United States

US tops as Malware Hosting Nation

January 19th, 2014

Solutionary’s Security Engineering Research Team (SERT) Quarterly Threat Intelligence Report for Q4 2013 states that the United States was the leading malware-hosting nation. US host 44 percent of all malware which was five times more than the second-leading malware-hosting nation, Germany. Later was responsible for 9 percent of all malware in Q4 2013. Report predominantly focused on distribution and analysis of malware. SERT used cloud-based Solution Active-Guard Platform and global threat intelligence network to get the results.

Solutionary SERT director of research Rob Kraus said in a statement ,“We aren’t just talking about foreign espionage campaigns, APTs and breaches; many of these malicious activities are taking place within U.S. borders,” and continued saying, “Malware and, more specifically, its distributors are utilizing the technologies and services that make processes, application deployment and website creation easier.”

Reports mentioned that over 40 antivirus fail to detect malware Researchers found that majority of malware applications are related to PUA’s i.e. potentially unwanted applications which are installed Microsoft Windows 32-bit portable executables (PE32) files.

SERT also mentioned about the malicious actors turning to cloud for malware distribution. It found that malware distributors are widely using cloud computing either by buying services directly or compromising legitimate domains. They are also hiding behind the reputed hosting providers like Google, Godaddy and Amazon to avoid geographic black listing. This type of modus operand has enabled distributors for cost effective ways of spreading malware through easily making them online.

Reports also provide recommendations to Internet Service Providers to limit the risk associated with malware distributions by sites hosted and domain name registered. Ultimately it is up to providers to take action for stopping the proliferation of malware.

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

In last three years 1,500 laptops stolen in Oxford

November 29th, 2013

Increasing number of laptop theft cases are being reported in Oxford, as a result laptop owners have been urged to download tracking programmes and register their devices.

Police figures show that more than 1,500 laptops have been snatched in the city in less than three years.

The statistics, obtained by the Oxford Mail under the Freedom of Information Act, also show thieves took laptops from car parks, hospitals, churches and camp sites.

Last year 625 of the portable computers were taken in 479 thefts. In 2011 638 laptops were stolen during 491 thefts. Before the end of August this year, 387 laptops had been stolen in 290 thefts.

“Software can be downloaded to track computers and mobile phones. There has been variable success with them. It relies quite heavily on signal strength in the area so they are rather hit and miss.” said Former Thames Valley Police crime reduction advisor – Nick Gilbert.

Mr Gilbert, who now runs his own security consultancy in Witney, also said property – anything from cars to jewellery – can be registered for free at immobilise.com.

“If anything goes missing, providing you have all the information they need, there is a reasonable chance if it turns up anywhere in the county, it will be easy to find and recover” said Mr Gilbert.

But he said it was most important to take a note of the serial number because without it police cannot track the owner if they find the computer.

A brand new laptop worth £1,000 belonging to entrepreneur and former lawyer John Moore was stolen in Blackwell’s Bookshop cafe in September but it has not been recovered. The American lost details of a business scheme.

The Oxford resident said he wished he had known about tracking software before the theft, adding: “If I had downloaded it I definitely would have had the computer back.”

But he also said laptops should be better security protected so they were only accessible to the owner, adding: “If thieves understood that stealing a laptop is going to get them nowhere they are not going to steal them.”

Chauffeur Richard Arrandale lost photographs and a family history project when his laptop was stolen from his Kidlington home earlier this month.

He said thieves who take laptops also take sentimental information, adding: “A lot of people keep their personal stuff on their computers.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

16 million affected by Data Breach last year

October 14th, 2013

Around 16 million people were affected by data breach incidents last year and more than a quarter of them went on to suffer from identity theft, according to new research.

The worst hit were those who lost payment card and Social Security number data and suffered the highest rates of fraud in the retail, financial and healthcare sectors.

In America, 4.4 million people were notified that their payment card information had been compromised in a data breach, and subsequently suffered fraud on their existing credit or debit cards. In addition, 1.26 million Americans were notified that their Social Security numbers were compromised in a data breach and became victims of identity fraud.

Recent massive data breaches like the one at Adobe, in which as many as 3 million encrypted credit card details maybe have been compromised, have highlighted just how much data can be stolen in one go.

As many as 270,000 Americans who were notified that their online banking credentials had been compromised in a data breach last year also went on to suffer fraud on their financial accounts.

A further 324,000 subsequently became victims of fraud against their checking, savings or current accounts.

Al Pascual, senior analyst of security, risk and fraud at Javelin Strategy and Research said “By breaching the data stores of businesses in the financial, healthcare and retail industries, criminals can obtain the fuel they need to execute various fraud schemes, and these crimes have crippling consequences”.

Opportunities to identify thieves has increased than ever before because of increasing moves towards digitization of patient records in healthcare, and the rise of online banking.

“Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers and third-party businesses,” Pascual said.

The following steps can be taken to identity theft arising from data breaches:

  • Locate and identify sensitive data.
  • Classify sensitive data accordingly.
  • Secure data based on risk profile.
  • Develop policies to mitigate future data management issues.

For now, the hunt of identity theft continues, and as long as organizations make themselves such easy and lucrative targets, we can assume the amount of data breach incidents are only going to rise.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Hackers new target: Health Insurance data

August 18th, 2013

The work “health insurance” brings up images of medical bills to people’s mind, but for hackers it is a way to make dollars.

The packages of data on individual people, which include verified bank account numbers and credentials, Social Security numbers, and other personally identity information, are known in the underground as “fullz.”

When further packaged with custom manufactured documents, such as credit cards and driver’s licenses, the hacker merchandise is referred to as “kitz,” each of which sells for between $1,200 and $1,300 a piece.

Don Jackson, Senior Security Researcher for Dell SecureWorks’ Counter Threat Unit said “Selling fullz and kitz aren’t new, but the selling of kitz, which is focused on health insurance credentials and all the other supporting credentials and documents needed to use those stolen health insurance credentials, is a new trend. Selling credentials by themselves does not have enough value, as those other credentials are needed to obtain medical services.”

The fullz is sold at comparatively less price, about $500 each based on the information included – full names, addresses, phone numbers, email addresses with passwords, and so on. Health insurance credentials are priced $20 each, with an additional $20 added whenever there is a dental, vision, or chiropractic plan associated with the health plan. Other data such as U.S credit card with CVV code is priced at $1 to $2, or $20 to $200 for a PayPal account with a verified balance.

“The health insurance information is being used to get free medical services. Theft of medical services, including doctor visits, drugs, and surgeries, are the primary goal for buying these stolen credentials” said Jackson.

He further commented “We have seen the cost of health insurance and the cost of medical services continue to rise. As such, we have seen more demand for stolen health insurance data and the associated credentials needed to use the health insurance, such as physical documents like the insurance card, the driver’s license, the SSN, address, payment card, etc. There is definitely an increase in the buying and selling of information like health insurance contracts. So the selling of kitz with this type of information, like health insurance credentials, is on the rise, and that is a new trend.”

Jackson has not identified exactly who was behind the underground marketplaces hawking the data, but he is sure about the fact that the criminals are located in the U.S.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Paper records results to most VA data breaches

August 12th, 2013

According to Stephen Warren, VA Acting Assistant Secretary for Information and Technology, paper based records are the leading cause of data breaches at the Department of Veterans Affairs.

Warren briefed stated that up to 98 percent of data breach incidents still continue to involve “physical paper”, whereas the theft of patent information contained in electronic devices is very rare and steady now.

Problematic paper records include documentation misplaced, mishandled or improperly mailed by agency employees – such mistakes takes place hundreds of times every month, as suggested by VA’s data breach report over the three-month period. Vetran’s personal information such as Social Security numbers, address, compensation and pension claim ratings is exposed publicly.

Warren said instances where veterans’ information is not kept private are undesirable, but he said that the error rate of VA is very low considering its large number of patients. It has the best error rate in the health care industry for mishandling and it sends millions of packages per month. Patients that experience privacy issues are frequently offered credit protection services from VA.

Warren said “We are constantly reinforcing the fact” that health care matters, emphasizing that every data breach report is investigated and analyzed. In 2008, The VA’s Data Breach Core Team was created, in order to review monthly data breaches they make use of key players in several of the department’s components, assessing risk based on National Institute of Standards and Technology-developed standards.

During this three month period, most data breach incidents were rates as low risk, none were classified as high risk.

Six personal computers and 27 laptops were reported missing between April and June, three of which were not encrypted. Based on the reports, the stolen or misplaced electronic devices did not have access to VA’s network, so it does not appear that private information, with the potential exception of the names of some veterans, was compromised.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

USA: High-risk place for Data Theft

July 23rd, 2013

A research conducted by German companies shows that the US is a high-risk place for data theft, second only to China.

Ernst & Young carried out a survey of 400 companies in July, it found out that 26 percent of German security professionals, IT and senior managers felt that US was a highly risky country when it comes to data theft and Industrial espionage. These figures were just 6 percent two years back. China was still a high-risk company as responded by 28 percent. Russia stands at third place, as just 12 percent respondents consider it as risky place data theft.

Head of Forensic Technology & Discovery Services at EY, Bodo Meseke said that German companies had a misconception that attacks were most likely to come from Russia or China, but they need to realize that very extensive monitoring measures are carried out by Western intelligence agencies.

26 percent of respondents were worried about this sort of data theft coming from a foreign competitor, with 17 percent concerned about state agencies and secret services from abroad. 16 percent of people were concerned about domestic competitors and 9 percent were worried about their own employees.

The survey was conducted to study attitudes towards the risk of data theft and Industrial espionage. 86% of managers are confident that their company would not become a victim. They are confident about their security measures including firewalls and secure password policies, though these security measures are easy to break for skilled hackers.

Meseke explained “When it comes to their own safety, the companies are, unfortunately, often lulled into false sense of security,”

“A professional data thief can circumvent a password. It’s important for companies to make it more difficult for would-be data thieves with things like intrusion detection systems and beefed up security departments so that they look for another target.” he added further.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Stanford University’s network hacked again

July 11th, 2013

America’s famous Stanford University is also one of the victim of recent data breach incidents. This one being the second hack since May.

The University authorities had warned all the users, which include its staff, alumni and its students, to update their details as soon as possible. Specific details still remain scarce.

A banner alert had been posted on the main page of account system and all the users were sent email alert.

In recent months, there have been a lot similar hacks at Stanford and other universities, as found out by TechCrunch. The suspected hacker is claiming responsibility for the latest breach. Named Ag3nt47, the hacker has his information available publicly, casting doubt on his claim.

As stated by Stanford bosses, they were still not aware if any sensitive data had been stolen during this data breach incident. They also found this breach similar to other incidents which had been reported in past months by many large organizations and companies.

It is still not clear whether there is any direct connection to previous breach incidents in the university or attacks done by Ag3nt47.

Following the increasing number of cyber attacks, the worries of university community has been growing. Many of these data breach incidents seem to be targeting the precious research data.

It can be concluded that the data stolen aims at using the personal information for identity theft and passwords and usernames can be used to access the accounts.

University networks are much more hard to secure than corporate systems, because there are multiple devices and the individuals who use them, requiring attention towards wide range of services. This makes the data easily available to the hackers.

Whenever such incident takes place, users are urged to change their password as soon as possible, so selecting a strong password is recommended.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Data Breach: Corporate security at risk

July 8th, 2013

Seems like the Business owners are not much concerned about their data security, they are not making any special efforts to defend systems against hackers. According to a San Diego State MIS professor, five men stealing data from corporate database over a period of seven years were charged by the Justice Department recently.

More than 160 million card numbers had been stolen and hundreds of millions of dollars were inflicted as financial harm to more than a dozen major companies.  No audit of said costs or detailed breakdown was provided. The alleged criminal enterprise was characterized as the largest of its kind to be prosecuted in the United States, by the Justice Department.

To obtain the login credentials and credit card numbers, a variety of hacking techniques were used by the accused, including SQL injection attacks to place malware on networks. To capture credit card transaction data from payment networks they even used network sniffer programs.

U.S. attorney Paul J. Fishman of the District of New Jersey said in a statement. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy and our national security. And this case shows, there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day. We cannot be too vigilant and we cannot be too careful.”

Murray Jennex, professor at San Diego State University MIS said despite recent improvements in dealing with SQL injection attacks and other hacking techniques, made after the defendants were engaged in their alleged conspiracy, many companies are still susceptible because they don’t test their systems adequately and they don’t spend enough money on security.”

“We’ve had economic issues so people haven’t put as much money into security as they should,” Jennex said in a phone interview. He further explained that Computer security does not generate revenue at all, so it is not considered as a priority and risk assessment is only as good as the people who conduct them.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

A laptop containing 6300 students’ data stolen from USC

July 1st, 2013

The University of South Carolina is a public, co-educational research university located in Columbia, United States, with 7 surrounding satellite campuses. USC has an enrollment of approximately 46,264 students, with 31,288 on the main Columbia campus. Read further to learn how a big university like USC will have to suffer in case of a laptop theft.

A laptop of a faculty member from University of South Carolina was stolen from a locked room in the Department of Physics and Astronomy. The laptop contained the names and Social Security numbers of up to 6,300 students.

Letters notifying the students about the possibility of data breach were sent by USC. The letter reads that as of now there is no evidence that any personal information had been accessed. Students were also asked to put fraud alerts on their credit reports and get a new copy of their credit reports.

USC spokesman Wes Hickman said, “It would not have been stored in a file that would’ve made it obvious. The computer itself was password protected, so it wouldn’t be easy to just log onto the computer and find the information. But it was full names and Social Security numbers.” As per the information shared by Wes Hickman, the students who opted for one of four Physics courses from January 2010 up till last semester were the ones whose information must have been on the stolen laptop.

Last August also USC had a security breach, when a hacker from another country hacked into a server at the College of Education and stole the personal information of almost 34,000 students.  Hickman said that he is not aware of any reported identity thefts from that security breach incident. He further added “We have an initiative right now called ‘Secure Carolina.’ We’re spending several million dollars to go through the steps that we need to do to help protect data, protect physical property, as well as data that may be stored on computers and servers and things like that.”

Both the incidents were not related to each other, however the university must take some serious actions to improve its security to prevent any such activity in future. After this incident university decided to phase out the use of Social Security numbers used for identification of students.

Encryption software like Alertsec would have helped!

The use of encryption software would have helped to keep files protected on the computer. With encryption installed, none of the information or credentials would have been lost. Alertsec uses industry leading Check Point Full Disk Encryption (former Pointsec) software to create a web based encryption service that simplifies deployment and management of PC encryption.

The best way to protect information stored on a PC is by using encryption. Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta

DHS OpUSA May Be More Words than Actions

May 3rd, 2013

The U.S. Department of Homeland Security is warning that a group of mostly Middle East- and North Africa-based criminal hackers are preparing to launch a cyber attack campaign next week known as “OpUSA” against websites of high-profile US government agencies, financial institutions, and commercial entities. But security experts remain undecided on whether this latest round of promised attacks will amount to anything more than a public nuisance.

A confidential alert, produced by DHS on May 1, predicts that the attacks “likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible web page and possibly data exploitation. Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message.”

The DHS alert is in response to chest-thumping declarations from anonymous hackers who have promised to team up and launch a volley of online attacks against a range of U.S. targets beginning May 7. “Anonymous will make sure that’s this May 7th will be a day to remember,” reads a rambling, profane manifesto posted Apr. 21 to Pastebin by a group calling itself N4M3LE55 CR3W.

“On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country,” the hackers wrote. “We will now wipe you off the cyber map. Do not take this as a warning. You cannot stop the internet hate machine from doxes, DNS attacks, defaces, redirects, DDoS attacks, database leaks, and admin take overs.”

Ronen Kenig, director of security solutions at Tel Aviv-based network security firm Radware, said the impact of the attack campaign will be entirely dependent on which hacking groups join the fray. He noted that a recent campaign called “OpIsrael” that similarly promised to wipe Israel off the cyber map fizzled spectacularly.

“There were some Web site defacements, but OpIsrael was not successful from the attackers point-of-view,” Kenig said. “The main reason was the fact that the groups that initiated the attack were not able to recruit a massive botnet. Lacking that, they depended on human supporters, and those attacks from individuals were not very massive.”

But Rodney Joffe, senior vice president at Sterling, Va. based security and intelligence firm Neustar, said all bets are off if the campaign is joined by the likes of the Izz ad-Din al-Qassam Cyber Fighters, a hacker group that has been disrupting consumer-facing Web sites for U.S. financial institutions since last fall. The hacker group has said its attacks will continue until copies of the controversial film Innocence of Muslims movie are removed from YouTube.

Joffe said it’s easy to dismiss a hacker manifesto full of swear words and leetspeak as the ramblings of script kiddies and impressionable, wannabe hackers who are just begging for attention. But when that talk is backed by real firepower, the attacks tend to speak for themselves.

“I think we learned our lesson with the al-Qassam Cyber Fighters,” Joffe said. “The damage they’re capable of doing may be out of proportion with their skills, but that’s been going on for seven months and it’s been brutally damaging.”

According to the DHS alert, 46 U.S. financial institutions have been targeted with DDoS attacks since September 2012 — with various degrees of impact — in over 200 separate DDoS attacks.

“These attacks have utilized high bandwidth web servers with vulnerable content management systems,” the agency alert states. ”Typically a customer account is compromised and attack scripts are  then uploaded to a hidden directory on the customer website. To date the botnets have been identified as  ’Brobot’ and ‘Kamikaze/Toxin.’”

What’s more, the DHS warning comes just days after the FBI issued a flash alert on Brobot (PDF) warning that hackers have been modifying the attack scripts to ensure they can evade their targets’ mitigation efforts.

“Because the attacks have been ongoing for seven months, the actors are changing their attack methodology to circumvent mitigation efforts of the financial institutions,” reads an FBI alert obtained by BankInfoSecurity.com. “The latest version of the ‘Brobot’ attack scripts that have been utilized to attack the login capabilities of a financial institution’s website spoofs a fraudulent access cookie, user-agent string and referrer. The login script includes several random strings, but does contain one hard-coded string, ‘63.83.61.17-1365521883478351’, in the script,” it continues.

The FBI alert notes that the hard-coded string does not affect the new attack script, but can be used as signatures for intrusion detection and intrusion prevention devices to detect and block attacks from the Brobot botnet.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta