Successful cyber attacks attract additional cyber attackers
Recent cyber attacks against city governments have provided their attackers with revenue from scams, data breaches, and data held ransom. They also draw the attention of other cyber thieves. If you were a smart cyber thief, you’d be wanting to find victims that meet a few criteria:
Relatively vulnerable to attack
High-Profile (particularly in the case of Ransomware)
Have lots of valuable data to steal/hold for ransom
Deals in large monetary transactions
Cities are attractive targets
City governments across the U.S. have been the victim of countless attacks over the last number of years. It’s because they are one of the few organizations that meet all the needed criteria.
Vulnerable to Attack – Cities usually run as multiple departments with disparate technology and processes, ... Read More
Time for a PCI-DSS Assessment? Maybe?
If you accept charge cards, you are subject to the rules laid out by the PCI Security Standards Council. You could be in medical, retail or online. The field does not matter. What matters is you accept charge cards and/or debit cards. The PCI Security Standards Council mandates assessments and vulnerability scans. You perform assessments annually, or after significant changes. You perform vulnerability scans quarterly, or after a significant change.
Annual PCI-DSS Assessments
You should perform PCI-DSS assessments annually, or after significant changes. "What does that mean?" you may say.
Annually. https://www.pcisecuritystandards.org/minisite/en/docs/Navigating_DSS_v2.pdf tells us on page 4 "At least annually and prior to the annual assessment,
the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and ... Read More
Cyber attack closes bank's doors
Reuters reported that the Bank of Valetta, which accounts for almost half of Malta’s banking transactions, had to shut down all of its operations last month after hackers broke into its systems and shifted funds overseas.
"Prime Minister Joseph Muscat told parliament the cyber attack involved the creation of false international payments totaling 13 million euros ($14.7 million) to banks in Britain, the United States, the Czech Republic and Hong Kong.
The funds have been traced and the Bank of Valletta is seeking to have the fraudulent transactions reversed.
Muscat said the attack was detected soon after the start of business on Wednesday when discrepancies were noticed during the reconciliation of international transactions.
Shortly after, the bank was informed by state security services that it had received ... Read More
Cyber thieves sending fake security alerts
Con artists are targeting thousands of people with tech support scams that pose as security alerts from Norton Security, researchers at Symantec have found. The phony alerts pop up in the browser and urge the victim to run a quick scan of their computer. If the user clicks “OK,” they’ll see a very realistic-looking fake Norton scan running, which tells them their computer is infected. They’ll then be prompted to download an “update” for their antivirus software, which is actually a potentially unwanted application (PUA).
The scammers use HTML and JavaScript to create a very convincing illusion that a Norton scan is taking place. The source code contains several invisible HTML div elements which are progressively made visible by JavaScript code. ... Read More
Triton got into a petrochemical plant
In the summer of 2017, a petrochemical plant in Saudi Arabia experienced a worrisome security incident that cybersecurity experts consider to be the first-ever cyber attack carried out with “a blatant, flat-out intent to hurt people.” The attack involved a highly sophisticated new malware strain called Triton, which was capable of remotely disabling safety systems inside the plant with potentially catastrophic consequences. It all started when someone launched a spear phishing attack and someone else clicked a link they should not have clicked.
Luckily, a flaw in the Triton code triggered a safety system that responded by shutting down the plant. If it hadn’t been for that flaw, the hackers could have released toxic hydrogen sulfide gas or caused explosions. As ... Read More
Phishing and File Sharing
Internet thieves have long used file sharing sites and services to host their malicious files. When they do this, they typically use the underlying service to generate download links that anyone can click without logging in to the hosting service.
Over the past month we started noticing apparently legitimate Dropbox emails pushing links to files with names suspiciously similar to those routinely used by the bad guys. When we clicked the links to check, however, we were greeted with a demand to log in to the service. That's typically been a sign that the files involved were legit.
Still, something wasn't right here. Given the file names presented, we reckoned there was little chance those files were innocuous. So, we decided to log in to ... Read More
Ransomware knocked most systems offline
Officials in Jackson County, Georgia, paid $400,000 to cyber-criminals this week to get rid of a ransomware infection and regain access to their IT systems. The County hired cyber-security consultant to negotiate ransom fee with hacker group. Jackson County officials have not yet confirmed how hackers breached their network.
The infection forced most of the local government's IT systems offline, with the exception of its website and 911 emergency system.
"Everything we have is down," Sheriff Janis Mangum told StateScoop in an interview. "We are doing our bookings the way we used to do it before computers. We're operating by paper in terms of reports and arrest bookings. We've continued to function. It's just more difficult."
Jackson County officials notified the FBI and hired a cyber-security consultant. ... Read More
Office Depot $300 scam - yes, it really happened
I'm sure you've heard something about the Office Depot $300 fraud. For a thorough explanation, see https://cybersafetynet.net/office-depot-faked-malware-scans-to-sell-unneeded-300-tech-services/. Basically, Office Depot's malware scan reported malware on computers that did not have malware. Office Depot then sold an unnecessary $300 service. Today I am writing about how that would look in other industries.
We have a high level of trust in those who provide professional services. We go to them when we sense a problem and need their training, judgement and professionalism to turn the problem into a solution. Let's see how this would play out in another industry.
Electrical
Your kitchen has a refrigerator, microwave oven and coffee maker. You discover that you can run two at the same time, but ... Read More
Is this the best Facebook phishing scam ever?
Scams seeking to harvest online credentials have long tried to replicate known logon pages. But this newly found instance is just about perfect.
In every scam that uses social engineering, the key is to be believable. If it looks right, feels right, has the timing right, etc., the victim is more likely to fall for it. This latest scam seeks to take advantage of a user’s desire to leverage single sign-on (SSO) via well-known websites. In this case, Facebook. Rather than creating (and remembering) countless passwords for an equivalently large number of websites, users will take advantage of identifying themselves via Facebook.
Under normal circumstances, a Facebook API is called which prompts the user to authenticate. But researchers at security vendor Myki have ... Read More
A phishing attack will strike you. It is not a question of IF, but a question of WHEN
With the massive rise in phishing attacks, 2019 is the year for organizations to realize the concept of becoming a victim is an issue of when and no longer if.
According to Malwarebyte’s 2019 State of Malware report, there is pretty much no industry that is unaffected by malware. And phishing attacks remain an effective means of tricking users. In Healthcare alone, nearly one-half of orgs citing a 1-10% click rate when interacting with mock-phishing emails to test user response, and another one-quarter of organizations seeing click rates of 11-30%.
These numbers clearly indicate that organizations simply aren’t prepared for phishing attacks.
What you can do
What’s needed is an anti-phishing plan in place that helps to ... Read More