Home Tags Posts tagged with "cyber attacks"

cyber attacks

0

Cyber attacks happen. However, it’s up to you to ensure that your business has as much in its cyber security armory as possible. Worms, ransomware and spyware have made headlines in the past year having infiltrated large companies. The fact that the largest multimillion corporations are getting hit by hackers shows how no business is immune from the cyber threat. With the ever-growing reliance on online portals, software and interfaces, the threat from a cyber attack is even more frightening to businesses as they risk losing documentation, having sensitive data stolen and personal details cloned. Take a look at how you can protect your company from even the most ardent of hackers.

hacker

Image Credit

Basics

To be as secure as you can, it’s vital that you live by the adage of ‘only those that need to know actually know.’ It sounds like a prophetic sort of statement, but only those at an executive level and above should have access to the most sensitive data. By only giving staff members access to the areas of business data they require, you are lessening the risk of sloppy security breaches. There’s no need for the marketing assistant to have a password to the financial projections and profitability calculations of your company.

Ensure that each member of your team has a strong password. The days of using the name of your first pet or your mother’s maiden name are long gone. A random selection of letters, numbers and characters of at least twelve digits is most secure. Ensure that these are also changed periodically to maintain a higher level of security.

Staff Training

Refresher courses for online security are vital every year for all staff including yourself. A cohesive approach to online security is needed across your business if you are to succeed. Even a reminder not to open the dodgy looking attachment within an email can save you from losing reams of important data online. Select a couple of cyber security champions who can take part in external courses and feedback to your team. Make signing up to an ‘appropriate usage’ policy a priority, so employees never access sensitive data on open or unsecured networks when away from the office.

Image Credit

Get The Right Software

There is a mind-boggling array of security software on the market. At the very least you need a package like M365 which has inbuilt security controls and allows you to wipe any devices that become lost protecting any data you might have that could fall into the wrong hands. Encrypt all of the data that you store and ensure that you backup regularly. Should the worst happen and you find that a piece of ransomware has infiltrated your network, you need a contingency plan and, you have to be able to restore your data quickly.

Thankfully cyber attacks are still relatively rare. If you have the knowledge and relevant software needed, you will be able to make your business as secure and protected as possible.

The White House has threatened to veto the controversial Cyber Information Sharing and Protection Act (CISPA) due to go before the House of Representatives this week.

The US government wants more privacy protections in the CISPA.

After failing to pass through the Senate last year, the bill has already had several amendments.

Intended to protect corporate networks from cyber-attacks, CISPA allows private companies to share cybersecurity information with government agencies.

Opponents say that this is creating a backdoor for governments to snoop on individuals’ data, a point taken on board by the government.

A White House statement said: “The administration remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information when sending cybersecurity data to the government or other private sector entities.”

The White House has threatened to veto the controversial CISPA due to go before the House of Representatives this week

The White House has threatened to veto the controversial CISPA due to go before the House of Representatives this week

Despite this, CISPA has found many friends including large technology firms such as AT&T, Comcast, Intel and Oracle.

This week IBM has sent 200 executives to Washington to lobby for the bill.

In a statement the firm said: “IBM believes we can build stronger, more efficient defences against cyber-threats by enabling better information sharing and providing clear authority for the private sector to defend its own networks, as proposed in the Cybersecurity Intelligence Sharing and Protection Act (CISPA).”

But opponents remain concerned the bill allows a wide range of data to be shared with government. Last month a petition with 100,000 signatures was submitted to the White House.

Opposition has been particularly vocal from privacy groups, with the American Civil Liberties Union (ACLU) describing the latest iteration of the bill as “fatally flawed”.

CISPA’s sponsor, Republican Mike Rogers, caused anger on Twitter when he suggested in a speech that the typical opponent of the bill was “a 14-year-old tweeter in the basement”.

[youtube E38JdtwEn_o]

The White House is expected to announce a raft of anti-hacking measures a day after a report linked China’s military to prolific cyber-theft.

Possible actions include fines or other trade enforcements against China or any other country found guilty of hacking.

The US says it has repeatedly raised concerns with China about cyber-attacks and stolen trade data.

China’s military says the report by a US-based security company is flawed, lacking “technical proof”.

Executives from GE and American Superconductor, both of which do business in China, are expected to attend as the White House rolls out its strategy.

The announcement at 15:00 EST will be attended by US Attorney General Eric Holder.

“The strategy that we are releasing today co-ordinates and improves US government efforts to protect the innovation that drives the American economy and supports jobs in the United States,” a White House official said.

“This strategy is not focused on any one country, nor is it focused on cyber-security exclusively, though cyber does play an important role in the strategy.”

Tuesday’s detailed report by Mandiant identified a Shanghai high-rise used by China’s military as the probable home of hackers to whom it attributed multiple attacks on US companies.

The group, labelled in the report as APT1, was staffed by hundreds of proficient English speakers, Mandiant said.

APT1 had hacked into 141 companies across 20 industries, stealing hundreds of terabytes of information including blueprints, business plans, pricing documents, user credentials, emails and contact lists.

The White House is expected to announce a raft of anti-hacking measures a day after a report linked China's military to prolific cyber-theft

The White House is expected to announce a raft of anti-hacking measures a day after a report linked China’s military to prolific cyber-theft

China’s government has long been suspected of a role in cyber-hacking.

But the issue has become more high-profile in recent months following widely reported hacks into media outlets including the New York Times.

That incident followed the newspaper’s report on the wealth of outgoing Premier Wen Jiabao’s relatives.

On Tuesday, state department spokeswoman Victoria Nuland said that the issue had come up “in virtually every meeting we have with Chinese officials”.

Estimated losses from cyber-espionage and theft of trade secrets totalled more than $300 billion in 2012, according to Representative Dutch Ruppersberger, the top Democrat on the House Intelligence Committee.

The Mandiant report argued that it was “highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai”, citing the country’s rigorous monitoring of internet use.

But China has flatly denied any connection with the activity outlined in Mandiant’s report.

A Chinese ministry statement, posted on its website, said that many hacking attacks were carried out using hijacked IP addresses.

It also suggested that the “everyday gathering” of online information was being wrongly characterized as spying.

And on Wednesday, Chinese foreign minister Hong Lei said China itself had been the victim of attacks, citing a 2012 report from the country’s Ministry of Information Technology and Industry.

“Among the above attacks, those from the US numbered the most,” he said at a news conference.

Cyber-security experts told the Associated Press that US intelligence agencies routinely spy on other countries, but do not conduct similar attacks or steal data from Chinese companies.

[youtube 3K7lJ9pOFJU]

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat’s development.

Flame, revealed last month, attacked targets in Iran, as did Stuxnet which was discovered in 2010.

Kaspersky Lab said they co-operated “at least once” to share source code.

“What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected,” Kaspersky Lab said.

Alexander Gostev, chief security expert at the Russian-based security company added: “The new findings that reveal how the teams shared source code of at least one module in the early stages of development prove that the groups co-operated at least once.”

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat's development

Researchers have found that the teams responsible for the Flame and Stuxnet cyber-attacks worked together in the early stages of each threat's development

Vitaly Kamluk, the firm’s chief malware expert, said: “There is a link proven – it’s not just copycats.

“We think that these teams are different, two different teams working with each other, helping each other at different stages.”

The findings relate to the discovery of “Resource 207”, a module found in early versions of the Stuxnet malware.

It bears a “striking resemblance” to code used in Flame, Kaspersky said.

“The list includes the names of mutually exclusive objects, the algorithm used to decrypt strings, and the similar approaches to file naming,” Alexander Gostev said.

Recently, a New York Times investigation – based on an upcoming book – singled out the US as being responsible for Stuxnet, under the direct orders of President Barack Obama.

The report said the threat had been developed in co-operation with Israel.

No country is yet to publicly take responsibility for the attack.

Speaking about Flame, a spokesman for the Israeli government distanced the country from involvement following an interview in which a minister seemed to back the attacks.

“There was no part of the interview where the minister has said anything to imply that Israel was responsible for the virus,” the spokesman said.

Last week, the UN’s telecommunications head Dr. Hamadoun Toure said he did not believe the US was behind Flame, and that reports regarding the country’s involvement in Stuxnet were “speculation”.

Prof. Alan Woodward, a security expert from the University of Surrey, described the findings as interesting – but not yet a clear indicator of who was behind the attacks.

“The fact that they shared source code further suggests that it wasn’t just someone copying or reusing one bit of Stuxnet or Flame that they had found in the wild, but rather those that wrote the code passed it over,” he said.

“However, everything else still indicates that Flame and Stuxnet were written designed and built by a completely separate group of developers.

“At the very least it suggests there are two groups capable of building this type of code but they are somehow collaborating, albeit only in a minor way.”

 

Paul K. Martin, NASA’s inspector general, has told US lawmakers that hackers gained “full functional control” of key agency’s computers in 2011.

Paul K. Martin said hackers took over Jet Propulsion Laboratory (JPL) computers and “compromised the accounts of the most privileged JPL users”.

He said the attack, involving Chinese IP addresses, was under investigation.

In a statement, NASA said it had “made significant progress to protect the agency’s IT systems”.

Paul K. Martin’s testimony on NASA’s cybersecurity was submitted to the House Committee on Science, Space and Technology’s Subcommittee on Investigations and Oversight.

In the document, he outlined how investigators believed the attack had involved “Chinese-based internet protocol [IP] addresses”.

He said that the attackers had “full system access” and would have been able to “modify, copy, or delete sensitive files” or “upload hacking tools to steal user credentials and compromise other NASA systems”.

Paul K. Martin, NASA's inspector general, has told US lawmakers that hackers gained "full functional control" of key agency’s computers in 2011

Paul K. Martin, NASA's inspector general, has told US lawmakers that hackers gained "full functional control" of key agency’s computers in 2011

Paul K. Martin outlined how the agency suffered “5,408 computer security incidents” between 2010 and 2011.

He also noted that “between April 2009 and April 2011, NASA reported the loss or theft of 48 Agency mobile computing devices”.

In one incident an unencrypted notebook computer was lost containing details of the algorithms – the mathematical models – used to control the International Space Station.

NASA said that “at no point in time have operations of the International Space Station been in jeopardy due to a data breach”.

Paul K. Martin said NASA was a “target-rich environment for cyber attacks”.

He said that the motivation of the hackers ranged from “individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services”.

But while Paul K. Martin criticized aspects of NASA’s cybersecurity he noted investigations had resulted in “arrests and convictions of foreign nationals in China, Great Britain, Italy, Nigeria, Portugal, Romania, Turkey, and Estonia”.

NASA said it was working to implement the security improvements Paul K. Martin suggested in his testimony.

However the chairman of the congressional subcommittee, Rep. Paul Broun, quoted in an online report of proceedings, said: “Despite this progress, the threat to NASA’s information security is persistent, and ever changing. Unless NASA is able to constantly adapt – their data, systems, and operations will continue to be endangered.”