A Deloitte survey claims that around one-fifth of UK computer users have been hit by cybercrime in 2015, according to Tech Week. The survey shows that 21% of people polled experienced instances of personal data theft, either directly or via website security breaches, and had their bank accounts used to pay for goods and services.
39% fell victim to malware, with personal information being either stolen or deleted – a steep rise from 26% in 2013 – with 41% feeling that they have been directly targeted by cyber criminals in some form.
The rise in recent high-profile cyberattacks, though, seems to have raised awareness amongst computer users, encouraging greater vigilance in regard to personal security. 73% responded that they would reconsider using a company that failed to keep its data safe. However, 72% said that they believed it was the responsibility of companies to provide users with the appropriate tools to protect themselves online.
“The volume and value of data available online means that consumers are now more exposed than ever before,” Simon Borwick, Director of Cyber Risk Services team at Deloitte said.
“The rapid rise in e-commerce, both at a B2C and B2B level, has increased the amount of transactional data at risk of abuse. Consumer-facing businesses, particularly those that hold a lot of data, are particularly attractive targets for cyber criminals and fraudsters looking to profit from stealing personal information,” he added.
“Many organisations are struggling to prepare themselves to deal with the wide range of different cyber-attacks. Cyber security has moved beyond simply being an IT issue; it is now a business-wide risk which requires immediate attention at the highest level.”
The State of the Internet report from Akamai has revealed an alarming statistic concerning the prevalence of DDOS attacks. Shockingly, there was a 7 percent increase compared to the last quarter and up 132 percent from the same time last year. More worryingly, Q2 2015 contained, 12 “mega attacks” which features a peak of 1,000 gigabits per second and 50 million packets per second. One example lasted a total of 13 hours at 240 Gbps whilst most attacks revolve around a time period of 2-3 hours.
Interestingly, the data pinpoints the main source of DDOS attacks to China followed by the USA. Attackers are prioritizing their focus on online gaming networks and trying to cause utter destruction. More specifically, 35 percent of DDOS victims experienced attacks whilst using a gaming network such as Xbox Live. John Summers, VP of the Cloud Security Business Unit at Akamai said,
“The threat posed by distributed denial of service (DDoS) and web application attacks continues to grow each quarter,”
“Malicious actors are continually changing the game by switching tactics, seeking out new vulnerabilities and even bringing back old techniques that were considered outdated.”
Any DDOS attack is difficult to contest with and they’re starting to become an epidemic. Some websites are hit for political reasons, and others appear to be from vindictive people wanting to leave their mark. Whatever the motive, DDOS attacks are on the rise and a major problem for internet users.
A Finnish hacker, and member of the notorious Lizard Squad, has been found guilty of 50,700 charges of hacking, according to the nation’s newspaper, Kaleva. The hacker, 17-year-old Julius “zeekill” Kivimaki, was given a 2-year suspended sentence, meaning he will avoid prison on the proviso that help “to fight against cybercrime”. Any failure to meet this condition will see Kivimaki serve his 2-year sentence in prison.
Kivimaki was charged with crimes related to data breaches, felony payment fraud, telecommunication harassments, plus a number of other computer fraud and violation of privacy crimes. He was identified as a member of Lizard Squad – the perpetrators of the Xbox Live and PlayStation Network DDoS attacks last Christmas – by cybersecurity journalist Brian Krebs late last year. Shortly after, Kivimaki conducted an interview with Sky News, using the alias “Ryan”, to discuss the Xbox and PlayStation DDoS attacks.
One of Kivimaki’s victims, Blair Strater, has been left “utterly disgusted” by the court ruling, feeling that the sentence is far too lenient. Strater was a regular victim of the practice known as “swatting” – fake calls to US law enforcement that result in a SWAT team being dispatched to an address – at the hands of Kivimaki.
“I’ve lost complete faith in the justice system, and that includes the FBI. He’s harmed American targets and the FBI should have stepped in by now,” said Strater. “The reality is, Julius Kivimaki will never be made to pay for his crimes.”
Sony Pictures Entertainment is still trying to recover from a major data breach that saw several movies leaked online, personal employee data stolen, and confidential emails published for the world to see.
It looks like the company is worried it could be victimized again after the scheduled Christmas release of “The Interview,” which features Seth Rogen and James Franco. Considering the FBI noted that 90 percent of companies would likely fall victim to the same type of attack, it will be curious to see if Sony is able to quickly improve its defenses.
“They are spooked,” according to an anonymous government source, when speaking of Sony’s recent experiences following the data breach. The Department of Justice’s National Security Division is investigating the breach, indicating the federal government wants to verify if a foreign state government could be involved.
The FBI hasn’t been able to determine what hacker group is behind the breach, while a group called the “Guardians of Peace” claimed credit. Alleged ties to North Korea, which haven’t been verified, continue to seem like a possible source involved in the attack.
As part of an international operation targeting cybercriminals using remote access tools (RATs) to hijack computers, five people were arrested in the UK. There is an international effort to promote cybersecurity for both consumers and businesses, along with trying to crack down against cybercriminals.
The National Crime Agency (NCA) arrested the five suspects on Nov. 19 and Nov. 20, with a 20-year-old, one 30-year-old, two 33-year-olds, and a 40-year-old suspect detained in the national sweep.
Here is what Andy Archibald, director of the NCA’s National Cyber Crime Unit, said (via press statement):
“This operation demonstrates once again that all of UK law enforcement is working to respond effectively to cyber crime, and together we will continue to collaboratively target those who use technology to misuse other people’s devices, steal their money, or unlawfully access confidential information. Anyone who is tempted to get involved in this type of crime should understand that it can result in prison time, and substantial restrictions on your life afterwards.”
The first layer of protection against installing RAT software, and malware, is to be careful when clicking on links and attachments in emails – or while browsing the Internet. However, cyberattacks are increasing in sophistication, as the criminals behind these operations perfect their craft, with serious money available to them when successful.
Peter Goodman, from the East Midlands Deputy Chief Constable, had this to say:
“Cybercriminals are using very sophisticated technology to breach online security systems and to conceal their digital tracks. However, the police forces in the UK and overseas have the expertise to identify and disrupt those who are determined to access computers in order to steal data or to commit serious offences, wherever they are in the world.”
(Thank you to the NCA for providing us with this information. Image courtesy of NCA Twitter)
JPMorgan, the No. 1 U.S. bank by assets, has confirmed that spammers have launched a phishing campaign targeting its customers. The spam-campaign is dubbed Smash and Grab and was launched on Tuesday by an unknown group. It however bears the resemblance of Eastern European cybercrime gangs and most of the infrastructure used in the campaign is located in Russia and Ukraine.
“It looks like they sent it out to lots of people in hopes that some of them might be JPMorgan Chase customers,” said bank spokeswoman Trish Wexler.
Most of the spam was stopped by filters in place by the large providers, but some will always manage to get through. And the phishing mail looks very realistic as it uses original email parts to fake it. The attack is somewhat unusual as it doesn’t just try to grab the credentials of unknowing users, it also tries to infect the PC’s with malware at the same time.
Users who click on the included malicious link are asked to enter credentials for accessing accounts with JPMorgan. Even if they do not comply with this request, the site attempts to automatically install the Dyre banking Trojan on their PCs, according to Proofpoint. Dyre is a recently discovered piece of malware that seeks credentials from customers of Bank of America Corp, Citigroup Inc and the Royal Bank of Scotland Group Plc.
Proofpoint saw about 150,000 emails from the group on Tuesday, the first day it noticed the campaign among its customers in the Fortune 500 and higher education. That makes it a moderately large campaign, but the largest attempts involve sending more than 1 million pieces of spam over a few days to Proofpoint clients, said Proofpoint’s VP of Threat Research Mike Horn.
The firm manages over 100 million email accounts. Horn said that Proofpoint quickly identified the spam and was able to stop it from infecting its customers, but was not sure how effective it was at infecting others.
Thank you Reutersfor providing us with this information.
Distribution of the “Shylock” malware has been disrupted by the UK National Crime Agency (NCA), in an effort to prevent a growing number of users from being compromised.
The Shylock malware reportedly infected more than 30,000 PCs across the world, with a specific focus on targeting bank accounts of UK residents. Shylock, which included Shakespeare’s The Merchant of Venice passages hidden within its code, targeted PCs running Microsoft Windows.
The NCA confiscated servers responsible for distributing the malware – and the malware was able to steal banking login credentials. Shylock could also capture data entered on select websites, and then upload it back to its home servers.
Here is what Andy Archibald, NCA’s National Cyber Crime Unit deputy director, said in a statement announcing the police operation:
“This phase of activity is intended to have a significant effect on the Shylock infrastructure and demonstrates how we are using partnerships across sectors and across national boundaries to cut cybercrime impacting the UK. We continue to urge everybody to ensure their operating systems and security software are up to date.”
At the very least, security experts recommend users update their PCs and mobile OSes with the latest security updates, along with running anti-virus and anti-malware software. Also, end-users need to be aware of clever phishing attacks using social engineering to trick them into clicking fraudulent links or downloading malicious programs.
Thank you to The Guardian for providing us with this information
Cybercriminals are targeting users with an email that looks like a copyright warning from popular music and movie studios, but instead has an attached Trojan designed to infect users.
It might look like an email from music labels Sony or EMI – or movie studios Paramount and Dreamworks – but it’s not a legitimate email. Instead, Internet users in Germany are being targeted by emails that demand payment within 48 hours.
The final line of the email reads: “For details see the attached document XXXXXXXXX.zip” – and features an attachment that compromises users and steals personal information.
Interestingly, the criminals use a rather unique social engineering technique, including contact information of legitimate law firms. Typically phishing emails are completely made up and do not have real contact information, though this has led to one law firm, Sasse & Partner, to release a statement that it is not involved with these emails.
Attorney Christian Solmecke had this to say:
“It is very likely that the zip file contains a virus, designed to spy on credit card and account information. The floodgates would then be opened to online banking fraud and identity theft. For this reason, all users that have opened the ZIP file attachment should check their PC immediately with a virus scanner and install the security updates for their anti-virus software.”
Thank you to Torrent Freak for providing us with this information
The official Israeli Defense Force (IDF) Twitter account was recently hacked by the Syrian Electronic Army (SEA), saying there was a possible nuclear leak.
It’s a clever tactic to try to embarrass the IDF, but this latest round was more of a headache and annoyance than anything else. Not surprisingly, the Tweets were quickly deleted, but included messages such as:
“#WARNING: Possible nuclear leak in the region after 2 rockets hit Dimona nuclear facility.”
SEA and other hacker groups that target IDF – and official Western social media accounts – like to try to spread panic or mock the hacking victims. The IDF pledged to fight cyberterrorism, but may find it difficult if hackers are not within reach of criminal prosecution.
Recently, the IDF conducted coordinated airstrikes against targets in the Gaza Strip, targeting militants following the kidnapping and murder of three young Israelis.
Thank you to RT for providing us with this information
Cybersecurity experts are finding it difficult to keep hackers out of their networks, but the risk of insider threats continues to cause headaches. It’s a troubling epidemic because most system and network security systems are designed to keep outsiders from breaching current infrastructure.
To make matters worse, 75 percent of insider crimes are underreported and don’t typically lead to prosecution – a troubling fact that insider threats normally cost more to combat, according to a US State of Cybercrime study published earlier in the year.
There will be a major effort to try to limit insider threats, with better monitoring services to better track what is being accessed.
Here is what Ron Ross, National Institute of Standards and Technology information risk management leader in “Security Agenda”:
“We talk about the geeks inheriting the world. You got the system admins sitting on top of a treasure trove of gigabytes of classified information and they really have a lot of power out there. And, it’s going to be really important that we take extraordinary measures where those assets are very critical to make sure one person can’t bring down the entire organization.”
The risk of insider threats is more prominent for governments, financial institutions, and critical infrastructure, security researchers say. Stolen information is highly valuable on the black market, with cybercriminals interested in selling and trading data.
Yahoo has reported a while back that on January the 3rd, their website has been infected with ad-related malware content. The FoxIT security company reported that the UK, France and Romania were the countries who suffered heavily due to this attack, but further details prove more to it.
First of all, Yahoo stated this Friday that the attack took palace between December 27th and January 3rd, not only on January the 3rd as previously thought. This widens the window of malware infection, and also confirms the fact that more than 2 million PCs may have been infected. Also, Yahoo said that people outside Europe may have been hit by the infected ads before they could do something about it. Anyone using the Yahoo Mail or IM services during that time frame may have been served malware which exploits vulnerabilities in Java and had installed a variety of malware-related software.
Another security company based in the United States called Light Cyber said that one of the malware present in Yahoo’s ad network was designed to link infected PCs and form a Bitcoin mining operation. Other exploits involve theft of usernames and passwords, disabling antivirus software and remote control of computers. To be noted is that Mac computers or mobile devices were not harmed by the software, only PCs, laptops and netbooks running on Windows-based operating systems were vulnerable to the attack.
Yahoo has released some precautionary steps to take in order to prevent and detect further infection by the malware in cause:
Perhaps all the increasing discussions and ramifications about the NSA have prompted your concern, or maybe you’ve noticed that when you search for something, email a friend about a topic, or send an IM, you’re suddenly receiving ads and spam messages eerily geared toward the subject at hand. Whatever the case, a growing number of people have serious concerns about both their privacy and their security over the Internet. Big Brother is certainly watching, but so are many thieves ready to swoop in and take money and identities, so you might wonder if you have reason to worry, too.
Invasive Targeted Advertising
While it’s debatable that simply talking to someone about, say, making a dentist appointment or buying a new car will lead to an influx of Internet ads geared toward dentists or cars, that debate only applies to spoken conversations. Pose a question on Facebook, discuss a topic in your email messages, or send an IM to a friend, and you will notice a frankly spooky abundance of advertisements and spam messages aimed at the topic you’re discussing. It’s creepy and unfortunately real. Some people have even noticed they’re receiving targeted ads after they’ve sent text messages about a certain topic. That’s a bit creepier, simply because of the sheer amount of information most people have on their mobile phones. This is more prevalent when your phone is somehow connected to your Internet logins, such as through Google or Chrome, and you can fix it. It simply takes some fancy encryption skills.
Massive Military Concerns
Many military bases are increasingly (and understandably concerned) about privacy and security. Even training bases have reasons to keep things on the down low. For bases from which troops are most often deployed, the need for security is even more important. People in the military aren’t allowed to share information about deployments, whereabouts, or missions on Facebook, so certainly they don’t want information getting out over the Internet by accident or security breaches. That’s why so many military outposts use VPN, or virtual private networks.
Cybercrime is a growing concern. Ranging from annoying to serious, cybercrimes really run the gamut. Common Internet crimes include:
Spam, an annoying problem that doesn’t often cause problems but can become dangerous when spam messages include links or attachments
Credit fraud, which can occur through spam messages, computer viruses, and dangerous downloads that incorporate programs which pick up your keystrokes, thereby unlocking passwords and PIN numbers from credit cards and online banks
Drug trafficking, which is actually becoming a serious problem online, ironically thanks to the use of email encryption and fully protected websites and message boards
Cyberbullying, an increasingly serious and even lethal cybercrime that largely targets teens and young adults, leading to depression and a tragically growing number of suicides
Piracy, the so-called “victimless crime” wherein movies, music, videos, and similar forms of media are illegally downloaded for free
Cyberterrorism, which ranges from hackers who try to break into banks, credit card companies, and government sites to vigilante groups who try to shut down various websites for political or independent reasons
As you might expect, many of the largest cities in the United States report higher instances of cybercrimes. Washington, D.C. is an understandable target, but Boston, Atlanta, Austin, and even Sacramento also have serious problems with Internet-based crimes. Not surprisingly, many of these cities are, per capita, making use of VPN themselves as a way to battle these crimes and increase security.
Many of the cities with highest VPN usage are those with a higher risk of identity theft, in addition to some of the other biggest cybercrimes. For example, Florida has one of the highest rates of identity theft in the country; 5 out of the top 25 cities that rely on VPN the most are in Florida. People, businesses, and corporations in the state understand the importance of using private networks to keep their information safe. After all, erasing the effects of identity theft is a long, arduous process, even given the seriousness, growing awareness, and prevalence of the crime. However, Florida is hardly the only state experiencing problems with identity theft. The problem is widespread, affecting Southern states such as Georgia and Alabama, as well as New York, California, Michigan, Texas, and even Maryland. Internet users in these states need to stay aware of their security and do everything possible to keep their privacy intact.
Greater Government Security
Capital cities also understand the greater need for VPN, privacy, and security over the Internet. With Washington, D.C. itself threatened by every type of cybercrime, even the nation’s security is theoretically at risk. Government centers in Virginia, Illinois, Ohio, Utah, Georgia, Colorado, and California all recognize how essential it is to encrypt their data, provide secure connections within capitol buildings, and protect the IP addresses of everyone who works within the government. You may not think your state has any secrets to keep, but don’t you feel better knowing that any secrets are fully secure?
Tourists and tourist destinations, from Florida to Dallas to Chicago, also recognize the importance of protecting privacy and increasing security. There are many reasons for this, such as the fact that if a popular place has a high number of cybercrimes, tourists would more likely to shy away — and their valuable tourist dollars will disappear with them. That could affect the economy of even the most widely visited destinations, leading to a total collapse of infrastructure. Tourists themselves are more concerned, not just because they don’t want to become victims while on vacation, but because a slip in security might lead to potential thieves knowing when they’re gone. Worse yet, they might find their identities stolen while they’re far from home. The far-reaching impact of that might become enough to keep travelers at home, instead of risking danger on vacation. There are growing numbers of reasons why citizens throughout the U.S. need to pay closer attention to Internet privacy and security, as people and as groups. Are you worried about your security when you surf the Internet, at home or out and about?