• Covid-19 – click here for the latest updates from Forum Events & Media Group Ltd

Posts Tagged :

Hacking

Exotic programming languages making malware increasingly tough to spot

960 640 Stuart O'Brien

For defenders to maintain a competitive advantage over attackers, it’s important to recognize emerging trends by threat actors. One such trend BlackBerry has observed in 2021 is the practice by malware authors of leveraging new and uncommon programming languages to evade detection and hinder analysis.

Malware authors have a reputation for being slow to change what works for them. But with millions of dollars in corporate ransoms now up for grabs, this is no longer the case. Some malware groups have taken the opportunity to branch out and try new or “exotic” programming languages to address specific pain-points in their development process, or to try to evade detection by defenders.

A new BlackBerry white paper, Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages, explores this trend and reveals the motivations and impact it may have on the threat landscape.

“Malware authors are known for their ability to adapt and modify their skills and behaviors to take advantage of newer technologies,” said Eric Milam, VP of Threat Research at BlackBerry. “This has multiple benefits from the development cycle and inherent lack of coverage from protective products. This paper looks into less prolific programming languages and their use in the malware space. It is critical that industry and customers understand and keep tabs on these trends, as they are only going to increase.”

The BlackBerry Research & Intelligence Team chose four uncommon programming languages of interest to examine: Go, D, Nim, and Rust.

This choice was due in part to BlackBerry’s detection methodology, which identified an increase in the use of these languages for malicious intent, and exposed an escalation in the number of malware families being identified and published using these languages. These four languages have also piqued our interest because they could be considered well developed and supported, with strong community backing. ­

While the trend of using exotic programming languages by threat actors is not new, BlackBerry aims to shed light on the state of the current threat landscape regarding these new and emerging languages. In this white paper, BlackBerry’s research team covers the reasons behind exotic language adoption, and provides valuable tips for detecting and preventing malware that takes advantage of these challenging new methods.

Read the full report: Old Dogs, New Tricks: Attackers Adopt Exotic Programming Languages.

UK holds Chinese state responsible for ‘pervasive pattern of hacking’

960 640 Stuart O'Brien

The UK is joining what it calls likeminded partners to confirm that Chinese state-backed actors were responsible for gaining access to computer networks around the world via Microsoft Exchange servers.

The attacks took place in early 2021, affecting over a quarter of a million servers worldwide.

The government says the attack was highly likely to enable large-scale espionage, including acquiring personally identifiable information and intellectual property.

At the time of the attack, the UK says it quickly provided advice and recommended actions to those affected and Microsoft said that by end of March that 92% of customers had patched against the vulnerability.

The UK is also attributing the Chinese Ministry of State Security as being behind activity known by cyber security experts as “APT40” and “APT31”.

Widespread, credible evidence demonstrates that sustained, irresponsible cyber activity emanating from China continues.

The Chinese government has ignored repeated calls to end its reckless campaign, instead allowing its state-backed actors to increase the scale of their attacks and act recklessly when caught.

This coordinated action today sees the international community once again urge the Chinese government to take responsibility for its actions and respect the democratic institutions, personal data and commercial interests of those with whom it seeks to partner.

The UK is calling on China to reaffirm the commitment made to the UK in 2015 and as part of the G20 not to conduct or support cyber-enabled theft of intellectual property of trade secrets.

As part of a cross-Government response, the National Cyber Security Centre (NCSC) issued tailored advice to over 70 affected organisations to enable them successfully to mitigate the effects of the compromise.

In 2018, the UK government and its allies revealed that elements of the Chinese Ministry of State Security (MSS) were responsible for one of the most significant and widespread cyber intrusions stealing trade secrets.

Foreign Secretary Dominic Raab said: “The cyber attack on Microsoft Exchange Server by Chinese state-backed groups was a reckless but familiar pattern of behaviour. The Chinese Government must end this systematic cyber sabotage and can expect to be held account if it does not.”

Credit-Card

NCA: “Peer pressure and kudos” key reason youngsters lured into cybercrime

960 640 Stuart O'Brien

A new study by the National Crime Agency, titled Pathways Into Cybercrime, reports that the key reason that youngsters become involved in online crime is peer pressure and kudos, rather than any financial gain.

Based on debriefs with young offenders, the report shows that the sense of accomplishment at completing a challenge and proving oneself to peers in order to increase online reputations were the most important reasons behind the decision to commit cybercrime.

Another factor was the availability of free and easy-to-use taking tools such as DDoS-for-hire services and Remote Access Trojans (RATs).

The report shows that the average age of hackers that come to the attention of the NCA is just 17 years old. It also provides insight and advice on education and opportunities available to the youngsters so that they might use their skills positively.

“There is great value in reaching young people before they ever become involved in cybercrime, when their skills can still be a force for good,” said Richard Jones, head of the National Cyber Crime Unit’s Prevent team.

“The aim of this assessment has been to understand the pathways offenders take, and identify the most effective intervention points to divert them towards a more positive path. That can be as simple as highlighting opportunities in coding and programming, or jobs in the gaming and cyber industries, which still give them the sense of accomplishment and respect they are seeking.”

The report has been praised by security firms for its positive outlook in providing young people mixed up in cybercrime with an effective strategy of rehabilitation, channeling young people with a skill set of computer science into productive activity and not online criminal activity.

www.nationalcrimeagency.gov.uk

Hacking

Report: Hacks on UK businesses costing investors £42 billion

960 640 Stuart O'Brien

A new report from CGI and Oxford Economics claims that hacks on UK businesses are costing investors £42 billion, with FTSE 100 companies incurring average costs of £120 million with each breach.

Furthermore, the study also found the share prices of companies that have been hacked  fall by an average of 1.8 per cent on a permanent basis following a severe breach involving large amounts of sensitive information – equivalent to £120 million.

Oxford Economics used the Gemalto Breach Index as the basis of its research, looking at 315 ‘breach events’ with a focus on 65 ‘severe’ and ‘catastrophic’ breaches since 2013 ta companies listed on seven global stock exchanges.

The sheer size of the financials revealed in the research will sharpen focus on hacking, with Wonga the latest UK firm to be dealing with a high-profile incident.

Meanwhile, ABI Research recently asserted that damages from cyber attacks would surpass $1 trillion globally.

www.oxfordeconomics.com

Wonga

Wonga data breach could affect 250,000 UK customers

960 640 Stuart O'Brien

Payday lender Wonga has admitted that more than a quarter of a million customers personal data may have been stolen in a data breach at the firm, and it was “urgently investigating illegal and unauthorised access to the personal data of some of its customers.”

Customers throughout the UK and a further 25,000 customers in Poland are thought to be affected. The company has declined to comment where the actual breach had taken place.

Wonga began contacting customers on April 8th, offering support through a dedicated phone service. It is thought the company became aware of the issue week commencing April 3rd, but did not realise that data could be accessed externally until Friday, April 7th.

The information stolen includes names, addresses, phone numbers, bank account numbers and sort codes. Wonga accounts and passwords are thought not to have been compromised, but customers have been advised to look out for unusual activity across their accounts.

The data breach could make it one of the biggest cases involving a financial services company ever in the UK.

In a statement the firm said: “We are working closely with authorities and we are in the process of informing affected customers. We sincerely apologise for the inconvenience caused.”

A spokeswoman for the Information Commissioner’s Office said: “All organisations have a responsibility to keep customers’ personal information secure. Where we find this has not happened, we can investigate and may take enforcement action.”

The news of the data breach couldn’t have come at a worse time for Wonga, who have been rebuilding their reputation following a series of controversies.

In 2014, UK financial regulators found it had made loans to customers who could not afford to repay them, and chased debts with letters from a fake law firm, while in 2015 the firm saw its losses double when the Financial Conduct Authority (FCA) took on stewardship of the sector.

Results show that the firm made a pre-tax loss of £80.2 million in 2015, up from £38.1 million the year before.

Total Security Summit logo

Crises, CCTV and Cyber Crime top the total security summit

800 450 Jack Wynn

The global landscape has experienced a rather monumental change over the last year, with security being more relevant than ever as we go into 2017.

The first Total Security Summit of the year is determined to address these issues and uncertainties in a bespoke two-day event for security professionals.

Meet, share, connect and debate business relevant to your current and future projects with matchmade face-to-face meetings, experience a day of dining, drinks and discussion as you network with fellow business professionals and attend seminars covering a range of relevant topics.

Reaching a landmark age in political global challenges and uncertainties, it’s vital to prepare for the future, protecting crowded areas, addressing terror threats and discussing counter-terrorism is Dr Anna Maria Brudenell, Lecturer in Military and Security Studies,
Cranfield Defence and Security for the first seminar on Global Security Strategy.

As terror threats continue to rise and evolve without warning, discussing and understanding the implications is crucial to develop your security in a crisis. Chris Phillips, Managing Director, International Protect and Prepare Security Office (IPPSO) is presenting seminar 2 on Crisis Management and Communications

Video surveillance is being used in greater quantity and with higher quality expectations, with Britain among the leaders in CCTV operation, but are the benefits worth the cost? With few resources and increasing legal parameters, Simon Lambert, Independent CCTV Consultants, Lambert Associates is discussing  CCTV and Video Surveillance in seminar 3.

axis-excell-4

John Marsden, Head of Fraud, Equifax, is discussing how to identify and tackle theft as it happens, assessing risk, detecting threats and ensuring on-going training in Seminar 4: Keeping your Business’ Cash and Assets Safe and Secure

Going into your second day, and following morning networking, James Willison, Founder, Unified Security Ltd goes digital. As our dependency on technology grows, many companies are more vulnerable than ever, between data and privacy risks to ransomware, hackers are becoming more sophisticated, and businesses need to adapt quickly for Seminar 5 on Cyber Crime – the United Security Response.

With a continuing rise in companies at risk of fraud, from physical fraud to high level hacking, security needs to be tight across the board, and the final seminar before more discussion and networking addresses these fears. Fraud Prevention with David Lee, Fraud Prevention Manager, Transport for London sees the summit almost to a close.

Taking place between the 13-14 March at the Radisson Blu Hotel, London Stansted, this year’s Total Security Summit is the industry go-to for professionals.

To secure a complimentary delegate place at either of the two annual Total Security Summit events, call Liz Cowell on 01992 374 072 or email l.cowell@forumevents.co.uk.

Or, to attend either event as a supplier, call Nick Stannard on 01992 374 092 or email n.stannard@formumevents.co.uk.

For more information, visit www.totalsecuritysummit.co.uk.

Donald Trump accepts Russian intelligence hacking

Donald Trump ‘accepts’ Russian cyber attacks on US election

837 506 Jack Wynn

REUTERS: Toni Clarke / Dustin Volz

President-elect Donald Trump accepts the US intelligence community’s conclusion that Russia engaged in cyber attacks during the US presidential election and may take action in response, his incoming chief of staff said on Sunday.

Reince Priebus said Trump believed Russia was behind the intrusions into the Democratic Party organisations, although Priebus did not clarify whether the president-elect agreed that the hacks were directed by Russian President Vladimir Putin.

“He accepts the fact that this particular case was entities in Russia, so that’s not the issue,” Priebus said on Fox News Sunday.

It was the first acknowledgment from a senior member of the Republican president-elect’s team that Trump had accepted that Russia directed the hacking and subsequent disclosure of Democratic emails during the 2016 presidential election.

Trump had rebuffed allegations that Russia was behind the hacks or was trying to help him win, saying the intrusions could have been carried out by China or a 400-pound hacker on his bed.

With less than two weeks until his January 20 inauguration, Trump has come under increasing pressure from fellow Republicans to accept intelligence community findings on Russian hacking and other attempts by Moscow to influence the November 8 election. A crucial test of Republican support for Trump comes this week with the first confirmation hearings for his Cabinet picks.

A US intelligence report last week said Putin directed a sophisticated influence campaign including cyber attacks to denigrate Democratic presidential candidate Hillary Clinton and support Trump.

The report, commissioned by Democratic President Barack Obama in December, concluded vote tallies were not affected by Russian interference, but did not assess whether it influenced the outcome of the vote in other ways.

Guest Blog, Pascal Geenens: The rise in students hacking school databases…

800 450 Jack Wynn

You might be surprised at who is behind the most recent cases of cyber-attacks on schools. Would you guess that in many instances, it’s the students themselves? There are many reasons why students would want to launch an attack against their own school, and it’s actually becoming a larger problem across the globe with cases reported in the US, Japan, Australia and India.

Here are some of the top reasons why students have been launching attacks on schools:

It’s fun

Who wouldn’t be intrigued by the idea of trying to hack into their school, with all its records at their disposal? With many schools now electing to have students submit assignments digitally and take exams online, some would find it fun to shut down the system so they and their classmates won’t have to submit their work or take a test. Others may just want to play a joke by defacing the school website.

Revenge

In some cases, the reason for hacking is as simple as wanting to get back at the school for bestowing punishment upon the student. Disrupting normal operations, thinking they won’t get caught, holds an allure.

Changing grades

For those who are struggling with coursework or may have flunked an important exam or submitted a hastily put together dissertation, the temptation to hack lies in the ability to change their grades to more favourable ones. Not wanting to bring home a poor report is a key motivation in younger students. Students of all ages will see a hack as a way to avoid this.

To change attendance

For the truants out there, hacking provides a way for them to change their attendance records and erase the fact they did not attend school.

As a dare

We all like having bragging rights. For students, responding to a dare is often the way to do it. If they don’t, they face bullying and teasing from classmates over not succeeding.

So how do they do it? Most educational facilities have migrated to digital platforms, and these online portals are prime targets for attacks.

Technology is great and streamlines workflow, but presents a larger issue if knocked offline. If these portals go down, they prevent students from being able to perform many actions, like submitting their work. This is a huge issue with schools going digital. Schools are quick to incorporate the newest technology but often do not consider the risks.

One of the biggest security risks that school network face is from their students and the devices they bring with them. Students bring a considerably large amount of devices, ranging from personal computers and tablets to mobile phones and gaming consoles.

These devices often connect to the school’s network and open a huge range of vulnerabilities. The activities that some students engage in, such as online gaming, can also bring a risk of malware or even denial of service attacks.

Part of the issue is the ease in which students can now access the Darknet, and the increasingly low costs to hire someone to hack the system for them. Digital marketplace vendors on the Darknet offer cyber services such as grade changes and distributed denial of service (DDos) attacks for very little money.

This makes it increasingly easy for non-hackers to carry out an attack or cause damage to a school’s resources. In addition to these services, a potential attacker can rent other attacks such as botnets or stresser services for Bitcoin.

It’s scary stuff, but there are steps that schools can take to protect themselves. They key is a hybrid security solution that combines on-premise detection and mitigation with cloud-based protection, so attack traffic can be identified and blocked before it causes downtime. A trusted security specialist will be able to advise further on the best way to ensure service availability.

It may seem extreme, but students have come a long way from slingshots and peashooters, with many choosing cyber attacks as their weapon of choice. It’s up to schools to make sure they are just as innovative with their defences.

 

As a security evangelist for Radware, Pascal helps execute the company’s thought leadership on today’s security threat landscape. Pascal brings over two decades of experience in many aspects of information technology and holds a degree in Civil Engineering from the Free University of Brussels.

Consumers fear of further cyber-attacks a ‘very clear call to action’ for organisations…

800 450 Jack Wynn

A new survey conducted by the identity software management provider, Centrify, has revealed that 75 per cent of adults in the UK would stop doing business with, or would cancel a membership to, an organisation if its database was hacked.

The research of 2,400 people across the UK, Germany and the US analysed consumer attitudes towards hacking and how likely people are to continue transacting with businesses – including banks, retailers, governments, travel, hospitality and health companies — after experiencing a cyber-attack.

Chief product officer at Centrify, Bill Mann, said: “If three-quarters of customers are prepared to walk away from a business if it has been compromised, then what kind of message is this sending to those organisations? We would say that it is a very clear call to action to those businesses to sort out their processes and do everything they can to protect confidential customer information. When companies put customer data at risk they are really putting their entire business at risk. People simply will not tolerate doing business with potentially risky organisations, so it’s time for them to take full responsibility for their security and put the proper measures in place once and for all.”

According to the survey, financial institutions appear to acquire the best reputation in dealing with security breaches compared to the other sectors listed; with governments and HMRC coming in second. However, retailers rank fourth and travel sites fifth in each country, while membership and hospitality businesses came in at the lowest level.

View the survey infographic here