Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Top Stories

 

GUEST ESSAY: Why cyber attacks represent a clear and present danger — and what you can do about it

By John Mason

As we begin a new year, cyber attacks may actually pose a more profound threat to mankind than the specter of nuclear warfare.

So says billionaire investor Warrant Buffet, and I tend to agree with him. Cyber attacks are growing in prominence every day – from influencing major elections to crippling businesses overnight, the role cyber warfare plays in our daily lives should not be underestimated.

Related article: Digital vulnerabilities on the rise in 2017

I’ve reviewed dozens of reports and surveys that support Mr. Buffet’s observation. Here is an assemblage of these stark proof point, along with my assessment of how they tie together:

Malware storm

Research from Panda Security informs us that some 230,000 new malware samples are produced every day — and this growth is predicted to only keep growing. Encryption services vendor Venafi estimates that 90 percent of hackers cover their tracks by using encryption, including VPN services. Keep in mind encryption is only one of many stealth techniques hackers use. …more

NEWS WRAP-UP: The other scary foreign hacking threat Trump is ignoring

By Byron V. Acohido

Week ending Jan. 12th. Fast Company is reporting that meddling in the U.S. presidential election isn’t the whole story; Russia continues to try to hack into U.S. critical infrastructure. Meanwhile, Trump may be keeping Americans in the dark. Journalist Sarah Kendzior recounts how Sen. John McCain (R-AZ) last summer grilled Attorney General Jeff Sessions about how the Kremlin’s efforts to map the United States telecommunications infrastructure. Session was unable to point to any strategy to counter Russia’s attacks.

True to form, Trump continues to largely ignore probing and hacking that became increasingly aggressive. Kendzior’s reporting raises these questions: will anything substantive be done, not just to stop Valdmir Putin from meddling in the 2018 mid-term elections, but also deter Putin from gaining a foothold to cripple vital infrastructure, potentially causing massive financial and humanitarian consequences. “In this formulation,” Kendzior writes, “an entire government could ostensibly be held hostage to another government’s whim out of fear of triggering a cataclysmic attack.”

Hacking state elections

With midterm elections 10 months away, states are trying to address the threat of malicious meddling. Tampering with voting systems as well as manipulative propaganda, fueled by social media  are two big concerns.  Ars Technica’s Timothy Lee reports that a bipartisan group of senators has introduced legislation that would help bring the entire system up to par. …more

MY TAKE: Why ‘Meltdown’ and ‘Spectre’ portend a banner year for malicious hackers

So you think 2017 was a bad year for cyber exposures? It is clear to me that we are about to commence an extended run of cyber incursions of unprecedented scale and sophistication.

Four days into 2018 and the world must deal with the disclosure of an all-new class of vulnerability built into the processors of virtually every computing device in active use.

Researchers today announced two distinct hardware flaws – dubbed ‘Meltdown’ and ‘Spectre.’ The good news is that Meltdown and Spectre were discovered by the good guys, who responsibly disclosed the weaknesses to the culpable parties. Prior to today’s disclosure, substantive effort was put into preparing workarounds and patches.

Now the race is on to protect as many devices and …more

MY TAKE: How a ‘gift card’ thief spoiled my Christmas

By Byron V. Acohido

Upon returning from a holiday trip this week, we received unsettling news. There has been a rash of mail theft emanating from our local post office. Our box of held mail seemed lighter than it should have been. And one envelope was slashed open; the gift card sent to us, missing.

Our experience fell in line with similar reports from around our neighborhood. It was a stark reminder that despite the wide adoption of chip cards, the lowly “magstripe” wallet card is still in wide use – and remains a prime target of thieves.

Related article: How fraudsters became so enamored with magstriped cards

Magstriped cards consist of magnetized particles impregnated on a thin band. This decades old technology is perfect for holding data, including account information. Anyone can easily extract this data from a magstriped card simply by purchasing a $70 card reader.

Longstanding exposure

And it’s equally simple to purchase blank cards and impregnate their magnetic stripes with whatever data you’d like, including account information extracted from a legit card. This intrinsic weakness of magstriped cards is exactly why U.S. banks finally got around to replacing mag-striped credit and debit cards with chips cards, years after banks in Europe and Canada had already done so.

There was a period from 2005 through 2014 when crime rings plundered account information from the likes of TJX, Heartland, Sony, Target, Home Depot and many more. Criminals got increasing efficient at creating faked credit cards, and then sending teams of mules to make thousands of dollar of purchases at the self-check out lines  Sam’s Club and WalMart, and online, as well. That specific type of faked-credit-card fraud has slowed considerably, due to adoption of chip cards. But magstriped cards continue in wide use, not just for gift cards, but on employee access cards, public transit tokens, phone calling cards, even hotel card keys. …more

GUEST ESSAY: Google study details how 9 million account logons get stolen every 24 hours

By Lisa Baergen

Google should be applauded for spending a year studying how cybercriminals highjack account login credentials and expose them in the cyberspace.

The search giant’s findings are astounding and instructive. Stolen passwords get channeled into the dark web in two main ways: one at a time, via phishing campaigns, or en masse, via data breaches, such as the Yahoo and Uber ones.

From March 2016 to February 2017, Google found that 12 million username and passwords were successfully phished, and some 3.3 billion records were stolen as the result of data breaches. This means that every 24 hours an average of nine million logins are stolen.

Gmail and the Google Cloud Platform are deeply interwoven with corporations and consumers’ lives – even people with personal Gmail accounts use their work email as a recovery account.

Now think about the online retail implications: how many times have you been shopping online and getting confirmations via Gmail? What data does that expose?

The Javelin Strategy and Research Identity Proofing Platform Scorecard, issued in October, showed that everyone – from major merchants to industrial boardrooms and consumers – has room for improvement. …more

MY TAKE: What the Uber hack tells us about fresh attack vectors created by the rise of DevOps

By Byron V. Acohido

Dissecting the root cause of Uber’s catastrophic data breach is a worthwhile exercise. Diving one level deeper into the scenario that led up to the popular ride-hailing service losing personal data for 50 million passengers and seven million drivers shows us why this particular type of hack is likely to recur many more times in 2018.

Related podcast: Why DevOps and security are destined to intersect

Hackers got deep into Uber’s Amazon Web Services platform. They did this by somehow obtaining, then using the AWS logon credentials of one of Uber’s software developers, who left those credentials accessible on GitHub. Though we don’t know nitty gritty details, security analysts say something like this had to have happened:

While working on an AWS coding task, the Uber developer took some of this code base and uploaded it to GitHub.  No security sins to this point. ‘Git’ is a system for controlling the latest version of software programs; GitHub is an online repository where developers upload code for peer reviews and such.

Here’s the wider context: imagine the degree to which Uber, in order to connect riders and drivers, uses software to tie into services hosted by Amazon, Google, Facebook, Twitter, iPhone and Android. Uber is a prime example of an Internet-centric enterprise comprised of a collection of tools and services hosted by myriad partners. Think about how frenetic the software development process must be too keep Uber humming. …more

Q&A: The case for rethinking security — starting with smarter management of privileged access logons

By Byron V. Acohido

Two cybersecurity trend lines have moved unremittingly up the same curve over the past two decades — and that’s not a good thing.

Year-in and year-out, organizations have steadily increased spending to defend their networks — and they continue to do so, with no end in sight. Research firm MarketsandMarkets estimates that the global cybersecurity market size will grow from $137.85 billion in 2017 to $231.94 billion by 2022, a compound annual growth rate of 11.0%.

Related podcast: Much stronger security can come from simple ‘Identity Access Management’ improvements

At the same time, the damage and disruption caused by malicious hackers has also continued to rise, with no end in sight. One recent measure of this comes from a survey of senior officials at 120 large enterprises, conducted by research firm Forrester and sponsored by Centrify, a leading supplier of identity and access management (IAM) technologies.

 

C-level executives disclosed to Forrester that two thirds of their companies had been breached multiple times –  a startling five times on average over the past two years. What’s more, respondents indicated these break-ins occurred evenly all across the network, at endpoints, servers, data bases and in software-as-a-service systems. …more