One In Five Brits Victims of Cybercrime in 2015

A Deloitte survey claims that around one-fifth of UK computer users have been hit by cybercrime in 2015, according to Tech Week. The survey shows that 21% of people polled experienced instances of personal data theft, either directly or via website security breaches, and had their bank accounts used to pay for goods and services.

39% fell victim to malware, with personal information being either stolen or deleted – a steep rise from 26% in 2013 – with 41% feeling that they have been directly targeted by cyber criminals in some form.

The rise in recent high-profile cyberattacks, though, seems to have raised awareness amongst computer users, encouraging greater vigilance in regard to personal security. 73% responded that they would reconsider using a company that failed to keep its data safe. However, 72% said that they believed it was the responsibility of companies to provide users with the appropriate tools to protect themselves online.

“The volume and value of data available online means that consumers are now more exposed than ever before,” Simon Borwick, Director of Cyber Risk Services team at Deloitte said.

“The rapid rise in e-commerce, both at a B2C and B2B level, has increased the amount of transactional data at risk of abuse. Consumer-facing businesses, particularly those that hold a lot of data, are particularly attractive targets for cyber criminals and fraudsters looking to profit from stealing personal information,” he added.

“Many organisations are struggling to prepare themselves to deal with the wide range of different cyber-attacks. Cyber security has moved beyond simply being an IT issue; it is now a business-wide risk which requires immediate attention at the highest level.”

DDOS Attacks Reach Record Numbers in Q2 2015

The State of the Internet report from Akamai has revealed an alarming statistic concerning the prevalence of DDOS attacks. Shockingly, there was a 7 percent increase compared to the last quarter and up 132 percent from the same time last year. More worryingly, Q2 2015 contained, 12 “mega attacks” which features a peak of 1,000 gigabits per second and 50 million packets per second. One example lasted a total of 13 hours at 240 Gbps whilst most attacks revolve around a time period of 2-3 hours.

Interestingly, the data pinpoints the main source of DDOS attacks to China followed by the USA. Attackers are prioritizing their focus on online gaming networks and trying to cause utter destruction. More specifically, 35 percent of DDOS victims experienced attacks whilst using a gaming network such as Xbox Live. John Summers, VP of the Cloud Security Business Unit at Akamai said,

“The threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter,”

“Malicious actors are continually changing the game by switching tactics, seeking out new vulnerabilities and even bringing back old techniques that were considered outdated.”

Any DDOS attack is difficult to contest with and they’re starting to become an epidemic. Some websites are hit for political reasons, and others appear to be from vindictive people wanting to leave their mark. Whatever the motive, DDOS attacks are on the rise and a major problem for internet users.

Thank you Digital Trends for providing us with this information.

Lizard Squad Hacker Convicted of 50,000 Counts of Computer Crime

A Finnish hacker, and member of the notorious Lizard Squad, has been found guilty of 50,700 charges of hacking, according to the nation’s newspaper, Kaleva. The hacker, 17-year-old Julius “zeekill” Kivimaki, was given a 2-year suspended sentence, meaning he will avoid prison on the proviso that help “to fight against cybercrime”. Any failure to meet this condition will see Kivimaki serve his 2-year sentence in prison.

Kivimaki was charged with crimes related to data breaches, felony payment fraud, telecommunication harassments, plus a number of other computer fraud and violation of privacy crimes. He was identified as a member of Lizard Squad – the perpetrators of the Xbox Live and PlayStation Network DDoS attacks last Christmas – by cybersecurity journalist Brian Krebs late last year. Shortly after, Kivimaki conducted an interview with Sky News, using the alias “Ryan”, to discuss the Xbox and PlayStation DDoS attacks.

One of Kivimaki’s victims, Blair Strater, has been left “utterly disgusted” by the court ruling, feeling that the sentence is far too lenient. Strater was a regular victim of the practice known as “swatting” – fake calls to US law enforcement that result in a SWAT team being dispatched to an address – at the hands of Kivimaki.

“I’ve lost complete faith in the justice system, and that includes the FBI. He’s harmed American targets and the FBI should have stepped in by now,” said Strater. “The reality is, Julius Kivimaki will never be made to pay for his crimes.”

Thank you The Daily Dot for providing us with this information.

Sony Reportedly ‘Spooked’ It Could Be Victimized by Cyberattack Again

Sony Pictures Entertainment is still trying to recover from a major data breach that saw several movies leaked online, personal employee data stolen, and confidential emails published for the world to see.

It looks like the company is worried it could be victimized again after the scheduled Christmas release of “The Interview,” which features Seth Rogen and James Franco. Considering the FBI noted that 90 percent of companies would likely fall victim to the same type of attack, it will be curious to see if Sony is able to quickly improve its defenses.

“They are spooked,” according to an anonymous government source, when speaking of Sony’s recent experiences following the data breach. The Department of Justice’s National Security Division is investigating the breach, indicating the federal government wants to verify if a foreign state government could be involved.

The FBI hasn’t been able to determine what hacker group is behind the breach, while a group called the “Guardians of Peace” claimed credit. Alleged ties to North Korea, which haven’t been verified, continue to seem like a possible source involved in the attack.

(Image courtesy of The Huffington Post)

UK National Crime Agency Arrests Five in Cybercrime Sweep, While Threats Continue

As part of an international operation targeting cybercriminals using remote access tools (RATs) to hijack computers, five people were arrested in the UK. There is an international effort to promote cybersecurity for both consumers and businesses, along with trying to crack down against cybercriminals.

The National Crime Agency (NCA) arrested the five suspects on Nov. 19 and Nov. 20, with a 20-year-old, one 30-year-old, two 33-year-olds, and a 40-year-old suspect detained in the national sweep.

Here is what Andy Archibald, director of the NCA’s National Cyber Crime Unit, said (via press statement):

“This operation demonstrates once again that all of UK law enforcement is working to respond effectively to cyber crime, and together we will continue to collaboratively target those who use technology to misuse other people’s devices, steal their money, or unlawfully access confidential information. Anyone who is tempted to get involved in this type of crime should understand that it can result in prison time, and substantial restrictions on your life afterwards.”

The first layer of protection against installing RAT software, and malware, is to be careful when clicking on links and attachments in emails – or while browsing the Internet. However, cyberattacks are increasing in sophistication, as the criminals behind these operations perfect their craft, with serious money available to them when successful.

Peter Goodman, from the East Midlands Deputy Chief Constable, had this to say:

“Cybercriminals are using very sophisticated technology to breach online security systems and to conceal their digital tracks. However, the police forces in the UK and overseas have the expertise to identify and disrupt those who are determined to access computers in order to steal data or to commit serious offences, wherever they are in the world.”

(Thank you to the NCA for providing us with this information. Image courtesy of NCA Twitter)

JPMorgan Customers Target in Huge Phishing Campaign

JPMorgan, the No. 1 U.S. bank by assets, has confirmed that spammers have launched a phishing campaign targeting its customers. The spam-campaign is dubbed Smash and Grab and was launched on Tuesday by an unknown group. It however bears the resemblance of Eastern European cybercrime gangs and most of the infrastructure used in the campaign is located in Russia and Ukraine.

“It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.

Most of the spam was stopped by filters in place by the large providers, but some will always manage to get through. And the phishing mail looks very realistic as it uses original email parts to fake it. The attack is somewhat unusual as it doesn’t just try to grab the credentials of unknowing users, it also tries to infect the PC’s with malware at the same time.

Users who click on the included malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they do not comply with this request, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc.

Proofpoint saw about 150,000 emails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, said Proofpoint’s VP of Threat Research Mike Horn.

The firm manages over 100 million email accounts. Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others.

Thank you Reuters for providing us with this information.

Image courtesy of Reuters.

UK National Crime Agency Disrupts ‘Shylock’ Malware

Distribution of the “Shylock” malware has been disrupted by the UK National Crime Agency (NCA), in an effort to prevent a growing number of users from being compromised.

The Shylock malware reportedly infected more than 30,000 PCs across the world, with a specific focus on targeting bank accounts of UK residents.  Shylock, which included Shakespeare’s The Merchant of Venice passages hidden within its code, targeted PCs running Microsoft Windows.

The NCA confiscated servers responsible for distributing the malware – and the malware was able to steal banking login credentials.  Shylock could also capture data entered on select websites, and then upload it back to its home servers.

Here is what Andy Archibald, NCA’s National Cyber Crime Unit deputy director, said in a statement announcing the police operation:

“This phase of activity is intended to have a significant effect on the Shylock infrastructure and demonstrates how we are using partnerships across sectors and across national boundaries to cut cybercrime impacting the UK.  We continue to urge everybody to ensure their operating systems and security software are up to date.”

At the very least, security experts recommend users update their PCs and mobile OSes with the latest security updates, along with running anti-virus and anti-malware software.  Also, end-users need to be aware of clever phishing attacks using social engineering to trick them into clicking fraudulent links or downloading malicious programs.

Thank you to The Guardian for providing us with this information

Image courtesy of Getty Images

‘Copyright Infringement’ Notice With Trojan Software Hits 30,000 Users

Cybercriminals are targeting users with an email that looks like a copyright warning from popular music and movie studios, but instead has an attached Trojan designed to infect users.

It might look like an email from music labels Sony or EMI – or movie studios Paramount and Dreamworks – but it’s not a legitimate email.  Instead, Internet users in Germany are being targeted by emails that demand payment within 48 hours.

The final line of the email reads: “For details see the attached document XXXXXXXXX.zip” – and features an attachment that compromises users and steals personal information.

Interestingly, the criminals use a rather unique social engineering technique, including contact information of legitimate law firms.  Typically phishing emails are completely made up and do not have real contact information, though this has led to one law firm, Sasse & Partner, to release a statement that it is not involved with these emails.

Attorney Christian Solmecke had this to say:

“It is very likely that the zip file contains a virus, designed to spy on credit card and account information.  The floodgates would then be opened to online banking fraud and identity theft.  For this reason, all users that have opened the ZIP file attachment should check their PC immediately with a virus scanner and install the security updates for their anti-virus software.”

Thank you to Torrent Freak for providing us with this information

Israeli Defense Force Recently Hacked By The Syrian Electronic Army

The official Israeli Defense Force (IDF) Twitter account was recently hacked by the Syrian Electronic Army (SEA), saying there was a possible nuclear leak.

It’s a clever tactic to try to embarrass the IDF, but this latest round was more of a headache and annoyance than anything else. Not surprisingly, the Tweets were quickly deleted, but included messages such as:

“#WARNING: Possible nuclear leak in the region after 2 rockets hit Dimona nuclear facility.”

The SEA confirmed its actions:

SEA and other hacker groups that target IDF – and official Western social media accounts – like to try to spread panic or mock the hacking victims. The IDF pledged to fight cyberterrorism, but may find it difficult if hackers are not within reach of criminal prosecution.

Recently, the IDF conducted coordinated airstrikes against targets in the Gaza Strip, targeting militants following the kidnapping and murder of three young Israelis.

Thank you to RT for providing us with this information

Image courtesy of SEA

Cybersecurity Insider Threats Dangerous and Difficult to Defend Against


Cybersecurity experts are finding it difficult to keep hackers out of their networks, but the risk of insider threats continues to cause headaches.  It’s a troubling epidemic because most system and network security systems are designed to keep outsiders from breaching current infrastructure.

To make matters worse, 75 percent of insider crimes are underreported and don’t typically lead to prosecution – a troubling fact that insider threats normally cost more to combat, according to a US State of Cybercrime study published earlier in the year.

There will be a major effort to try to limit insider threats, with better monitoring services to better track what is being accessed.

Here is what Ron Ross, National Institute of Standards and Technology information risk management leader in “Security Agenda”:

“We talk about the geeks inheriting the world.  You got the system admins sitting on top of a treasure trove of gigabytes of classified information and they really have a lot of power out there.  And, it’s going to be really important that we take extraordinary measures where those assets are very critical to make sure one person can’t bring down the entire organization.”

The risk of insider threats is more prominent for governments, financial institutions, and critical infrastructure, security researchers say.  Stolen information is highly valuable on the black market, with cybercriminals interested in selling and trading data.

Thank you to the Information Security Media Group for providing us with information

Image courtesy of Blogs Absolute

Yahoo Malware Attack Reportedly More Far-Reaching Than Previously Thought

Yahoo has reported a while back that on January the 3rd, their website has been infected with ad-related malware content. The FoxIT security company reported that the UK, France and Romania were the countries who suffered heavily due to this attack, but further details prove more to it.

First of all, Yahoo stated this Friday that the attack took palace between December 27th and January 3rd, not only on January the 3rd as previously thought. This widens the window of malware infection, and also confirms the fact that more than 2 million PCs may have been infected. Also, Yahoo said that people outside Europe may have been hit by the infected ads before they could do something about it. Anyone using the Yahoo Mail or IM services during that time frame may have been served malware which exploits vulnerabilities in Java and had installed a variety of malware-related software.

Another security company based in the United States called Light Cyber said that one of the malware present in Yahoo’s ad network was designed to link infected PCs and form a Bitcoin mining operation. Other exploits involve theft of usernames and passwords, disabling antivirus software and remote control of computers. To be noted is that Mac computers or mobile devices were not harmed by the software, only PCs, laptops and netbooks running on Windows-based operating systems were vulnerable to the attack.

Yahoo has released some precautionary steps to take in order to prevent and detect further infection by the malware in cause:

Thank you Cnet for providing us with this information