Cybersecurity Round-Up: Commerce’s Big Cyber Spend and DEF CON

Cyber attacks and growing cyber paranoia are on the rise around the world.  Applied Technology Institute, LLC offers a new Cyber Warfare- Global Trends course on June 10-12, 2014 in Columbia, MD.  If you would you to protect your company against this modern day threat please register here. Also, you might find the story below interesting. […]
Cyber attacks and growing cyber paranoia are on the rise around the world.  Applied Technology Institute, LLC offers a new Cyber Warfare- Global Trends course on June 10-12, 2014 in Columbia, MD.  If you would you to protect your company against this modern day threat please register here. Also, you might find the story below interesting. The U.S. Economic Development Administration shot itself in the foot by spending $3 million of taxpayers’ money to remedy a cyber attack — that never happened. That’s the upshot of a recent study by the EDA’s parent agency, the U.S. Department of Commerce, reporter Lisa Rein writes in The Washington Post. “Federal officials were so worried the infection would spread to economically sensitive information that 200 employees had to spend months without e=mail or access to Internet servers and databases,” according to the story. “BlackBerrys were abandoned, and there was no Internet communications with regional offices. “Officials spent almost $3 million to destroy computers, hire consultants and secure temporary networks before building a new operating network from scratch.” It all started when a Dept. of Homeland Security team flagged a possible virus in December 2011. “Inexperienced, unqualified IT employees overreacted to information that turned out to be wrong, investigators found in their June 26 report,” Rein wrote. “They spoke past one another and did not validate how many computers had been targeted. “They failed to heed early conclusions that this was not a large-scale attack by a foreign entity.” The Senate Commerce Committee appears to be spending its time and money on another cyber measure. On Thursday, the committee released a draft bill to enhance the nation’s cybersecurity through standards, best practices, research and development, and public awareness and preparedness. The legislation is expected to be marked up in the next few weeks.
Sign Up For ATI Courses eNewsletter

Data is new oil: Top Cybersecurity Alerts

This was the year of malware. In particular, according to the latest Sophos annnual report on cybersecurity, the year that’s coming to a close saw a resurgence of web malware, and 80% of attacks on the web came in the form or redirects from legitimate sites infiltrated with malicious code. At the same time, the […]
This was the year of malware. In particular, according to the latest Sophos annnual report on cybersecurity, the year that’s coming to a close saw a resurgence of web malware, and 80% of attacks on the web came in the form or redirects from legitimate sites infiltrated with malicious code. At the same time, the report warns, cybersecurity is not just about the desktop computer or Windows anymore. The continuous rise of smartphones, tablets as well as social media has given ill-intended hackers new platforms to exploit. In the Security Threat 2013 report, Sophos underlines the risks posed by the sheer amount of platforms hackers can now take advantage of. “Throughout 2012, hundreds of millions of users flocked to social networks — and so did attackers.” read the report. “They built creative new social engineering attacks based on key user concerns such as widespread skepticism about Facebook’s new Timeline interface, or users’ natural worries about newly posted images of themselves.” Sophos is referring to a common malware attack, which consists of creating a legitimate Twitteraccount, making it send direct messages to its followers, warning them of an alleged embarrassing photo of them being posted on Facebook. In an era where these kind of accidents actually happen, some people are too scared not to click on the link, which will then install aTrojan horse virus on their computer. Sophos also underscored the threat posed by cybercriminals armed with powerful tools like “Blackhole,” a pre-packaged software tool created by Russian hackers that has become the most commonly used malware toolkit in the world, and, what’s worse, Sophos warns that it’s here to stay. “Barring a takedown by law enforcement, security vendors and IT organizations are likely to be battling it for years to come,” reads the report. Blackhole is a tool that, using vulnerabilities in Java and other software, injects malware on a computer that visits an exploit site or a compromised website that redirects to one. Blackhole is so widespread that it accounts for 27% of all web malware. The United States (30%) and Russia (18%) are the countries that host the most Blackhole exploit sites. If you’re wondering what are the riskiest countries in terms of malware, SophosLabs has ranked the riskiest and safest countries. Honk Kong, Taiwan and the United Arab Emirates are the three countries most exposed to cyber attacks, while Norway, Sweden and Japan are the safest ones. Sophos also reminds that Google’s mobile OS, Android, which now controls a large chunk of the smartphone market, has become a great platform for malware. In fact, in Australia and the United States an Android device is more likely to experience a malware attack (whether failed or successful) than a PC over a month-long period. Finally, Sophos warned that as Apple computers eat Windows’ once dominant market share, hackers are adapting and looking to attack Mac computers too. “Growing Mac usage means many IT organizations must objectively assess, mitigate, and anticipate Mac-related malware threats for the first time,” reads the report.
Sign Up For ATI Courses eNewsletter