Tag: crime

The Art of Stealing Terabytes | Digital Guardian

There are many superlatives to describe the hack of Sony Pictures Entertainment. It has been called the “worst” and “most destructive” hack of all time. It has been likened to a nuclear bomb. It has been called an act of cyber warfare. But, behind all the hyperbole, the Sony hack is just another hack – albeit a bad one. And like any other cyber crime, there are questions about the ‘whys’ and ‘how’s’ of the Sony hack that have yet to be answered to anyone’s satisfaction. Chief among them: how the attackers were able to sneak terabytes of data off of Sony’s corporate network without being noticed. [Read more Security Ledger coverage of the Sony Pictures Hack here.] The sad truth may be that making off with terabytes worth of data may be easier than you think. Like you, I found this notion preposterous. But an informal poll of  respected security experts that […]

Continue Reading

Banking Trojans Pose as SCADA Software to Infect Manufacturers

Dark Reading’s Kelly Higgins has a report about a discovery by a security researcher who has identified a worrying new trend: banking malware that is posing as legitimate ICS software updates and files in order to compromise systems that run manufacturing plants and other facilities. Higgins writes about research by Kyle Wilhoit, senior threat researcher with Trend Micro. Wilhoit claims to have found 13 different crimeware variants disguised as SCADA and industrial control system (ICS) software. The malware posed as human machine interface (HMI) products, including Siemens’ Simatic WinCC, GE’s Cimplicity, and as device drivers by Advantech.   [Read more Security Ledger coverage of threats to SCADA and industrial control systems here.]The attacks appear to be coming from traditional cybercriminals rather than nation-state attackers. The motive, Wilhoit theorizes, is to make money, possibly by harvesting banking credentials or other financial information. Malicious software that can operate in industrial environments and critical infrastructure settings is an […]

Continue Reading

FBI Director: Sloppy Sony Hackers Exposed North Korea

The Director of the FBI James Comey offered his most direct retort to date to those who doubt the Bureau’s case against the Democratic Peoples Republic of Korea (DPRK), saying that the hackers who pillaged Sony Pictures Entertainment were “sloppy” and revealed the source of the attack – IP addresses linked to the reclusive government, Ars Technica reports. Comey was speaking at ICCS, the International Conference on Cyber Security in New York City on Wednesday. He said that, while the Sony attackers largely concealed their identity by using proxy servers, on several occasions they “got sloppy” and connected directly to Sony’s network, revealing their own IP address in the process. Those slip-ups provided evidence linking North Korea to the attack on Sony’s network, he claimed. The IP address isn’t the only evidence, however. (Thankfully.) Comey also said that “analysts at the FBI found the patterns of writing and other identifying data […]

Continue Reading

No IoT Adoption? Security and Privacy Fears may be the Reason

As the Consumer Electronics Show (CES) rages in Las Vegas this week, its tempting to look at the reports about connected devices and wonder when it is, exactly, that the tsunami of smart devices, wearable tech and intelligent appliances will finally wash over us. But it might be even more useful to wonder why – given all the hype- we haven’t been washed out to sea already by the IoT wave. A recent article in Adweek calls attention to one leading theory about why the IoT isn’t gaining traction with everyday consumers: consumer worries about privacy and the security of data. The Adweek article (and groovy infograph) make hay out of a case study by Affinnova, a marketing technology firm that was acquired by Nielsen. The study asked consumers to evaluate “more than 4 million product concept variations and identify the most desired products and functions.” The goal: insight into consumer preferences as well […]

Continue Reading

U.S. Sanctions 10 For Sony Hack, Keeps Mum on Evidence

  As the New York Times reports, the Obama administration doubled down on its recent allegation that the Democratic Peoples Republic of North Korea (DPRK) was behind the hacking of Sony Pictures, announcing sanctions on 10 senior North Korean officials and several organizations in response to the incident. Paradoxically, the administration acknowledged that there is no evidence that the 10 officials took part in either ordering or planning the Sony attack. Instead, they described them as “central to a number of provocative actions against the United States,” the Times reported. Those ‘provocative actions’ were not described. The actions mirror the Administration’s controversial decision, in May, to charge five Chinese military officers in May, 2014, for their connection to computer hacking and cyber espionage campaigns directed at U.S. firms in the nuclear power, metals and solar products industries. In the case of the Chinese nationals, however, the FBI cited evidence linking the five military officers to […]

Continue Reading
1 11 12 13 14 15 24