Weekly Security Roundup #25: More malware, more problems
Malware is one of the biggest problems in today’s cyber security landscape, but it’s not the only one.
We believe that a necessary shift is coming in the way we, as an industry, approach cyber security threats. Since the number and sophistication of cyber attacks is becoming increasingly difficult to counteract, we need to get to the root of the problem. Just as cyber criminals manipulate their victims, we need to better understand their methods and fight back.
Today’s roundup provides some useful insights for your data’s safety online, and so does our guide on how to prevent identity theft. Moreover, you should immediately uninstall Webpage Screenshot from your Chrome browser if you have it, because it turns out that it leaks private data for its 1.2 million users. And if you’re a cyber security professional or want to upgrade your knowledge, we made a list of 44 cyber security conferences that could cater to your various interests.
Security articles of the week
1. Lower barriers to entry and low costs for exploit kits are fostering the aggressive multiplication of malware writers
Do you have the feeling that the number of cyber attacks using malware is increasing? Then you are right! It’s not just the media conveying this image. In fact, online and offline media barely scrape the surface when it comes to the number of cyber attacks happening all over the world. Why is malware spreading this fast? Here are some of the reasons, according to Bob Hansmann, director at Websense.
It’s become much easier for criminals with no technical background to launch sophisticated and profitable cyberattacks with little or no physical risk and relatively low odds of getting caught. […] These guys aren’t creating brand-new infrastructure,” he said. “‘I’ll rent this, I’ll rent that, and I’ll tweak just this one thing… So even extremely new rookie-type threat actors can now put together very sophisticated, hard-to-detect attacks.
Malware, insider and outsider threats, BYOD management and advanced persistent threats are listed as the main causes for company data breaches, a recent survey shows. You might think that there’s nothing new about this, but pay close attention to the evolution of BYOD management and BYOD policies, and also to cloud based services and apps. Information protection and control is a top priority for IT professionals, according to this study, so a profound shift is happening, moving the emphasis from device security to data security.
This an experiment worth reading about, to better understand how the underground markets of the web work. Here’s what BitGlass did:
They dropped the file on DropBox, as well as on seven infamous black market sites including Onion-pastebin and Paste-slampeech, and watched its journey across five continents, North America, Asia, Europe, Africa, and South America. In the end, it was downloaded by 47 different parties. It was mainly grabbed by users in Nigeria, Russia, and Brazil, with the most activity coming from Nigeria and Russia.
We recommend reading the entire article for context and conclusions.
Understanding how cyber criminals work is imperative for any business nowadays, no matter how big or small. This is fundamental for any security strategy, because just getting protection against the tools that cyber criminals use is not nearly enough. Here’s an example from this article we recommend reading thoroughly:
In fact, malware is responsible for only 40 percent of breaches and external attackers are increasingly leveraging malware-free intrusion approaches in order to blend in and fly under the radar by assuming insider credentials within victim organizations. The nature of the game now is persistence and gaining long-term access to the enterprise.
Manipulation and knowing their target is what makes cyber criminals very dangerous. Take the case of the latest warning issued for Steam users: hackers are trying to infect video game fans with malicious downloads, knowing that they’ll want to test the newest products on the market. For a growing community, such as Steam, attacks are bound to multiply, so keep an eye out for similar situations.
While U.S. consumers are split closely between owning Android and iOS devices, the rest of the world is almost entirely dominated by Android devices. Without proper security measures and cyber security education, Android users are exposed to serious threats. Here are two key take away from this article worth reading:
The Pulse Secure Mobile Threat Center found that nearly one million (931,620) unique malicious applications were produced last year as criminals look to boost profits amid an escalating number of devices. The firm logged 1,268 known families of Android malware, which is an increase of 464 from 2013 and 1,030 from 2012.
Going “off-grid” from authorized app stores is a continuing issue as well, the report found. The overwhelming majority of Android malware is being developed and distributed in unregulated third-party app stores in the Middle East and Asia, while Google Play contains just .01% of malicious apps.
And it’s something worth watching indeed.
The Computer Misuse Act 1990 is an Act of the Parliament of the United Kingdom, “introduced partly in response to the decision in R v Gold & Schifreen (1988) 1 AC 1063”, according to Wikipedia. Robert Schifreen and Stephen Gold were two hackers who gained unauthorized access to British Telecom’s Prestel interactive viewdata service and even to Prince Philip’s personal inbox in the mid ’80s.
The act faced some critique, and it seems that it’s not able to cope with today’s cyber security challenges:
The Daily Mirror reports that although 100,000 cybercrimes are being committed each year, only 183 defendants were taken to court over cybercrimes between 1990 and 2006, and just 134 of those were found guilty under the Computer Misuse Act.
Things are speeding up in recent years. Between 2007 and 2013, there were 156 prosecutions, of which 128 led to convictions, but this is still not even approaching the numbers said to be involved in cybercrime in Britain each year. The Mirror reports that The National Fraud Intelligence Bureau estimates £670 million (just over $1 billion) was lost to “the 10 most common online frauds” between September 2013 and August 2014.
The news about Heartbleed, the bug within OpenSSL, traveled the world last year and alerted users that their data might have been compromised. But not even a scare this big can seem to persuade companies that they need to do a thorough cleanup and strengthen their defenses.
As of this month, most Global 2000 organizations have “failed to completely remediate Heartbleed,” according to a report from Venafi Labs.
This simple security precaution is almost never used, but could actually save you a lot of trouble. While using your computer, just create another user and don’t use the admin account. This can be a useful tool for IT teams and individual users alike. And it’s extremely necessary, if you take a look at the numbers below:
Almost every critical vulnerability in Microsoft software published in 2014 could have been mitigated simply by removing admin rights from users, UK security firm Avecto has calculated after studying Patch Tuesday advisories for the year. […] Breaking this down, admin rights were necessary to exploit 97 percent of Windows OS flaws, 99.5 percent of those in Internet Explorer, and 95 percent of those in Office.
What else have you seen in your newsfeed that made you want to learn more about information security this week?