PH
J
Jeanh
You do not have permission to view the full content of this post.
Log in or register now.
Malware that scoops up banking details, UK cyber-crime officially recognised as a seriously growing threat, SSL padlock symbol fraud, Adobe Flash riddled with yet more flaws, near nuclear meltdown and drone hit list using mobile phone recognition numbers revealed.
Evil Corp’s Dridex plunders millions
You do not have permission to view the full content of this post. Log in or register now. are estimated to have been responsible for the recent theft of an estimated £20 million in the UK and £100 million worldwide.
The Dridex malware is aimed at Windows devices and infects machines when an email with an infected Word or Excel documents is opened and links clicked on.
The malware then burrows into the computer seeking out login details for services such as online banking and even social media accounts. Am infected computer is then added to a botnet network allowing criminals to communicate with it.
The creators of Dridex – also known as Bugat and Cridex -call themselves You do not have permission to view the full content of this post. Log in or register now., and are believed to part of a large Eastern European criminal network.
A clump of law enforcement agencies have banded together to hunt those behind the malware.
The law enforcement effort involves the United Kingdom’s top secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.
You do not have permission to view the full content of this post. Log in or register now., while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers have links to.
Clearly you need to be aware of emails from organisations or even individuals that you don’t know and which have attachments.
The virus was prevalent early this year but then appears to have recently started up again. It’s believed that its creators tweaked the original code so it could get past antivirus
defences.
This is why it’s important to protect yourself with antivirus You do not have permission to view the full content of this post. Log in or register now. because this form of defence picks up the programming aberrations that signals malware attempting to penetrate computers.
UK cyber-crime climbs skywards
The Office for National Statistics (ONS) You do not have permission to view the full content of this post. Log in or register now. that more than seven million fraud and cybercrimes are being committed every year in the UK.
You may have seen this news in recent days with just about every major news outlet splashing on it. Most chose to focus on how the inclusion of cyber-crime in overall crime figures has sent You do not have permission to view the full content of this post. Log in or register now..
The Daily Mail You do not have permission to view the full content of this post. Log in or register now. by saying that acts of fraud and cybercrime are committed every four seconds in the UK.
It further reported that Mike Penning, the UK Home Office minister responsible for policing and crime, told Sky News: ‘There are less and less burglaries today than there have ever been before. And actually if you and I are going to have a crime perpetrated against us today we’ll probably be asleep in our beds because it’s being done through our computer system.’
Mike Penning even admitted that his bank account had been häçked about a year ago. The most common cyber-crimes offences committed under the Computer Misuse Act, were where the victim’s device was infected by a virus. But it also includes people’s emails or social media accounts being häçked.
Glen Watson, Director General for Population and Public Policy at the Office for National Statistics (ONS), said: ‘We are at the forefront of international efforts to bring official crime statistics into the digital age.”
The ONS logged an estimated 5.1 million incidents of fraud in the 12 months to May 2015 affecting 3.8 million adults in England and Wales.
The most common incidents were virus infections, email häçks and social media breaches.
The survey said that more than half of fraud and cybercrime victims suffered financial loss, and that 78 percent received financial compensation and 62 percent full reimbursement.
The release of the ONS figures led to an almost frenzied rush by those involved in the industry to get their points across.
Unsurprisingly, in the wake of recently announced sweeping cuts to police services, the cyber-crime figures also became a bit of a political football with opposition politicians claiming that government cuts to law enforcement would make the situation even worse.
However, it was Louise Pordage, senior manager, KPMG’s cyber security practice, who made one of the most telling comments: “There is little clarity around the impact of cybercrime on the UK economy and, of course, the statistics released today only consider crimes against the person rather than corporate crime. Our world is becoming digital and so is organised crime.”
A You do not have permission to view the full content of this post. Log in or register now. puts another layer onto the figures and one that is not too surprising. James Murphy, associate director, defence and security at techUK said given that cyber-crimes are often under-reported, the actual figure is likely to be higher than that published by the ONS.
SSL Padlock Fraud
We’re so used to seeing the padlock symbol in the browser address bar that we unquestioningly accept it as a sign of tough encryption and security.
However, a recent discovery might just change that.
You do not have permission to view the full content of this post. Log in or register now. from internet services provider Netcraft, during August of this year sites claiming to be the official domains of PayPal, Halifax Bank and others got SSL security clearance from the likes of CloudFlare and GoDaddy.
CloudFlare, GoDaddy and others provide web-based services ranging from actual websites to security and performance. Part of their remit is to act as certificate authorities and provide SSL certificates for websites so they can display the padlock symbol.
SSL or secure socket layer accreditation is an industry accepted encryption standard that effectively says a web site is secure whether it is for simple browsing, online shopping or online banking.
In fact most people are so familiar with the padlock symbol they are loathe to submit sensitive information such as passwords and credit card numbers if they don’t see it.
However, the fact that SSL authentication has been issued for rogue websites brings into question the ongoing validity of the padlock symbol.
Edgecombe points out that recent phishing campaigns have been discovered using website addresses such as ‘halifaxonline-uyk.com’ and ‘emergencypaylap.net’ which displayed the padlock sign.
Netcraft also discovered a plausible-looking site ‘natwestnwolb.co.uk’ impersonating NatWest’s online banking service, when the real site’s name is ‘nwolb.com’.
It appears that fraudsters have obtained SSL authentication – and the right to display the padlock – with only minimal ID checks and sometimes at no cost.
In one month, says Edgecombe, fraudsters were able to get the official SSL security padlock seal of approval for hundreds of fake websites impersonating banks and other companies.
Clearly security processes within the SSL certificate issuers have slipped so its certain that certificate authorities such as CloudFlare, GoDaddy and others will be mortified.
However, until they get their act to together and apply robust and rigorous vetting to SSL Padlock symbol applicants it would be wise to be extra vigilant and check the website address carefully before you commit to using a website for online transactions.
More flash vulnerabilities – time to move on?
Adobe Flash has been around for such a long time it’s a regular feature of many sites and so familiar that its ubiquity is considered a monopoly in some quarters.
It is one of the mostly widely used pieces of software for viewing multimedia, rich internet content and streaming. It can also be used to view these files on smartphones that support it such as iPhone, Windows Phone, Android devices, and so on.
However, in the past three months there have been so many vulnerabilities discovered in Flash that it’s beginning to resemble a software colander.
The industry doesn’t like it. YouTube has moved away from Flash for delivering videos, Firefox also bluntly blocked the Flash plugin from starting up in its browser while Google Chrome has also begun blocking auto-playing Flash ads. As if that wasn’t enough, Facebook called for Adobe to announce a ‘kill-date’ for Flash.’
And yet You do not have permission to view the full content of this post. Log in or register now. has been discovered. The vulnerability was exploited by a group of Russian häçkers called ‘Pawn Storm,’ who used it to target several foreign affairs ministries worldwide. The flaw allowed häçkers to gain complete control of the users’ machine.
Adobe has issued a ρá†ch for it but apparently there are more critical vulnerabilities yet to be announced.
Given the relentless tide of flaws that are being unearthed and industry moves to block its usage it’s probably safe to say that You do not have permission to view the full content of this post. Log in or register now..
There are alternatives to Flash if you’ve been affected by it – the most common problem seems to be computers crashing. You do not have permission to view the full content of this post. Log in or register now. to consider your options.
Nuclear flaws
You do not have permission to view the full content of this post. Log in or register now. from You do not have permission to view the full content of this post. Log in or register now. has highlighted a rising number of security breaches at nuclear power plants over the past few years and how important systems at plants were not properly secured or isolated from the internet.
Cyber Security at Civil Nuclear Facilities Understanding the Risks illustrates the dangers of nuclear power plants being directly or indirectly, linked to the internet. This opens up a channel through which malicious häçkers can launch attacks – potentially with extremely serious consequences.
The report found that there is a general lack of knowledge of cybersecurity at management levels and it was quite common for factory default passwords to be left unaltered, and off-the-shelf software to be used despite known issues that were left unaddressed.
Near meltdown
In one case in 2003, an engineer at the Davis-Besse plant in Ohio used a virtual private network connection to access the plant from his home. While the connection was encrypted, his home computer was infected with the Slammer worm which infected the nuclear plant’s computers, causing a key safety control system to fail. A more serious incident in 2006 at the Browns Ferry plant in Alabama nearly led to a meltdown.
Further, a poorly secured steel mill in Germany was seriously damaged after being häçked, causing substantial harm to blast furnaces after the computer controls failed to shut them down.
One of the main problems highlighted by the report is that industrial communication protocols and mechanisms commonly used in nuclear power plants were designed in an era before the internet and cyber-threats were mainstream.
Most of the legacy communication protocols used in nuclear power plants are vulnerable to various attacks as they lack any proper authentication techniques.
The report also found that power plants rarely employ an ‘air gap’ in which systems are completely disconnected from network. This is because the commercial and practical benefits of using the internet often over ride security considerations.
In short, a malicious häçker could theoretically get inside a nuclear power network via Google. Using search terms relevant to the software in use in the plant, Google can turn up direct links to websites leading into its network – with little or no security in the way.
Many of these issues have been consistently highlighted in the past and from many different quarters but the Chatham house report brings all the issues under one umbrella.
Its findings are worrying.
And finally… missiles, phones – another big leak
If you’re familiar with the You do not have permission to view the full content of this post. Log in or register now. you’ll understand how it can be gripping drama. Despite the You do not have permission to view the full content of this post. Log in or register now. that the show is racist, it does have in parts a compelling ring of authenticity and the writers of the series have clearly got to grips with the subject matter.
And its verisimilitude has now been reflected by reality following a leak about the US militaries use of drones and its assassination policies.
Called the You do not have permission to view the full content of this post. Log in or register now. and published by investigative journalism site The Intercept the material reveals how a terror ‘watchlist’ appears on the computers of personnel conducting drone operations.
A computer window shows You do not have permission to view the full content of this post. Log in or register now. associated with mobile phone SIM cards and handsets to specific individuals which allows the drone operator to geolocate the target and launch an airstrike.
The information is a serious intelligence breach and while not on the same scale as the Edward Snowden revelations in terms of its implications, it’s certainly embarrassing for the US government.
Most of us are probably aware of the perils of geolocation; companies tracking your movements, apps tracking you, data that can reveal just about where you are at any moment of the day and deduce what you are doing – but having a missile burrowing down at you at thousands of mile an hour takes the implications of geolocation to whole new level.
Malware that scoops up banking details, UK cyber-crime officially recognised as a seriously growing threat, SSL padlock symbol fraud, Adobe Flash riddled with yet more flaws, near nuclear meltdown and drone hit list using mobile phone recognition numbers revealed.
Evil Corp’s Dridex plunders millions
You do not have permission to view the full content of this post. Log in or register now. are estimated to have been responsible for the recent theft of an estimated £20 million in the UK and £100 million worldwide.
The Dridex malware is aimed at Windows devices and infects machines when an email with an infected Word or Excel documents is opened and links clicked on.
The malware then burrows into the computer seeking out login details for services such as online banking and even social media accounts. Am infected computer is then added to a botnet network allowing criminals to communicate with it.
The creators of Dridex – also known as Bugat and Cridex -call themselves You do not have permission to view the full content of this post. Log in or register now., and are believed to part of a large Eastern European criminal network.
A clump of law enforcement agencies have banded together to hunt those behind the malware.
The law enforcement effort involves the United Kingdom’s top secret electronic security centre at GCHQ, as well as the UK’s national Computer Emergency Response Team (CERT), which was set up in 2014.
You do not have permission to view the full content of this post. Log in or register now., while in Europe the police agency Europol is also helping to investigate, as well as law enforcement in Germany and Moldova where it is believed the attackers have links to.
Clearly you need to be aware of emails from organisations or even individuals that you don’t know and which have attachments.
The virus was prevalent early this year but then appears to have recently started up again. It’s believed that its creators tweaked the original code so it could get past antivirus
defences.This is why it’s important to protect yourself with antivirus You do not have permission to view the full content of this post. Log in or register now. because this form of defence picks up the programming aberrations that signals malware attempting to penetrate computers.
UK cyber-crime climbs skywards
The Office for National Statistics (ONS) You do not have permission to view the full content of this post. Log in or register now. that more than seven million fraud and cybercrimes are being committed every year in the UK.
You may have seen this news in recent days with just about every major news outlet splashing on it. Most chose to focus on how the inclusion of cyber-crime in overall crime figures has sent You do not have permission to view the full content of this post. Log in or register now..
The Daily Mail You do not have permission to view the full content of this post. Log in or register now. by saying that acts of fraud and cybercrime are committed every four seconds in the UK.
It further reported that Mike Penning, the UK Home Office minister responsible for policing and crime, told Sky News: ‘There are less and less burglaries today than there have ever been before. And actually if you and I are going to have a crime perpetrated against us today we’ll probably be asleep in our beds because it’s being done through our computer system.’
Mike Penning even admitted that his bank account had been häçked about a year ago. The most common cyber-crimes offences committed under the Computer Misuse Act, were where the victim’s device was infected by a virus. But it also includes people’s emails or social media accounts being häçked.
Glen Watson, Director General for Population and Public Policy at the Office for National Statistics (ONS), said: ‘We are at the forefront of international efforts to bring official crime statistics into the digital age.”
The ONS logged an estimated 5.1 million incidents of fraud in the 12 months to May 2015 affecting 3.8 million adults in England and Wales.
The most common incidents were virus infections, email häçks and social media breaches.
The survey said that more than half of fraud and cybercrime victims suffered financial loss, and that 78 percent received financial compensation and 62 percent full reimbursement.
The release of the ONS figures led to an almost frenzied rush by those involved in the industry to get their points across.
Unsurprisingly, in the wake of recently announced sweeping cuts to police services, the cyber-crime figures also became a bit of a political football with opposition politicians claiming that government cuts to law enforcement would make the situation even worse.
However, it was Louise Pordage, senior manager, KPMG’s cyber security practice, who made one of the most telling comments: “There is little clarity around the impact of cybercrime on the UK economy and, of course, the statistics released today only consider crimes against the person rather than corporate crime. Our world is becoming digital and so is organised crime.”
A You do not have permission to view the full content of this post. Log in or register now. puts another layer onto the figures and one that is not too surprising. James Murphy, associate director, defence and security at techUK said given that cyber-crimes are often under-reported, the actual figure is likely to be higher than that published by the ONS.
SSL Padlock Fraud
We’re so used to seeing the padlock symbol in the browser address bar that we unquestioningly accept it as a sign of tough encryption and security.
However, a recent discovery might just change that.
You do not have permission to view the full content of this post. Log in or register now. from internet services provider Netcraft, during August of this year sites claiming to be the official domains of PayPal, Halifax Bank and others got SSL security clearance from the likes of CloudFlare and GoDaddy.
CloudFlare, GoDaddy and others provide web-based services ranging from actual websites to security and performance. Part of their remit is to act as certificate authorities and provide SSL certificates for websites so they can display the padlock symbol.
SSL or secure socket layer accreditation is an industry accepted encryption standard that effectively says a web site is secure whether it is for simple browsing, online shopping or online banking.
In fact most people are so familiar with the padlock symbol they are loathe to submit sensitive information such as passwords and credit card numbers if they don’t see it.
However, the fact that SSL authentication has been issued for rogue websites brings into question the ongoing validity of the padlock symbol.
Edgecombe points out that recent phishing campaigns have been discovered using website addresses such as ‘halifaxonline-uyk.com’ and ‘emergencypaylap.net’ which displayed the padlock sign.
Netcraft also discovered a plausible-looking site ‘natwestnwolb.co.uk’ impersonating NatWest’s online banking service, when the real site’s name is ‘nwolb.com’.
It appears that fraudsters have obtained SSL authentication – and the right to display the padlock – with only minimal ID checks and sometimes at no cost.
In one month, says Edgecombe, fraudsters were able to get the official SSL security padlock seal of approval for hundreds of fake websites impersonating banks and other companies.
Clearly security processes within the SSL certificate issuers have slipped so its certain that certificate authorities such as CloudFlare, GoDaddy and others will be mortified.
However, until they get their act to together and apply robust and rigorous vetting to SSL Padlock symbol applicants it would be wise to be extra vigilant and check the website address carefully before you commit to using a website for online transactions.
More flash vulnerabilities – time to move on?
Adobe Flash has been around for such a long time it’s a regular feature of many sites and so familiar that its ubiquity is considered a monopoly in some quarters.
It is one of the mostly widely used pieces of software for viewing multimedia, rich internet content and streaming. It can also be used to view these files on smartphones that support it such as iPhone, Windows Phone, Android devices, and so on.
However, in the past three months there have been so many vulnerabilities discovered in Flash that it’s beginning to resemble a software colander.
The industry doesn’t like it. YouTube has moved away from Flash for delivering videos, Firefox also bluntly blocked the Flash plugin from starting up in its browser while Google Chrome has also begun blocking auto-playing Flash ads. As if that wasn’t enough, Facebook called for Adobe to announce a ‘kill-date’ for Flash.’
And yet You do not have permission to view the full content of this post. Log in or register now. has been discovered. The vulnerability was exploited by a group of Russian häçkers called ‘Pawn Storm,’ who used it to target several foreign affairs ministries worldwide. The flaw allowed häçkers to gain complete control of the users’ machine.
Adobe has issued a ρá†ch for it but apparently there are more critical vulnerabilities yet to be announced.
Given the relentless tide of flaws that are being unearthed and industry moves to block its usage it’s probably safe to say that You do not have permission to view the full content of this post. Log in or register now..
There are alternatives to Flash if you’ve been affected by it – the most common problem seems to be computers crashing. You do not have permission to view the full content of this post. Log in or register now. to consider your options.
Nuclear flaws
You do not have permission to view the full content of this post. Log in or register now. from You do not have permission to view the full content of this post. Log in or register now. has highlighted a rising number of security breaches at nuclear power plants over the past few years and how important systems at plants were not properly secured or isolated from the internet.
Cyber Security at Civil Nuclear Facilities Understanding the Risks illustrates the dangers of nuclear power plants being directly or indirectly, linked to the internet. This opens up a channel through which malicious häçkers can launch attacks – potentially with extremely serious consequences.
The report found that there is a general lack of knowledge of cybersecurity at management levels and it was quite common for factory default passwords to be left unaltered, and off-the-shelf software to be used despite known issues that were left unaddressed.
Near meltdown
In one case in 2003, an engineer at the Davis-Besse plant in Ohio used a virtual private network connection to access the plant from his home. While the connection was encrypted, his home computer was infected with the Slammer worm which infected the nuclear plant’s computers, causing a key safety control system to fail. A more serious incident in 2006 at the Browns Ferry plant in Alabama nearly led to a meltdown.
Further, a poorly secured steel mill in Germany was seriously damaged after being häçked, causing substantial harm to blast furnaces after the computer controls failed to shut them down.
One of the main problems highlighted by the report is that industrial communication protocols and mechanisms commonly used in nuclear power plants were designed in an era before the internet and cyber-threats were mainstream.
Most of the legacy communication protocols used in nuclear power plants are vulnerable to various attacks as they lack any proper authentication techniques.
The report also found that power plants rarely employ an ‘air gap’ in which systems are completely disconnected from network. This is because the commercial and practical benefits of using the internet often over ride security considerations.
In short, a malicious häçker could theoretically get inside a nuclear power network via Google. Using search terms relevant to the software in use in the plant, Google can turn up direct links to websites leading into its network – with little or no security in the way.
Many of these issues have been consistently highlighted in the past and from many different quarters but the Chatham house report brings all the issues under one umbrella.
Its findings are worrying.
And finally… missiles, phones – another big leak
If you’re familiar with the You do not have permission to view the full content of this post. Log in or register now. you’ll understand how it can be gripping drama. Despite the You do not have permission to view the full content of this post. Log in or register now. that the show is racist, it does have in parts a compelling ring of authenticity and the writers of the series have clearly got to grips with the subject matter.
And its verisimilitude has now been reflected by reality following a leak about the US militaries use of drones and its assassination policies.
Called the You do not have permission to view the full content of this post. Log in or register now. and published by investigative journalism site The Intercept the material reveals how a terror ‘watchlist’ appears on the computers of personnel conducting drone operations.
A computer window shows You do not have permission to view the full content of this post. Log in or register now. associated with mobile phone SIM cards and handsets to specific individuals which allows the drone operator to geolocate the target and launch an airstrike.
The information is a serious intelligence breach and while not on the same scale as the Edward Snowden revelations in terms of its implications, it’s certainly embarrassing for the US government.
Most of us are probably aware of the perils of geolocation; companies tracking your movements, apps tracking you, data that can reveal just about where you are at any moment of the day and deduce what you are doing – but having a missile burrowing down at you at thousands of mile an hour takes the implications of geolocation to whole new level.
