CYBER SECURITY – WEEKLY REPORT (SEPT 20, 2017)

0
23

 

SUMMARY REMARKS

Reports last week showed that hackers have had massive success in infecting and penetrating millions of systems, thus gaining access to enormous data ranging from personal details to stock exchange filings.  CCleaner, an extremely popular cleaning software tool, had been infected with a malware affecting millions of users.  The tool was reportedly downloaded by more than 50 million Android users.  The problem was only spotted in August and fixed last week.

In another attack, hackers penetrated the US Securities and Exchange Commission (SEC)’s electronic system for storing public-company filings last year and may have traded using this valuable information.  Its Chairman Jay Clayton said they were investigating the source of the hack, which exploited a software vulnerability in a part of the agency’s Edgar system.  It may be recalled that the SEC sued in December three Chinese traders who allegedly earned more than $ 4 million in illegal gains after they stole information from the computer systems of Wall Street banks and Fortune 500 companies.

Additional details have come in the recent attack on Equifax systems, a background checking agency.  The company’s investigations showed that hackers roamed undetected in its computer network for more than four months since March, before its security team uncovered massive data breach affecting 143 million Americans.

Meanwhile, Vietnam joined China and other countries which forced social network sites like Facebook to remove information that violated the countries’ laws and provide identities of people behind such postings.  While Facebook said its policies in Vietnam are consistent with those practiced elsewhere to report illegal content, Hanoi stated that the company agreed to help create a new communications channel with the government to prioritize its requests and remove what the regime considered inaccurate posts.

CYBER-CRIME

CCleaner:Extremely Popular Cyber Security App Infected millions of users with a virus

http://www.independent.co.uk/life-style/gadgets-and-tech/news/ccleaner-latest-updates-antivirus-app-malware-not-know-customers-use-piriform-avast-a7954896.html  More than two million people used an extremely popular software cleaning tool that had been infected with malware.  CCleaner, which has a high rating on Google Play and has been downloaded by more than 50 million Android users, was compromised “in a sophisticated manner” in August, and the problem was only spotted and fixed in mid-September. It’s also available on Windows and Mac. Piriform, which is owned by Avast and develops the app, has fixed the issues and apologised to users. The malicious code attempted to connect computers with recently registered web domains – a common tool used by hackers to download further malware onto infected computers.

SEC Discloses Edgar Corporate Filing System Was Hacked in 2016

https://www.wsj.com/articles/sec-discloses-edgar-corporate-filing-system-was-hacked-in-2016-1505956552  The top U.S. markets regulator disclosed Wednesday that hackers penetrated its electronic system for storing public-company filings last year and may have traded on the information. The Securities and Exchange Commission’s chairman, Jay Clayton said it was investigating the source of the hack, which exploited a software vulnerability in a part of the agency’s Edgar system, a comprehensive database of filings made by thousands of public companies and other financial firms regulated by the SEC.  The SEC in December sued three Chinese traders who allegedly earned more than $4 million in illegal gains after they stole information from the computer systems of Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies.

Hackers Entered Equifax Systems in March

https://www.wsj.com/articles/hackers-entered-equifax-systems-in-march-1505943617   Hackers roamed undetected in Equifax Inc.’s EFX 1.19% computer network for more than four months before its security team uncovered the massive data breach, the security firm FireEye Inc. FEYE -0.93% said this week in a confidential note Equifax sent to some of its customers. FireEye’s Mandiant group, which has been hired by Equifax to investigate the breach, said the first evidence of hackers’ “interaction” with the company occurred on March 10, according to the Mandiant report, which was reviewed by The Wall Street Journal.  Equifax had previously disclosed that data belonging to approximately 143 million Americans was potentially accessed in May.

Insurance Grows for Cyberattacks

https://www.wsj.com/articles/insurance-grows-for-cyberattacks-1505700360  Data breaches have helped push more companies to buy stand-alone cyberinsurance policies. One research firm forecasts the global market may reach $14 billion by 2022. The policies are designed to cover financial losses from different kinds of attacks—from theft of data to extortion using ransomware—as well as recouping damages from a tainted reputation and stolen money. Many carriers are also trying to distinguish themselves by offering tools and services to help firms respond quickly to cyberattacks or prevent them.

Cyberinsurers Look to Measure Risk

https://www.wsj.com/articles/cyberinsurers-look-to-measure-risk-1505700301  Insurers and ratings companies have come up with a way of measuring risk factors in whether a company will be targeted by cybercriminals. Unlike property or life insurance, which benefit from centuries of actuarial data, cyberinsurance is a new and fast-changing field. Cyberinsurers ask potential clients about their risk exposure and security practices, but there’s often little evidence that these factors indicate whether or not a company will be targeted by cybercriminals, according to insurance providers. Some firms, including American International Group Inc. and Travelers Cos., have started to join with independent security-rating companies to get a better picture of risk

STATE CONTROL OF INTERNET

Facebook Faces a New World as Officials Rein in a Wild Web

https://www.nytimes.com/2017/09/17/technology/facebook-government-regulations.html?hpw&rref=technology&action=click&pgtype=Homepage&module=well-region&region=bottom-well&WT.nav=bottom-well   Behind the scenes, Facebook is involved in high-stakes diplomatic battles across the globe that have begun fragmenting the internet itself. Facebook offered a major olive branch to Vietnam’s government. Facebook’s head of global policy management, Monika Bickert, met with a top Vietnamese official in April and pledged to remove information from the social network that violated the country’s laws. While Facebook said its policies in Vietnam have not changed, and it has a consistent process for governments to report illegal content, the Vietnamese government was specific. The social network, they have said, had agreed to help create a new communications channel with the government to prioritize Hanoi’s requests and remove what the regime considered inaccurate posts about senior leaders.

China extends rule of law on Internet

http://www.globaltimes.cn/content/1066867.shtml?utm_source=The+Sinocism+China+Newsletter&utm_campaign=1df552bc6c-EMAIL_CAMPAIGN_2017_09_18&utm_medium=email&utm_term=0_171f237867-1df552bc6c-29622273&mc_cid=1df552bc6c&mc_eid=a080463883  China has accelerated the development of cyber laws since the 18th National Congress of the Communist Party of China (CPC), by actively engaging the government, Internet service providers and netizens in creating a clean cyber environment, observers said. This year’s China Cybersecurity Week begins on Sept 23 in Shanghai, with Liu Yunshan, a member of the Standing Committee of the Political Bureau of the CPC Central Committee, invited to speak at its opening ceremony.

THREATS / VULNERABILITIES / PATCHES

Free yet Illegal Premier League and Game of Thrones streams could help criminals steal your money using malware

http://www.independent.co.uk/life-style/gadgets-and-tech/news/free-premier-league-football-streams-watch-live-game-of-thrones-ransomware-malware-a7955071.html  Free illegal streams of films, TV shows and sports fixtures could end up costing you a lot, cyber security experts have warned. According to a new report,titled Cracking Down on Digital Piracy, pirates are letting criminals plant malware on their sites in exchange for money, with the content simply being used as bait to hook in as many potential victims as possible. This malware can be used to hijack a target’s computer and steal sensitive information from it, such as bank details and passwords.

Bolstering web security without compromising performance

http://www.homelandsecuritynewswire.com/dr20170914-bolstering-web-security-without-compromising-performance  Nearly half of all web traffic passes through HTTPS. Despite the “S” for security in “HTTPS,” this protocol is far from perfectly secure. “The HTTPS ecosystem has seen a long and somewhat depressing series of bugs,” says Bryan Parno, an associate professor of Computer Science and Electrical & Computer Engineering.

Deep-learning Passgan tool improves Password guessing

https://threatpost.com/deep-learning-passgan-tool-improves-password-guessing/128039/  Artificial intelligence and deep learning are creating into information security, and one of the early applications of those approaches has emerged and is focused on passwords.  Researchers from the Stevens Institute of Technology and the New York Institute of Technology have recently published some early results from their work using Generative Adversarial Networks (GANs) to generate password guesses at a better rate than existing manual rule-generation techniques feeding existing tools such as Hashcat or John the Ripper.

Cloud-Focused firms earn high marks for software security in BSIMM8 report

https://threatpost.com/cloud-focused-firms-earn-high-marks-for-software-security-in-bsimm8-report/128029/  Companies pushing the cloud envelope are most likely to run safer cleaner code.  On the flip side, as the healthcare industry embraces an increasingly software-driven business model, it is struggling to keep up with its peers when it comes to software security.  Those are some of the takeaways from participants in this year’s eighth annual Building Security in Maturity Model (BSSIMM8) report released on Sept 20.

iOS 11 update includes patches for eight vulnerabilities

https://threatpost.com/ios-11-update-includes-patches-for-eight-vulnerabilities/128036/  iOS 11 is out on Sept 19 and along with a new look and feel on the iPad especially comes a handful of patches for the Apple mobile OS.  Apple addressed eight CVEs in the update, and 15 overall as it also updated Safari and Xcode development framework.

CRYPTO-CURRENCIES

Bitcoin ‘Fugitives’ Gather in Hong Kong to Skirt China’s Curbs

https://www.wsj.com/articles/bitcoin-fugitives-gather-in-hong-kong-to-skirt-chinas-curbs-1505904418   China’s crackdown on cryptocurrencies isn’t stopping the industry’s enthusiasts from preaching their tune. Instead, it is emboldening them to find ways to circumvent the curbs. Hundreds of bitcoin traders and blockchain-technology experts gathered in Hong Kong on Sept 20 for a two-day conference originally scheduled to be held in Beijing. The recent regulatory clampdown caused the event to be moved “to lower the risks of being canceled,” according to the website of conference organizer Bitkan, a bitcoin-trading firm.

LEAVE A REPLY