Cybercrime doesn’t always stand for theft of data or identity, it also accounts for violation of privacy, online threats, trafficking child pornography, use of copyrighted intellectual material, planting bugs or viruses, and blackmailing.
Here are ten different cybercrime related news that made the round throughout this year.
Former AWS Engineer arrested for Capital One data breach
A data breach to Capital One’s server in March exposed the personal information of nearly 106 million of the bank’s customers. The FBI’s report suggests that, along with 106 million affected in the U.S, millions of others were affected in Canada.
The US Justice Department said Paige Thompson, 33, a former Seattle technology company software engineer, was arrested on 29 July and charged with computer fraud and abuse for allegedly hacking into the financial firm’s data.
According to Capital One, about 140,000 Social Security numbers and 80,000 linked bank account numbers in the U.S were exposed, while approximately One million Social Insurance Numbers in Canada were affected.
What to do if you suspect you're a victim of fraud or identity theft?
- Place a fraud alert
- Contact fraud departments
- Freeze your credit
- Document everything
- Create a recovery plan
Visa Card vulnerabilities enable contactless limit bypass
Contactless payment verification limits are a thing but they also encounter many vulnerabilities. Researchers at security firm Positive Technologies warned of vulnerabilities in Visa cards that could be used to steal unlimited sums from accounts, urging banks and customers to take precautions.
Researchers Leigh-Anne Galloway and Timur Yunusov were able to exploit the vulnerabilities to bypass verification limits on Visa contactless cards in tests at five major UK banks.
Contactless payment verification is designed to block instant payments greater than £30 and to require additional verification from the cardholder if the requested amount is above the threshold by requesting for cardholder's PIN or fingerprint authentication on a mobile phone. However, both of these verifications can be bypassed using a device that intercepts communication between the card and the payment terminal. This device acts as a proxy in what is known as a man in the middle (MitM) attack.
Pitney Bowes 'Considering Options' after Malware Attack
Mailing and shipping services company Pitney Bowes was attacked by an anonymous hacker group in October. They were attacked by Ransomware that encrypted information on systems and locked customers out of its SendPro products, postage refill, and Your Account access.
When a cybercriminal injects a specific kind of malware (called ransomware) into your device to block access to your data until a certain amount is paid, thereby holding it for ransom, is known as ransomware.
The undisclosed strain of malware was detected on the firm’s systems on Monday 14 October.
The National Cyber Security Centre (NCSC) guidance on protecting enterprises from ransomware attacks highlights a number of examples of cybersecurity best practices:
- Establishing fit-for-purpose defenses and staff training to block phishing attacks
- Enacting vulnerability management policies and patching systems
- Controlling code execution
- Filtering web browsing traffic
- Controlling removable media access.
UK Cybersecurity agency investigates DNS hijacking
NCSC probed the large-scale DNS hijacking campaign that reportedly affected government and commercial organizations worldwide.
DNS hijacking is a method of DNS attack in which attackers attempt to incorrectly resolve your DNS queries and redirect your traffic to a malicious website. These modifications may be made for malicious purposes such as phishing.
After the reported attack, US authorities warned that attackers could use compromised credentials to modify the location to which an organization’s domain name resources resolve to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling MitM attacks.
The UK and US government alerts follow reports by researchers at Cisco’s Talos and FireEye’s Mandiant intelligence teams that a wave of DNS hijacking, apparently coming out of Iran, was affecting dozens of domains belonging to government, telecommunications, and internet infrastructure entities across the Middle East and North Africa, Europe and North America.
Police make 61 arrests in a global crackdown on the dark web
Law enforcement agencies from the US, Canada, and Europe, including the UK, made 61 arrests and shut down 50 dark web accounts that were used for illegal activity.
As a result of 65 search warrants, police were able to seize nearly 300kg of drugs, 51 firearms and more than €6.2m, including almost €4m in cryptocurrency.
The dark web was extensively used for illegal activities. Special software such as the Tor browser provides a safe environment for personal privacy and freedom.
Through the joint venture, Europol sent a strong to those active in selling and buying goods on the dark web. Europol’s executive director, Catherine De Bolle, said. “The dark web is not as dark as many users think. When you buy or sell illegal goods online, you are not hidden from law enforcement and you are putting yourself in danger.”
Small business hit hardest by cybercrime costs
According to research from business internet service provider (ISP) Bearing, Almost two-thirds of UK companies, 130,000 small businesses nationwide – fell victim to some form of cyberattack in 2018. They had to face a loss of almost £17bn.
A single business has to face on average of £65,000 in damage assets, financial penalties, and business downtime.
The survey, conducted by research consultancy Opinium, found that while phishing emails claimed the greatest number of victims (25%), ransomware attacks were the most financially damaging, costing victims £21,000 each on average.
63% of small businesses reported being a victim of a cyberattack in 2018, up from 47% of small businesses in 2017 and 55% in 2016.
Agent smith mobile malware hits millions of devices
Mobile malware named “Agent Smith” infected about 25 million Android devices last July. The attack occurred mainly in India and other Asian countries, however, few other countries were affected too, including the UK and US.
Agent Smith, inspired from a character in the movie Matrix, is a modular malware that exploits a series of Android vulnerabilities to replace legitimate existing apps with a malicious imitation.
The malware disguises itself as a Google-related application and automatically replaces installed apps – such as WhatsApp – with malicious versions without users’ knowledge or interaction. The malware pop-up fraudulent ads to device owners, earning money for the cybercriminals behind the malware campaign.
The experts suggest that Android device users should download apps only from trusted app stores to mitigate the risk of infection because third-party app stores often lack the security measures required to block adware-loaded apps. The researchers warn that it could be adapted easily for far more intrusive and harmful purposes, such as banking credential theft and eavesdropping.
Cyberattacks targeting industrial control systems on the rise
Kaspersky reported that the malicious activity targeting industrial control systems (ICS) affected 47.2% of computers in 2018. The computers were protected by security firm Kaspersky. According to them, the malicious activity rose from 44% in 2017 to 47.2% in 2018.
Stuxnet is malware is designed to alter Programmable Logic Controllers (PLCs) used in the types of industrial control systems (ICS). They are considered an “extremely dangerous threat” because they could potentially cause material losses and production downtime in the operation of industrial facilities. Stuxnet caused fatal damage to Iran’s Nuclear Power Plant back in 2010.
Since the event, Stuxnet and its variations are on the rise. The attackers have been targeting utility sectors such as water and energy along with businesses.
The top three countries in terms of the percentage of ICS computers on which Kaspersky Lab prevented malicious activity were Vietnam (70%), Algeria (69.9%) and Tunisia (64.5%).
The most secure countries in the ranking are Ireland (11.7%), Switzerland (14.9%), Denmark (15.2%), Hong Kong (15.3%), the UK (15.7%) and the Netherlands (15.7%).
Asco breaks silence on ransomware attack
Asco (Aircraft parts and aviation equipment maker) in June admitted that it was hit by a “large-scale ransomware attack.” They confirmed that the ransomware caused “a serious disruption” to all activities and communication systems.
It didn’t provide any information on the financial setback or what type of ransomware was involved it had to face because of the ransomware attack. They said that because of the specific nature of the attack, the company would assess every individual IT system in an attempt to avoid compromising security while guaranteeing the “sustainability and quality” of the mitigation actions.
This underlined the importance of having good backups to enable companies to recover from ransomware attacks and other IT system failures.
Met Police collaborated with US prosecutors in Wikileaks investigation
This may be the biggest news of 2019. The Metropolitan Police confirmed its involvement with the UK and US Department of Justice to exchange information about WikiLeaks staff. They disclosed that they had shared correspondence with the US since at least 2013 on WikiLeaks’ UK staff, which include former investigations editor Sarah Harrison, editor in chief Kristinn Hrafnsson and section editor Joseph Farrell.
The three WikiLeaks employees learned in 2014 that a court in East Virginia had ordered Google to disclose their personal emails, contacts, calendar entries, and log-in IP addresses to the US government, as part of an investigation into alleged violations of US federal laws, including the Computer Fraud and Abuse Act and the US Espionage Act.
ITC Communications is a premier cybersecurity service provider in Des Moines that ensures your computer system and digital infrastructure are up to date along with overseeing the cybersecurity management.