Category Archives: Encryption

How to Ensure Your Social Profiles Will Never Get Hacked

Posted on June 3, 2016 | Leave a comment

Facebook notifications

Getting hacked can cause an unlimited number of problems for you and your reputation. The last thing you need is to see your profiles fall into the hands of someone else. The key is not to act when it happens but to act before it happens. This guide is going to show you everything you need to know about preventing your social profiles from getting hacked.

The Password Issue

To begin with, you need to make sure that you are crafting the right passwords. A weak password is the front door into your social media accounts. Many hackers will use the brute force method, which is where they simply attempt to guess your password. Automated software will continually try different combinations until it finds something that works.

The only way you can defend against this is through using upper and lower case letters, along with numbers and symbols. This password should be changed on a regular basis. Just make sure that you don’t come up with a password that you yourself can’t remember.

When storing your passwords, you should make sure you have adequate storage methods. Don’t keep them in a place online or offline where they can be immediately accessed.

The key here is to share your passwords with the smallest number of people possible. They should be kept on a strictly need to know basis.

Sign-In Technology

You may not have heard of sign-in technology before. It’s a fairly recent invention and it allows people to access your social media accounts without knowing the password. The way it works is that employees click the sign-in software and it will automatically allow them to access the social media account in question.

This technology will only be able to be accessed on certain company computers. This will allow you to keep all information centralized with one person. That means you always have one or two people to take full responsibility for the company’s passwords.

It doesn’t cost a lot to utilize this technology. There are many software bundles that will provide free services like this. It only takes a few minutes to install this technology on your computer.

The Most Common Path – The Email Hack

Despite the fact that spam detectors have become more proficient than ever before, hackers will still use emails in order to capture people’s information. As soon as you click on the offending link, you will be redirected to a page that looks remarkably similar to a genuine page. Once you enter your information, the hacker will capture that information. They may even attempt to install Spyware on your computer.

The emails that reach your inbox will contain links that you have to click on; usually in relation to a compromised account.

So how do you know whether something is genuine?

There are two ways to do this. First of all, you can mouse over the link and in the bottom right of your browser it will show you the full link. There will always be a slight change in the URL that will reveal it as a link you should avoid. But the best way to check if an email is genuine is to access the relevant website manually, like you would normally.

One other option you have to get around this entirely is to use a platform like Sprout Social or HootSuite to access your social media accounts through a third-party platform. It acts as a shield so your accounts cannot be hacked directly, since you are never accessing them directly.

Your Computer’s Security Arrangements

You can have the strongest password in the world. None of that is going to matter if your computer or network is vulnerable to attack, though. There are hackers who can install software on your computer that can allow them to take control of it remotely.

Then they can use things like sign-in technology against you because they can click the buttons without your input. Install the best anti-virus system you can, update it regularly, and be willing to pay for the best. This is not an area where you should compromise.

How will you protect your social media accounts from hackers today?

 

This article was written by Abdullahi Muhammed from Business2Community and was legally licensed through the NewsCred publisher network.

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Malware, Security

Tagged , ,

How to Protect Personally Identifiable Information from Ransomware Attacks

Posted on June 3, 2016 | Leave a comment

Cybercriminal
Personally Identifiable Information (PII) is defined as any information that can be used on its own or combined with other information to identify, contact or locate an individual. This can include information maintained by an agency that could be used to discover or trace an individual’s identity. Some examples of PII include your full name, date and place of birth, social security number, mother’s maiden name, or biometric records. PII also includes information that can be linked to an individual such as medical, educational, financial or employment information.

Why do Cybercriminals Want my PII?

Cybercriminals are making a great deal of money by selling your PII on the dark web and those who purchase the data use it in identity theft. Your PII can be used to file false tax returns, open lines of credit or to make fraudulent purchases under your name.  This is just a few examples of what cybercriminals can do with your PII. The price for pieces of your PII has come down significantly over the last two years. In late 2015 Trend Micro reported that the price for PII has dropped from $4 to $1. There are supply and demand economics at work in the criminal world, too.

 “There’s actually a big surplus of PII currently available in the cybercriminal underground. This has caused its price to drop significantly, from $4 last year to $1 this year,” the study found. – Trend Micro

It doesn’t seem like cybercriminals are making a lot of money at $1 per record when you are considering just your own PII.  However, cybercriminals are infiltrating large companies like Anthem and stealing millions of records at a time. Millions of records stolen at even $1 a record is a large sum of money. Cybercriminals can make more money selling PII from one major breach than you have probably earned in your lifetime.  Not too bad for a day’s work.

Credit Cards, EBay Accounts – Going Once, Going Twice, SOLD !

CreditcardsCredit card numbers, eBay accounts, and mobile phone accounts are also being sold on the dark web for a significant profit for cybercriminals. Login credentials for bank accounts are going for $200 to $500 per account. The larger the available balance of a bank account, the more money a cybercriminal can demand for it. Mobile phone accounts are selling for $14 per account and PayPal and EBay accounts can go for $300 each.

What is interesting about Trend Micro’s report “Dissecting Data Breaches and Debunking the Myths” is their finding that the main reason for a data breach is not due to cybercriminals at all but in fact a product of the user. 41 % of data breaches were the result of a user losing or having their device stolen, while 25% was due to hacking and malware.

It’s important that companies scrutinize and secure the sensitive information that is stored on their employee’s devices like mobile phones, laptops, and flash drives. If any of these devices are lost or stolen, they become an easy way to steal data.

Doesn’t Ransomware Only Encrypt Data?

It is true that so far ransomware variants have encrypted data and held it ransom. Having PII stolen in a ransomware attack has not happened yet, but I believe that is the next evolution of ransomware.  Once the cybercriminals have copied your data offsite, they can demand a ransom over and over again.

I believe the next variant of ransomware will encrypt your data locally and in addition, will use exfiltration to copy your data offsite and hold it for ransom. If cybercriminals get your PII, they can collect the ransom from you to decrypt the data and further profit from selling the PII on the dark web.

How Can I Protect my PII?

There are a number of things you can do today to protect your PII. I recommend all businesses who collect and store customer PII to read the DHS guidelines for dealing with PII.

Thoroughly Inspect All Emails Received

Ransomware attacks are primarily delivered through email campaigns where the cybercriminals spoof a fax delivery, bank statement or utility bill.  Clicking on the link or attachment starts the crypto ransomware infection, and the end user doesn’t even know they are infected until after the ransomware has encrypted their data. Only after the data is encrypted do you get at least two pop-up messages with the ransom demand.

Encrypt Data on Devices

Do not transport any data that contains PII unless that device has been encrypted. Do not remove sensitive PII from the workplace unless instructed by a manager. Never leave sensitive PII in hard copy unattended and unsecured.

Use Two-Factor Authentication

Two-Factor Authentication is an excellent security mechanism that adds another layer to your complex passwords already in use. With Two-Factor Authentication, a user not only has to provide their password but they also need to input another component which is usually something that the user knows, something that the user possesses or something that is inseparable from the user. For example, you might use a product like Google Authenticator.  After supplying your account password, you will get prompted for a six digit code supplied by the authenticator app. The App generates a new and unique random code every 30 seconds.

Good luck and stay safe out there with you “Private Information” !!

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking

14 cybersecurity terms you need to know

Posted on May 31, 2016 | Leave a comment

Cyber_Security

Taking a proactive approach to your online security can help you avoid becoming a victim. Start by familiarizing yourself with these computer security terms. Understanding them can help you recognize a cyber threat — and can also help you protect your computer from one.

1. Adware

Adware is software that displays advertisements on your computer. It can take various forms, but is often a popup ad or an ad displayed in a sidebar in your browser. Typically, adware is more of an annoyance than a security risk, but in some cases it could be monitoring your online browsing activities and relaying that data to a third party.

2. Antivirus software

Antivirus software monitors your computer to find and block malicious programs like viruses. McAfee and Norton are two popular antivirus software packages. To protect your computer against new viruses, it’s important to regularly update your antivirus software.

3. Encryption

Encryption transforms plaintext (readable data) into ciphertext — which is unreadable without an encryption password. Once the user enters the correct encryption password, the text is decoded. Consider using a secure email service like GhostMail to encrypt the content of your sensitive messages.

4. Firewall

A firewall creates a barrier between the internet and your computer to help block hackers, viruses and other threats. Many security suites — like Symantec, Norton, Security Premium and Bitdefender Total Security — include firewall protection.

5. Hacker

A hacker is any unauthorized user who gains access to private data. While hacking can be used for many purposes, some criminal hackers purposefully disrupt or permanently damage an individual computer or an entire network of computers. Hacking attacks cost the average American company more than $7 million per year.

6. Keylogger software

Keylogger software is a type of spyware that records information about your computer keyboard activities — such as your internet browsing, emails, and instant messages — and then sends the data to a third party.

7. Malware

Short for “malicious software,” malware is an umbrella term used to describe software or code that’s designed to damage a computer or collect information from it. Adware, Trojans, and spyware are examples of malware.

8. Phishing

Phishing is a scam where cyber criminals send victims an email that appears to be from a legitimate business or organization. The email convinces the victim to disclose sensitive information such as their date of birth or account numbers, which the criminal often uses to steal their identity. SMiShing is a fraud that’s similar to phishing, but the victim is baited through bogus text messages rather than through email.

9. Security patch

A security patch is used to fix software or operating-system vulnerabilities that hackers could use to infect computers with a virus or another type of malware. It’s best to set up your computer to check for security patches automatically, but you can also go to the software maker’s website and manually download them.

10. Spyware

Spyware is a type of malware that’s used to monitor your activities, collect specific data, and communicate this information to a third party. Spyware can capture everything from screenshots to passwords and emails.

11. Secure Sockets Layer

SSL is a network security protocol that secures information traveling over the internet. Websites that start with “https” use an SSL connection to help keep user information safe.

12. Trojan

A Trojan is a type of malware that appears legitimate or useful — but once it’s installed, a Trojan can allow cyber criminals to do things like delete or modify your data, steal sensitive information, or disrupt your computer’s performance. Most Trojans are delivered through emails, online services, and downloads such as free games and music.

13. Virus

A virus is a self-replicating type of malware designed to corrupt or modify your computer’s programs and files. In some cases, a virus can slow your computer’s performance or stop it from working altogether. Viruses are spread in various ways, but one of the most common is through infected email attachments. Before opening any email attachment (even one from someone you know), contact the sender and confirm its legitimacy.

14. Personally identifiable information

PII, also referred to as sensitive personal information , is any information that can be used on its own — or in tandem with other information — to identify, locate, or contact a person. Driver’s license numbers, Social Security numbers, and home addresses are a few examples of PII that are often used to perpetrate identify theft. Use extreme caution when providing PII online, and, for extra security, disable auto-fill settings on your web browser.

 

 

Once you’ve familiarized yourself with these terms, protect yourself further by following basic computer security practices and learning about current online threats and scams.

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Security

Tagged , , , ,

Apple hires Encryption Expert to Beef Up Security on its Devices

Posted on May 27, 2016 | Leave a comment

 

Apple
The FBI and other law enforcement agencies have waged legal war on encryption and privacy technologies.

You may have heard many news stories about the legal battle between Apple and the FBI over unlocking an iPhone that belonged to the San Bernardino shooter. However, that was just one battle in a much larger fight.

Now, in an effort to make its iPhone surveillance-and-hack proof, Apple has rehired security expert and cryptographer Jon Callas, who co-founded the widely-used email encryption software PGP and the secure-messaging system Silent Circle that sells the Blackphone.

This is not Apple’s first effort over its iPhone security.

Just a few months back, the company hired Frederic Jacobs, one of the key developers of Signal — World’s most secure, open source and encrypted messaging application.

Now Apple has rehired Callas, who has previously worked for Apple twice, first from 1995 to 1997 and then from 2009 to 2011.

During his second joining, Callas designed a full-disk encryption system to protect data stored on Macintosh computers.

Apple’s decision to rehire Callas comes after rumors that the company is working on improving the security of its iOS devices in such a way that even Apple can’t hack.

“Callas has said he is against companies being compelled by law enforcement to break into their own encrypted products,” the report reads.

“But he has also said he supports a compromise proposal under which law enforcement officials with a court order can take advantage of undisclosed software vulnerabilities to hack into tech systems, as long as they disclose the vulnerabilities afterward so they can be patched.”

Earlier this year, Apple was engaged in a battle with the US Department of Justice (DoJ) over a court order asking the company to help the FBI unlock iPhone 5C of San Bernardino shooter Syed Farook.

Basically, the company was deliberately forced to create a special, backdoored version of its iOS, so that the FBI may be able to Brute Force the passcode on Farook’s iPhone without losing the data stored in it.

Although Apple refused to do so, and now the Apple wanted to remove its own ability to break its iPhone security in future iPhone models, thereby eliminating the chances for government and intelligence agencies for demanding backdoors.

 

Leave a comment

Posted in Cyber Security, Encryption, Hacking, Security

Tagged , ,

Hackers demand ransom payment from Kansas Heart Hospital for files

Posted on May 24, 2016 | Leave a comment

WICHITA, Kan. A hospital held hostage by hackers and denied access to its files until it pays a ransom. It’s a crime that’s been reported across the country, and now it’s happened in Wichita.

It’s called “ransomware” – hackers hijack your computer and hold the data until you pay up.

The Kansas Heart Hospital is the latest victim of this attack.

The hospital’s president, Dr. Greg Duick, says the hackers never got access to patient information, but the attack did cause problems.

“Kansas Heart Hospital had a cyber attack occur late Wednesday evening,” Duick said. “We suspect, as attacks other parts of the country, this was an offshore operation,” he said.

Duick says hackers holding hospital files hostage is very common.

“Upwards of 45% of hospitals have received some kind of cyber attack. And multiple hospitals had additional attacks,” he said.

About 9pm Wednesday, a hospital employee lost access to files.

“It would be like you’re working on your computer and all of a sudden, your computer says, sorry can’t help you anymore,” Duick said. “It became widespread throughout the institution.”

Hackers got into the system, and locked up the files, refusing to give back access unless the hospital paid up.

“I’m not at liberty because it’s an ongoing investigation, to say the actual exact amount. A small amount was made,” Duick said.

But even after the hospital paid, the hackers didn’t return full access to the files. Instead, they demanded another ransom. The hospital says, it will not pay again.

“The policy of the Kansas Heart Hospital in conjunction with our consultants, felt no longer was this a wise maneuver or strategy,” Durick said.

The hospital was aware that an attack like this might happen, and it did have a plan

“That plan went into immediate action. I think it helped in minimizing the amount of damage the encrypted agent could do,” Durick said.

“The patient information never was jeopardized and we took measures to make sure it wouldn’t be,” he said.

Durik also says the attack never impacted patient treatment and will help the hospital strengthen its response to future hackers.

Ransomware is so common that many hospitals, Kansas Heart, have insurance to help cover costs of cyber extortion.

The hospital is working with it’s IT team and security experts restore the rest of the system.

Hospitals have become a favorite target of the ransomware scam. Earlier this year 10 Medstar facilities in the Washington region were part of a cyber attack that prompted the health care provider to shut down it’s computer system.

Also in February a California hospital paid $17,000 in ransom to regain access to its medical records.

http://www.kwch.com/content/news/Hackers-demand-ransom-payment-from-Kansas-Heart-Hospital-380342701.html

 

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Healthcare, Security

Tagged , ,

SEC: Cyber security is the biggest risk to the global financial system

Posted on May 23, 2016 | Leave a comment

Coding

WASHINGTON (Reuters) – Cyber security is the biggest risk facing the financial system, the chair of the U.S. Securities and Exchange Commission (SEC) said on Tuesday, in one of the frankest assessments yet of the threat to Wall Street from digital attacks.

Banks around the world have been rattled by a $81 million cyber theft from the Bangladesh central bank that was funneled through SWIFT, a member-owned industry cooperative that handles the bulk of cross-border payment instructions between banks.

The SEC, which regulates securities markets, has found some major exchanges, dark pools and clearing houses did not have cyber policies in place that matched the sort of risks they faced, SEC Chair Mary Jo White told the Reuters Financial Regulation Summit in Washington D.C.

“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks,” she said.

“As we go out there now, we are pointing that out.”

White said SEC examiners were very pro-active about doing sweeps of broker-dealers and investment advisers to assess their defenses against a cyber attack.

“We can’t do enough in this sector,” she said.

Cyber security experts said her remarks represented the SEC’s strongest warning to date of the threat posed by hackers.

A former member of the World Bank’s security team, Tom Kellermann, who is now chief executive of the investment firm Strategic Cyber Ventures LLC, called it “a historic recognition of the systemic risk facing Wall Street.”

BROKEN WINDOWS

Under White, a former federal prosecutor, the SEC introduced an initiative called “broken windows” designed to crack down on small violations of SEC rules to deter traders and others from larger transgressions.

But critics have questioned whether the initiative, similar to one used by former New York City Mayor Rudy Giuliani in his crackdown on crime in the city, is an effective use of the agency’s limited resources.

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho September 29, 2011. REUTERS/Jim UrquhartREUTERS/Jim UrquhartAn analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho September 29, 2011. REUTERS/Jim Urquhart

The policy has been applied to instances of “rampant non-compliance” involving serious, significant rules, White said, noting that she considers the initiative a huge success.

For example, the SEC brought three groups of cases in a key area, the prohibition against short selling ahead of an IPO by individuals who then participated in the IPO, since 2013, she said. Each year, there have been fewer cases, with the most recent number at around 12, White said.

GAAP VS. NON-GAAP

Also on Tuesday, the SEC released guidance about how certain accounting practices could potentially mislead investors that White called “consequential.”

Companies are increasingly using non-Generally Accepted Accounting Principles, or non-GAAP, to report earnings, permitting them to back out certain expenses from earnings figures, such as non-cash costs. But critics say the practice can also mislead investors by creating a rosier picture of a company’s profits.

The SEC’s current rules allow companies to report with figures that do not comply with GAAP, as long as certain conditions are met and White said the guidance spells out those conditions, such as a requirement that “the GAAP measure has to be of equal or greater prominence than non-GAAP.”

Non-GAAP “is not supposed to supplant GAAP and obviously not obscure GAAP,” she said.

She declined to say if the SEC is considering enforcement actions against companies that might be misleading investors with non-GAAP, but noted the SEC would not hesitate to bring one if it uncovered an “actionable violation.”

For months now, the SEC has only had three commissioners, down from its full complement of five, and the U.S. Congress has stalled on confirming two nominees.

“We’re really functioning on all cylinders,” White said, ticking off a list of projects the commission has recently completed.

She added that, to comply with rules on meetings and disclosures, commissioners typically meet one-on-one.

“If there are only three of you, it’s shorter-circuited to some degree,” she said. “There are some advantages, too.”

 

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking

Tagged ,

The Future of Passwords and Biometrics

Posted on April 20, 2016 | Leave a comment

Biometrics
In today’s world filled with computers, smartphones, and other smart gadgets, passwords have played an important role. Passwords have played a key role in authenticating one’s identity online. But how long do you think this authentication measure will work? The power of the computers is increasing every day. Such computers, when used by hackers and scammers, can prove to them as an effective tool for cracking passwords and accessing our online databases.

Simple or even complex passwords are easily crack able thanks to the advances in the field of technology. There has been a growing demand for using biometrics in place of textual passwords. But are biometrics as safe and secure as its supporters claim it to be?

In this article, we shall be analyzing the future of passwords and the shift in the methods of authenticating your identity. We shall also be analyzing about the various option available to us in case passwords are proved to be ineffective in the near future. Keep reading:

Are biometrics really that secure?

You may say that biometrics are the most secure way of authentication. However, biometrics has its own flaws, sometimes, even more dangerous than those in the textual passwords. Biometrics involve various methods like retina scan, finger-print scans, facial recognition. All these methods have their own merits and flaws. However, thinking them of being flawless is an overstatement which can cost you dearly.

Consider the following situation: You are “under the influence” of drugs or alcohol. Someone knowingly/forcefully puts your thumb on the finger-print sensors and steals your data.

What do you do in such a situation? Can you change your biological information? Someone said it right, that “I can change my password, but I can’t change my eyeballs!” Further, there are chances of such biometric data being stolen from the server of such companies storing such data and reverse engineered to create another set of biometric credentials to hack into your system.

What might be the future?

There are already several features in the present world which is a reflection of what is to come in the near future. There are Bluetooth bands around your arms to unlock your phone, or gadgets that follow your voice commands. Apart from these, your behavioral patterns may also be used in the future to authenticate yourself. Given below are a list of behavioral pattern which could be used for authentication purposes:

·         Characteristics of speech

“Voiceprints” will not be enough. Voiceprints will be supplemented with additional information like accent, emotional state, cadence, which will form a part of a strong password.

·         Blinking

MasterCard has already implemented the Identity Check system whereby you can use a selfie to authenticate yourself. In addition to selfies, the check also requires you to blink.  The blink patterns may prove to be a key factor in differentiating between the true user and an imposter.

·         Walking

You walking pattern might also add a layer of security. You speed, or gait will provide your devices with sufficient information to determine the authenticity of the owner.

From the above discussion, it becomes very clear that passwords and biometrics are not secure enough in today’s online world. There, definitely, is a need for a stronger authentication method which has no or little loopholes. There is a need to add another layer to the biometrics to beef up the security.

In the near future, we might see a combination of biometric authenticators and other methods to enable swift and secure authentication into our devices.  Hopefully, this will be done soon and in an efficient manner so that chances of being compromised remains minimal.

Leave a comment

Posted in Cyber Security, Encryption, Hacking, Security, Technology

Tagged ,

Who is responsible for your cloud application breach?

Posted on April 15, 2016 | Leave a comment

Cloud_Security

Cloud application security has been a big concern of lately due to several data breaches occurring in the cloud services such as the icloud hack, Target, Home Depot, United States internal Revenue system. Therefore the security of application poses a question as where does the responsibility of the application security lie?
Is it with the vendor or the company or person availing the services? The answer goes both sides, as the security aspect of the server side is only covered by the vendor of the cloud application services the client side still needs the security which is mostly overlooked by the people or the companies.
The client side application security is of utmost importance as only the server side security is not enough to protect the application from security breaches.
The different kind of security threats which pose a great danger to the cloud application security are as follows:

Data breaches

  • Account Hijacking
  • Compromised credentials
  • Permanent Data loss
  • Shared Technologies
  • Cloud service abuse
  • Hacked Interface and API

Data Breaches

This is one of the biggest threat to the cloud services because of the vast amount of data stored on the cloud servers. The sensitivity of the data can be imagined easily, as the cloud is storing the financial details as well as personal details of millions of people. And if this vast amount of data is breached in any case it will cause a downfall of the company and also a threat to the lives of people who have been exposed due to the breach.

 Account Hijacking

This attack has been there for a quite long time, it includes Fraud, Phishing, Software Exploits etc. Using these kind of attacks, the cloud services can be compromised and can lead to launching of other attacks, changing the settings of account, manipulate transactions, uploading malwares and illegal contents.

 Compromised Credentials

The credentials are compromised generally due to weak passwords, casual authentication, poor key or certificate management. Also the identity access management becomes a problem as the user access are sometimes not changed with the job role and responsibilities or when the user leaves the organization.
Embedding credentials and cryptographic keys in source code and leaving them in the online repositories such as GitHub also makes a big vulnerability which can be exploited easily. Aligning the identity with the cloud provider needs an understanding of the security measures taken in account.

 Permanent Data Loss

Malicious hackers have gained access to the cloud services and deleted data permanently in the past affecting the business. Also the cloud data centers are vulnerable to natural disasters which can swipe away the data which has been stored on the cloud.
If the user encrypts the data before uploading to the cloud and loses the key then data is lost. Thus the client side protection of data should be managed and well kept. Permanent data loss can lead to financial crisis and disruption of the working system.

 Shared Technologies

As the cloud service providers share infrastructure, platforms and applications from different sources therefore any reconfiguration or vulnerability in these layers affects the users and can also lead to compromise of the users system as well as the cloud depending upon the potential of the vulnerability.
Thus the security alone at the cloud server side is not only the real issue, Security has to be maintained at a vast level consisting of all the aspects of the cloud environment. The client side also needs to be secured as the attacks also possible from the client side due to low or no security measures.

 Cloud Service Abuse

Cloud applications are breached to gain access to the commanding position in the cloud where the resources can be used for different malicious purposes such as launching a DDOS attacks or sending bulk spams and phishing emails, breaking an encryption key or hosting Malicious content.
This abuse may lead to unavailability of the services or can also lead to loss of data of the users stored on the cloud, therefore it is very much necessary to secure the applications from abuse.

 Hacked Interface and API

To build an application now the developers are using ready to use interfaces and API to make their work simple, but these API’s and Interfaces tend to be the most exposed part of the system as they are available freely on the internet.
Almost every cloud service and application now offer API, IT reams are using these interfaces to interact with the cloud services such as management, provisioning, monitoring etc. Thus the level of threat to the cloud services increases manifold. This requires rigorous code reviews and penetrating testing to secure the application and services.

 Conclusion

As we see that there are a lot of possibilities of breaching your data stored in the cloud due to the importance of data. Therefore your data cannot be secured alone just by the cloud service provider, there is a shear work required from the client side to protect the application and data from the outer security threats. Therefore security audits should be done in order to secure your precious data from threats.

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Public Cloud, Security

Tagged , ,

Ransomware: Lucrative, fast growing, hard to stop

Posted on April 14, 2016 | Leave a comment

103537634-GettyImages-492752888.530x298

The hackers behind recent high-profile ransomware attacks on U.S. hospitals are using business methods that might be familiar to some Silicon Valley start-ups.

Cybercriminal gangs are attacking large markets with rich customers. They offer a product with a clear value proposition (giving you back your seized data) that alleviates a specific pain point (the inability to run your business). They act with agility and stealth enabling them to outwit the competition. They are also scrappy, often bootstrapping their illicit businesses.

“It is an economic business system, it is just perpetrated at a criminal level,” said Matt Devost, CEO of FusionX, a unit of Accenture. “There are a lot of analogies between that and a start-up environment.”

What started as a basic scam — extorting, say, a $300 ransom from a grandmother wanting to get family photos back — has escalated. Last year there was a “reported loss of more than $24 million as a result of ransomware attacks,” according to the FBI, a figure that surely massively underrepresents the scale of the problem due to the unwillingness of many victims to report.

The start-up costs for an illicit ransomware business are minimal. The hackers write their own code or buy ransomware as a service on the black market, often as part of a suite of other products.

Many groups are already operating other cybercriminal businesses, so getting into the ransomware business is just another way of leveraging existing talent and infrastructure. It requires minimal investment, is relatively low risk and the returns are potentially massive.

 

Enterprise victims frequently have no choice but to pay up, since hackers are often able to seize backup data as well, said Denise Anderson, president of the National Health Information Sharing and Analysis Center. “So if they need to stay in business, they are paying it.”

With the recent attacks on U.S. hospitals, the assailants are expanding beyond consumer to enterprise “customers” — their victims — and adjusting pricing accordingly. For example, Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000 in bitcoin in February. Other enterprises are likely paying a lot more than that already, said experts. (The FBI does not condone payment of ransom, an agency official told CNBC.)

Read MoreThe hospital held hostage by hackers

“Last year alone there was a reported loss of more than $24 million as a result of ransomware attacks” -FBI official

“I imagine it will hit into the millions of dollars, if they are able to infect some of the right types of targets in an enterprise environment,” said Devost.

Like smart start-up CEOs, the hackers are testing the market and refining the business model. As the vast majority of attacks are likely settled without going public, more research is needed to figure out just how profitable the business really is, said experts. Unlike the criminal networks, which often share information freely, many of the victims do not.

“The cybercriminals collude when their business model merits it,” said Anderson. “Shame on us for not working together to protect against them.”

 

The most lucrative potential victims have a specific set of characteristics. They hold critical information and infrastructure, have immature and vulnerable security programs and the ability to pay the ransom. Small- to medium-sized U.S. hospitals have proven to be a sweet spot in ransomware because of their often poor security infrastructure as well as the willingness to pay to retrieve patient data, get back online quickly and prevent reputational damage.

“We will see much more successful attacks in other industries,” said Ed Cabrera, vice president of cybersecurity strategy at Trend Micro.

Law firms, which protect confidential and valuable information about their clients, and venture-backed start-ups that have invested in developing intellectual property are two targets criminals may increasingly go after, he said.

“It is an economic business system, it is just perpetrated at a criminal level” -Matt Devost, CEO of FusionX, a unit of Accenture

The black market for high-value trade secrets or intellectual property is a lot more lucrative than the market for personally identifiable information, which is fairly saturated after numerous data breaches, said Devost. It is also a lot riskier, potentially exposing hackers attempting to sell their ill-gotten goods to law enforcement.

Within businesses, it is almost always employees at the top and bottom of the pyramid who represent the best “leads” for attackers. Often, hackers will specifically target C-level executives with high-level access to an entire corporate network, or find success when low-level employees click on something they should not, said Vinny Troia, CEO of cybersecurity consulting firm Night Lion Security.

In a perhaps counterintuitive twist, some ransomware criminals actually want to make their attacks “user friendly” for their victims. Like legitimate businesses, they want to maintain a five-star rating, said experts. Some will offer the opportunity for victims to “try before they buy,” unencrypting a small portion of the files held hostage to prove they can deliver the product — a decryption key to get their files back.

 

They are creating user interfaces with sleeker designs and, in some cases, even providing customer support to make it easier to for victims to pay, said Devost. That makes it easier for even low-level victims — i.e., the grandma who just wants her photos back, and who has never heard of bitcoin — to make a payment.

“To the extent that you have a support apparatus to help your victims pay tells me there is a lot of money being made,” said Cabrera.

On the back end, the hackers continue to innovate to make ransomware more robust, and to stay one step ahead of cybersecurity companies and law enforcement. When the “good guys” discover a decryption key, they often release it to enable victims to decrypt their own data, undercutting the attackers’ business.

An example of how nimble these illicit enterprises are is shown by the rapid product evolution of CryptoWall, first released in 2014. CryptoWall is one of the most widely used forms of ransomware, and has been updated several times to make it stronger, said cybersecurity and threat intelligence firm Webroot in its 2016 Threat Brief.

CryptoWall 3.0 is smarter, more secure and stealthier than previous generations. The malware generates unique encryption keys instead of using one key for all infections, secures the master key itself to prevent unauthorized access, and conceals the location of the servers containing the decryption keys and payment mechanisms, among other things.

“In late 2015, CryptoWall 4.0 was released, with numerous enhancements to help sidestep security software,” said Webroot.

 

The next evolution of CryptoWall will likely more aggressively try to encrypt attached network storage devices, Devost said.

The software is largely operated by criminal gangs, many with ties to organized crime, often located in Eastern Europe and Russia.

“Whenever it comes to malware that is written with the focus of strictly making more of a profit, it has typically come out of that region of the world,” said Brian Calkin, vice president of operations at the Center for Internet Security.

For example, the architect believed to be behind CryptoLocker, Evgeniy Mikhaylovich Bogachev, remains at large, and is suspected to be in Russia. “Many of the most sophisticated cybercriminal actors are located in jurisdictions that do not cooperate directly with the United States,” said the U.S. Department of Justice on March 4 in response to an inquiry by Sen. Tom Carper (D-Del.) about the challenges in bringing the suspected criminals behind these types of ransomware attacks to justice.

“If all individuals and businesses backed up their files, ransomware that relies on encrypting user files would not be as profitable a business for cybercriminal actors,” said the DOJ.

The business of backing up data is also booming thanks in part to the recent high-profile ransomware attacks, with cybersecurity companies crowding the market. For example, Code42 provides a backup and real-time recovery solution. The company counts 37,000 organizations — including Lockheed Martin, Mayo Clinic and Kohl’s — as customers.

“If you had our solution you certainly would not have to pay for ransomware,” said Rick Orloff, chief security officer at Code42. “The flip side of the coin is, here is a thousand types of vulnerabilities, do you want to pay to be protected from all of them?”

“Companies need to align around what types of attacks do they want protection from,” he said.

Leave a comment

Posted in Cyber Security, Data Breach, Encryption, Hacking, Malware

Tagged ,

Ponemon Institute Reports Healthcare Data Under Attack by Criminals.

Posted on April 11, 2016 | Leave a comment

Linux
Results from the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data have confirmed what many in the healthcare industry had suspected and even feared: 65% of the healthcare organizations participating in the study had experienced electronic information-based security incidents over the past two years. In addition, some 87% of third-party vendors, identified by HIPAA as Business Associates (BAs), reported a data breach in the last two years.

More disturbing is the revelation that for the first time in the history of the study, criminal attacks are the number one cause of data breaches in healthcare. The number of criminal attacks on healthcare organizations and business associates has increased 125% compared to five years ago. According to the study, more than 90% of the healthcare organizations taking part had experienced a data breach, and 40% of the respondents had experienced more than five data breaches over the past two years.

No healthcare organization, no matter its size, is impervious to these attacks. And they are certainly not immune to the side effects of a breach.

The rapid growth of data breaches in the healthcare industry is putting health information at risk at an alarming rate. Moreover, it’s expensive—for all concerned. According to the Ponemon Institute study, “…the average cost of a data breach for healthcare organizations is estimated to be more than $2.1 million…the average cost of a data breach to BAs represented in this research is more than $1 million.”

The study’s findings also reveal that 45% of the healthcare organizations surveyed reported the occurrence of a Cyberattack indicated the source of the attack was criminal, while 12% cited the work of malicious insiders. 39% of the BAs reported breaches caused by criminal attackers while 10% attributed the attacks to malicious insiders.

The study described an increase in Web-borne malware attacks, citing 78% of the healthcare organizations surveyed as having experienced security incidents caused by malware; 82% of BAs had suffered security incidents attributed to malware.

Perhaps one of the most shocking data points reported is that in spite of the increased criminal activity and the rapidly evolving threat environment, the majority of healthcare organizations indicated implementing no changes to what they’re doing or how they’re doing it. Only 40% of healthcare organizations and 39% of BAs surveyed expressed concern about cyberattacks.

Other Findings Giving Cause for Increased Cyber security Measures

Policies and Procedures in Place

The survey results clearly illustrate the reality that healthcare organizations and the BAs with whom they work need to invest more in technologies that allow them to respond quickly to data breaches. While 58% of healthcare organizations responding agreed that they have policies and procedures in place that allow them to detect a data breach quickly and efficiently, fewer than half believe they have sufficient technologies in place to do so — and only 33% were confident they have the resources needed to prevent or quickly detect a data breach. Responses of BAs participating in the survey fell along similar lines. 50% of business associates responding stated that they have the policies and procedures in place to prevent or detect a security incident, while fewer than half believe they have sufficient technologies. Lastly, only 41% of BAs stated that they have adequate resources to be able to identify and repair data breaches.

Top Concerns of Respondents

The research also revealed interesting insights relating to the top concerns of survey respondents. While the number of criminal attacks on healthcare organizations and business associates has increased 125% compared to five years ago (and 45% of the organizations surveyed traced data breaches to criminal activity) only 40% of the respondents were most concerned about Cyberattacks as a security threat. BAs were even less immediately worried with only 35% citing Cyberattacks as a top concern. Here’s an overview of what they reported being most concerned about:

Source: The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data

The security threats BAs worry about most:

Source: The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data

How Attacks Are Discovered

Among other key findings detailed in the Poneman report are the statistics relating to how health organizations have uncovered the security attacks. 69% learned of a data breach through an audit or assessment, while 44 % were discovered by an employee. 30% of data breaches were reported by patients, 23% were uncovered accidentally, and 18%came from a legal complaint. Law enforcement was responsible for 6 % of the discoveries and loss prevention teams for 5%.

Source: The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data  

Business associates reported different statistics, with 60% of data breaches reported as being uncovered by employees and 49% discovered as a result of audit or assessment. BAs said 33% were found accidentally, 21% through a legal complaint, 17% from a patient complaint, 13% from loss prevention teams, and 12% by law enforcement.

Source: The Ponemon Institute’s Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data

Conclusion

The findings of the Ponemon Institute survey paint an alarming picture: the healthcare industry, which manages vast amounts of personal data, is under attack by criminal elements and jeopardized by employee negligence, as well as the actions of malicious insiders. The number of data breaches is growing exponentially, and both healthcare organizations, and the business associates who serve them lack sufficient technologies, resources, and processes to ensure data is kept secure.

The report details a slow but steady increase in technologies used by both healthcare organizations and their business associates to detect and mitigate the impact of cybersecurity threats, but concludes that the pace of the investments in both technologies and security expertise is not sufficient at this time.

In conclusion, the Ponemon Institute calls for intensive employee training and awareness programs, ramped up investments in technologies and security expertise, and a broad application of innovative solutions to the industry to improve the current status of the privacy and security of the nation’s healthcare data.

 

Leave a comment

Posted in Big Data, Cyber Security, Data Breach, Encryption, Healthcare

Tagged , ,