April 2013 – Page 2 – CyberSecurity Institute

US banking sector vulnerable to hackers

Posted on April 27, 2013December 30, 2021 by admini

Making reference to a series of cyber attacks that targeted several of the biggest US banks toward the end of 2012, the FSOC noted “the knowledge and skill of the attackers appeared to increase over time.”

In an attempt to protect the financial system against these attacks, the FSOC proposed “enhancing cross-sector cooperation, particularly with industries upon which the financial sector is dependent, such as energy, power, and telecommunications.” “Public-private partnership improvements in the analysis and dissemination of robust information to improve real-time responses to cyberattacks will enhance incident management, mitigation, and recovery efforts,” the report added.

Link: http://www.adelaidenow.com.au/news/breaking-news/us-banking-sector-vulnerable-to-hackers/story-e6frea7u-1226630247494

Kingston adds malware scanner to its secure drives

Posted on April 26, 2013December 30, 2021 by admini

Today, flash drives are just as convenient as when they were first released, but many also contain high levels of security, which has helped bring them back into government.

“People often carry sensitive personal files on their USB drives, and they often don’t realize that their drive can be infected when plugged into a computer, and then that infection can be transferred to other machines. Together with Kingston and ClevX, we can offer a solution which keeps the contents of USB flash drives safe and malware-free and prevents malware from spreading via removable media.”

Link: http://gcn.com/articles/2013/04/26/kingston-adds-malware-scanner-secure-drives.aspx

Recently patched Java flaw already targeted in mass attacks

Posted on April 25, 2013December 30, 2021 by admini

The vulnerability, identified as CVE-2013-2423, was one of the 42 security issues fixed in Java 7 Update 21 that was released by Oracle last week, on April 16. The company gave the flaw’s impact a 4.3 out of 10 rating using the Common Vulnerability Scoring System (CVSS) and added that “this vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets.”

An exploit for CVE-2013-2423 was integrated into a high-end Web attack toolkit known as Cool Exploit Kit and is used to install a piece of malware called Reveton, an independent malware researcher known online as Kafeine said Tuesday in a blog post.

The vulnerability started being targeted by attackers one day after an exploit for the same flaw was added to the Metasploit framework, an open-source tool commonly used by penetration testers, the F-Secure researchers said.

This wouldn’t be the first time when cybercriminals have taken Metasploit exploit modules and adapted them for use with their own malicious attack toolkits.

Users who need Java on their computers and especially in their browsers are advised to upgrade their Java installations to the latest available version — Java 7 Update 21 — as soon as possible. This version also made changes to the security warnings displayed when websites attempt to load Web-based Java applications in order to better represent the risk associated with allowing different types of applets to execute.

Browsers like Google Chrome and Mozilla Firefox also have a feature known as click-to-play that can be used to block plug-in-based content from executing without explicit consent.

Link: http://www.computerworld.com/s/article/9238652/Recently_patched_Java_flaw_already_targeted_in_mass_attacks?source=CTWNLE_nlt_pm_2013-04-24

Mandiant: No Drop in Chinese Hacking Despite Talk

Posted on April 25, 2013December 30, 2021 by admini

Rich Bejtlich said the roughly two-dozen groups the firm tracks closely – some of which have links to the Chinese government and military – have been “very busy.” Bejtlich said, has been a noticeable drop in cyber attacks from Unit 61398, a group within the People’s Liberation Army that Mandiant has accused of attempting to hack nearly 150 victims over seven years. Bejtlich’s remarks come a day after Verizon Communications Inc. released a report on cybersecurity in cooperation with 19 other organizations analyzing 47,000 security incidences in 2012 and 621 confirmed data breaches.

She said that China was building a working group on cybersecurity with the U.S. to strengthen cooperation, trust, and constructive dialogue, adding that China hopes both countries will gain a better understanding of explicit breaches and strengthen cybersecurity.

Some have also specifically criticized the Mandiant report, saying it didn’t include thorough analysis of alternative explanations for the cyberattacks it documented, while others have noted that all computer-security companies have an interest in emphasizing threats.

Fang Fenghui, chief of staff of the People’s Liberation Army, said cyberattacks could be “as serious as a nuclear bomb” while simultaneously denying that the PLA was behind cybersyping aimed at U.S. companies.

Nonetheless U.S. officials have remained skeptical that dialogue will slow the pace of attacks from China aimed at U.S. companies, as acquiring trade secrets and intellectual property from U.S. companies is a part of its efforts to beef up weaker industries and those deemed key to national security.

“We’re at this log jam where there’s overwhelming evidence on the classified and unclassified sides that says the Chinese are doing this, and that there are military units [involved], but the Chinese deny it,” Mr. Dempsey said he had not discussed with Chinese officials any specific measures the U.S. might take in response to cyberattacks or what any potential cybersecurity code of conduct might involve. “Cyber continues to evolve whether we would like it to or not,” he said, adding that both sides were still in a phase of trying to understand the problems that needed to be solved.

Link: http://blogs.wsj.com/chinarealtime/2013/04/24/mandiant-no-drop-in-chinese-hacking-despite-talk/

China accounts for 41 percent of global computer attack traffic

Posted on April 24, 2013December 30, 2021 by admini

In comparison, Verizon’s 2013 Data Breach Investigation Report (DBIR) also blamed China for cyberattacks and pointed the finger at the country as a main instigator of data breaches.

Earlier this month, speaking at the 2013 RSA Conference, Akamai’s chief security officer Andy Ellis suggested that human reaction to risk factors is a common problem when attempting to defend against cybercrime. Ellis argues that even if security experts warn a firm about potential risks to their networks or company infrastructure, business leaders may have a psychological disposition to either tolerate a certain amount of risk, or even to seek it out. Although our top priorities should be in securing a business and increasing profit, human risk factors can often be as much to blame as outdated security protocols.

Link: http://www.zdnet.com/china-accounts-for-41-percent-of-global-computer-attack-traffic-7000014392/

IT Professionals Say Employees Ignore Security Rules

Posted on April 24, 2013December 30, 2021 by admini

While vendors of conventional security products—like firewalls and antivirus—are constantly updating their tools to reactively protect against the latest threats, hackers are looking for flaws and engineering new attacks to exploit them,” Philip Lieberman, president and CEO of Lieberman Software, said in a statement. “The reality is that 100 percent protection is nearly impossible to achieve, but there are still best practices for securing access to critical systems and data that many organizations tend to ignore.”

Just over three-quarters (75.8 percent) of IT personnel said they think that employees in their organization have access to information that they don’t necessarily need to perform their jobs, and while 38.3 percent of IT security personnel have witnessed a colleague access company information that he or she should not have access to, more than half (54.7 percent) of those respondents did not report their colleagues who accessed that information.

The survey also found 32.3 percent of IT security professionals work in organizations that do not have a policy to change default passwords when deploying new hardware, applications and network appliances to the network.

“IT departments that do not have a solution in place to automatically detect, flag and change default privileged passwords on newly deployed systems are neglecting a very common security hole,” Lieberman concluded.

Link: http://www.channelinsider.com/security/it-professionals-say-employees-ignore-security-rules/