloud” yesterday. In this blog, we talk about established and emerging cloud services that are contributing to the dramatic 19.4% compound annual growth rate in public cloud services spending, from $70 billion in 2015 to $141 billion by 2019.

Many enterprises are juggling three primary “as-a-service” categories to best scale their business and IT service delivery via the cloud: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS). These services enable organizations to build, deploy and buy virtualized computing resources using more cost-effective, pay-as-you-use pricing models that have changed the way companies everywhere are consuming IT. Here’s a look at all three and some of their data-driven, cloud storage offshoots.

IaaS (Infrastructure as a Service)

Imagine an IT service delivery infrastructure that you don’t have to purchase, house, manage or update. IaaS makes all of your physical and virtual computing resources (compute, storage, operating systems and to some extent networking, etc.) accessible as you need them. The main benefit is you can still design and control the IT infrastructure you want without investing heavily in CAPEX and OPEX.

PaaS (Platform as a Service)

PaaS falls somewhere in between SaaS and IaaS. What makes it distinct is that it enables you to develop and deploy applications using the programming languages, libraries, services, and tools supported by the PaaS provider to bring products and services to market faster. So application developers don’t have to worry about available computing resources because they can leverage the PaaS provider’s IaaS environment, as well as its SaaS-like application development tools and hosting services.

SaaS (Software as a Service)

Don’t want the expense or hassle of deploying and revving applications? Then SaaS is the way to go. Companies don’t need to own or maintain software applications, and updates can be delivered in real time versus waiting for them to be pushed out by IT. Just run a thin-client or Web browser on your device of choice to access a wealth of applications over the Internet as needed (Yes, there’s an app for that!).

Much of the confusion around these services is rooted in the fact that many cloud providers now offer all three. That makes it almost impossible to differentiate each type of service by provider. The real work for your business will be to decide which services and providers best match the workloads you are trying to support.

Cloud Storage Offshoots

Cloud Storage services could possibly mash-up into one of the fastest growing niche cloud service markets based on their growing prevalence along-side SaaS, IaaS and PaaS offerings. Here are some notable cloud storage services:

STaaS (Storage-as-a-Service) – You’re using SaaS if you are storing photos from your smartphone or sharing documents with other users. As the amount of data increases and storage costs rise exponentially, parking portions of your personal and business storage in the cloud is inevitable.

DBaaS (Database-as-a-Service) – The complexity of database management often requires a team of database administrators to select and maintain single or multiple database platforms, and continuously optimize them. DBaaS eliminates the need for costly management resources and storage infrastructure by placing the burden on the DBaaS provider.

DRaaS (Disaster-Recovery-as-a-Service) – DRaaS eliminates the muss, fuss and cost of physically creating and maintaining a geographically separate data center for disaster recovery. It replicates your data center resources in the cloud and makes them available when you most need them. If you don’t need to completely replicate your IT infrastructure, but want to still protect your data, then consider BaaS (Backup-as-a-Service).

In this new “there’s a service for that,” world, choosing the best cloud services will depend on your workloads, and connecting to that service will depend on your cloud interconnection strategy. Stay tuned for upcoming “Unlock the Cloud” articles to learn more.

Leave a comment

Posted in Cyber Security, Network, Public Cloud

Tagged

What is the cloud and how does it work, “Unlock the Cloud”. Part 1

Posted on May 26, 2016 | Leave a comment

Unlock_the_Cloud

By 2018, at least according to a Gartner report half of the IT spending will be cloud based.  So I thought I would write a series of articles on  “Unlock the Cloud”.  We will tackle cloud terms widely used, but often misunderstood: public, private, hybrid and multi-cloud.  We will look at Cloud Services, and Cloud interconnection strategies.

The word “cloud” defines shared, automated hardware or software services that offer customers a high degree of resource scalability, elasticity and self-service. Using the cloud is a lot like using a utility like electricity. Rather than spending a lot of time, capital and resources purchasing, configuring and managing their own hardware and software, customers provision, orchestrate and scale IT resources in the cloud, paying for only what they use, when they use it.

Public Cloud: Do you need a quick, cost-efficient way to ramp up and down software test beds, offload applications such as e-mail or customer relationship management, or cover seasonal spikes in customer usage? Consider using a public cloud service.

A public cloud describes a third-party provider of infrastructure, platform, storage or application cloud services  ̶ such as Amazon Web Services (AWS), Microsoft Azure, Dropbox or Salesforce. These services rent shared hardware and/or software resources to organizations and individuals as a pay-as-you-play service. Public cloud services also come in a variety of types, which we will discuss in another post.

Private Cloud: Do your in-house customers need the agility and elasticity advantages of the public cloud, but with more stringent control, customization, security and compliance capabilities? Consider a private cloud, which may be managed by your organization or an outside service via a private network connection, with hardware and software specifically assigned to your organization only.

Private clouds allow more customization than public clouds. However, private clouds may require a lot of organizational investment up front and internal IT resources to run. As with public clouds, private cloud resources are shared among internal departments and users, allowing users to self-provision and scale hardware or software resources as needed. Private clouds that are shared among different organizations in a closed environment, such as agencies in a state government, are sometimes called a community cloud.

Hybrid Clouds: Are you looking for the best of both clouds? Hybrid clouds combine at least one public and private cloud to deliver a particular IT service(s). Organizations may want to run an application entirely or partially in the public cloud but keep its sensitive data in a more secure private cloud. Or they may run an application internally, but “burst” it out automatically to a public cloud during peak demand periods. The latter is very cost-efficient, making it unnecessary to purchase and manage all the necessary hardware and software real estate for those occasional peak loads.

Multi-cloud describes a number of public and/or private cloud services used to deliver a single enterprise service, such as big data analysis or applications with multiple components. Hybrid clouds are a subcategory of multi-cloud, which has become a popular choice with enterprises. Nearly half of the respondents that were surveyed are currently pursuing a multi-cloud strategy. By 2020, 86% of those companies will have deployed multiple clouds across multiple locations.

“The Cloud” can be confusing but we will continue to offer clarity in this series on “Unlock the Cloud” 

Leave a comment

Posted in Cyber Security, Network, Public Cloud

Tagged , ,

Hackers demand ransom payment from Kansas Heart Hospital for files

Posted on May 24, 2016 | Leave a comment

WICHITA, Kan. A hospital held hostage by hackers and denied access to its files until it pays a ransom. It’s a crime that’s been reported across the country, and now it’s happened in Wichita.

It’s called “ransomware” – hackers hijack your computer and hold the data until you pay up.

The Kansas Heart Hospital is the latest victim of this attack.

The hospital’s president, Dr. Greg Duick, says the hackers never got access to patient information, but the attack did cause problems.

“Kansas Heart Hospital had a cyber attack occur late Wednesday evening,” Duick said. “We suspect, as attacks other parts of the country, this was an offshore operation,” he said.

Duick says hackers holding hospital files hostage is very common.

“Upwards of 45% of hospitals have received some kind of cyber attack. And multiple hospitals had additional attacks,” he said.

About 9pm Wednesday, a hospital employee lost access to files.

“It would be like you’re working on your computer and all of a sudden, your computer says, sorry can’t help you anymore,” Duick said. “It became widespread throughout the institution.”

Hackers got into the system, and locked up the files, refusing to give back access unless the hospital paid up.

“I’m not at liberty because it’s an ongoing investigation, to say the actual exact amount. A small amount was made,” Duick said.

But even after the hospital paid, the hackers didn’t return full access to the files. Instead, they demanded another ransom. The hospital says, it will not pay again.

“The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy,” Durick said.

The hospital was aware that an attack like this might happen, and it did have a plan

“That plan went into immediate action. I think it helped in minimizing the amount of damage the encrypted agent could do,” Durick said.

“The patient information never was jeopardized and we took measures to make sure it wouldn’t be,” he said.

Durik also says the attack never impacted patient treatment and will help the hospital strengthen its response to future hackers.

Ransomware is so common that many hospitals, Kansas Heart, have insurance to help cover costs of cyber extortion.

The hospital is working with it’s IT team and security experts restore the rest of the system.

Hospitals have become a favorite target of the ransomware scam. Earlier this year 10 Medstar facilities in the Washington region were part of a cyber attack that prompted the health care provider to shut down it’s computer system.

Also in February a California hospital paid $17,000 in ransom to regain access to its medical records.

http://www.kwch.com/content/news/Hackers-demand-ransom-payment-from-Kansas-Heart-Hospital-380342701.html

 

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Healthcare, Security

Tagged , ,

Watch hackers break into the US power grid

Posted on May 24, 2016 | Leave a comment

Pretty entertaining video exposing all the physical and network security issues from a team of ethical hackers.

YouTubeA power company in the Midwest hired a group of white hat hackers known as RedTeam Security to test its defenses.

Leave a comment

Posted in Cyber Security, Data Breach, Hacking

Tagged ,

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System

Posted on May 23, 2016 | Leave a comment

Bank_Hack

Bangladesh is not the only bank that had become victim to the cyber heist. In fact, it appears to be just a part of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT.

Yes, the global banking messaging system that thousands of banks and companies around the world use to transfer Billions of dollars in transfers each day is under attack.

A third case involving SWIFT has emerged in which cyber criminals have stolen about $12 million from an Ecuadorian bank that contained numerous similarities of later attacks against Bangladesh’s central bank that lost $81 Million in the cyber heist.

The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported.

Here’s how cyber criminals target banks:

  • Uses malware to circumvent local security systems of a bank.
  • Gains access to the SWIFT messaging network.
  • Sends fraudulent messages via SWIFT to initiate cash transfers from accounts at larger banks.

Over ten days, hackers used SWIFT credentials of a bank employee to modify transaction details for at least 12 transfers amounting to over $12 Million, which was transferred to accounts in Hong Kong, Dubai, New York and Los Angeles.

In the lawsuit, BDA holds Wells Fargo responsible for not spotting the fraudulent transactions and has demanded Wells Fargo to return the full amount that was stolen from the bank.

The lawsuit filed by BDA in a New York federal court described that the some of these attacks could have been prevented if banks would have shared more details about the attacks with the SWIFT organization.

Wells Fargo has also fired back and blamed BDA’s information security policies and procedures for the heist and noted that it “properly processed the wire instructions received via authenticated SWIFT messages,” according to court documents.

According to reports, the heist remained a secret for a long time and now disclosed when BDA decided to sue Wells Fargo that approved the fraudulent transfers.

SWIFT did not have any idea about the breach, as neither BDA nor Wells Fargo shared any detail about the attack.

“We were not aware,” SWIFT said in a statement. “We need to be informed by customers of such frauds if they relate to our products and services so that we can inform and support the wider community. We have been in touch with the bank concerned to get more information, and are reminding customers of their obligations to share such information with us.”

It turns out that the security of SWIFT itself was not breached in the attack, but cyber criminals used advanced malware to steal credentials of bank’s employees and cover their tracks.

In February, $81 Million cyber heist at the Bangladesh central bank was carried out by hacking into SWIFT using a piece of malware that manipulated logs and erased the fraudulent transactions history, and even prevented printers from printing those transactions.

Leave a comment

Posted in Cyber Security, Data Breach, Hacking, Malware

Tagged , ,

SEC: Cyber security is the biggest risk to the global financial system

Posted on May 23, 2016 | Leave a comment

Coding

WASHINGTON (Reuters) – Cyber security is the biggest risk facing the financial system, the chair of the U.S. Securities and Exchange Commission (SEC) said on Tuesday, in one of the frankest assessments yet of the threat to Wall Street from digital attacks.

Banks around the world have been rattled by a $81 million cyber theft from the Bangladesh central bank that was funneled through SWIFT, a member-owned industry cooperative that handles the bulk of cross-border payment instructions between banks.

The SEC, which regulates securities markets, has found some major exchanges, dark pools and clearing houses did not have cyber policies in place that matched the sort of risks they faced, SEC Chair Mary Jo White told the Reuters Financial Regulation Summit in Washington D.C.

“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks,” she said.

“As we go out there now, we are pointing that out.”

White said SEC examiners were very pro-active about doing sweeps of broker-dealers and investment advisers to assess their defenses against a cyber attack.

“We can’t do enough in this sector,” she said.

Cyber security experts said her remarks represented the SEC’s strongest warning to date of the threat posed by hackers.

A former member of the World Bank’s security team, Tom Kellermann, who is now chief executive of the investment firm Strategic Cyber Ventures LLC, called it “a historic recognition of the systemic risk facing Wall Street.”

BROKEN WINDOWS

Under White, a former federal prosecutor, the SEC introduced an initiative called “broken windows” designed to crack down on small violations of SEC rules to deter traders and others from larger transgressions.

But critics have questioned whether the initiative, similar to one used by former New York City Mayor Rudy Giuliani in his crackdown on crime in the city, is an effective use of the agency’s limited resources.

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho September 29, 2011. REUTERS/Jim UrquhartREUTERS/Jim UrquhartAn analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho September 29, 2011. REUTERS/Jim Urquhart

The policy has been applied to instances of “rampant non-compliance” involving serious, significant rules, White said, noting that she considers the initiative a huge success.

For example, the SEC brought three groups of cases in a key area, the prohibition against short selling ahead of an IPO by individuals who then participated in the IPO, since 2013, she said. Each year, there have been fewer cases, with the most recent number at around 12, White said.

GAAP VS. NON-GAAP

Also on Tuesday, the SEC released guidance about how certain accounting practices could potentially mislead investors that White called “consequential.”

Companies are increasingly using non-Generally Accepted Accounting Principles, or non-GAAP, to report earnings, permitting them to back out certain expenses from earnings figures, such as non-cash costs. But critics say the practice can also mislead investors by creating a rosier picture of a company’s profits.

The SEC’s current rules allow companies to report with figures that do not comply with GAAP, as long as certain conditions are met and White said the guidance spells out those conditions, such as a requirement that “the GAAP measure has to be of equal or greater prominence than non-GAAP.”

Non-GAAP “is not supposed to supplant GAAP and obviously not obscure GAAP,” she said.

She declined to say if the SEC is considering enforcement actions against companies that might be misleading investors with non-GAAP, but noted the SEC would not hesitate to bring one if it uncovered an “actionable violation.”

For months now, the SEC has only had three commissioners, down from its full complement of five, and the U.S. Congress has stalled on confirming two nominees.

“We’re really functioning on all cylinders,” White said, ticking off a list of projects the commission has recently completed.

She added that, to comply with rules on meetings and disclosures, commissioners typically meet one-on-one.

“If there are only three of you, it’s shorter-circuited to some degree,” she said. “There are some advantages, too.”

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking

Tagged ,