In Case You Missed It

China's cyber spying takes 'production line' approach

The industrial scale of China's cyber espionage has been highlighted by a FireEye investigation that found two separate spy groups using the same tools and techniques, even though they are hundreds of kilometres apart and targeting different victim groups.

The spookily parallel activity of the Guangdong Province-based Moafee attack group, which targets the US defence industry and other countries' governments and military organisations, and Jiangsu Province-based DragonOK, which targets Japanese and Taiwanese high-tech and manufacturing companies, reveals the “production line” efficiency of China's cyber espionage says FireEye.

In a 10 September blog, FireEye's Thoufique Haq, Ned Moran, Mike Scott and Sai Omkar Vashisht detailed how both attack groups:

FireEye concludes: “We believe that these groups are from two distinct regions in China and possibly (1) are collaborating, (2) received the same training, (3) have a common toolkit supply chain, or some combination of these three - which means they are employing a ‘production line' type approach to initiating cyber attacks to breach defences.”

More (original article)


US court claims right to British MPs' emails

The stakes have been dramatically raised in a court case where Microsoft is fighting a US Government attempt to seize customer data held on its servers in Ireland - after it emerged that British MPs' emails are stored there as well.

On Monday, New York district court judge Loretta Preska ruled that Microsoft was in contempt for failing to hand over the emails of one of its European customers held in Dublin by a 5 September deadline.

The judge insists that a US search warrant to seize the data – made in relation to a drugs trafficking investigation – is valid, even though the data is stored outside the US.

But now John Hemming, Lib Dem MP for Birmingham Yardley, has revealed that Microsoft is storing the confidential emails of Britain's MPs on the same cloud-based servers - potentially giving the US the legal right to access that data, as well as that of ordinary UK companies and individuals.

More (original article)


Europe's largest IT security training event

SANS is hosting the largest IT training event outside the USA at the Grand Connaught Rooms in London's West End with 16 specialist courses, most with an associated certification and all led by SANS' world class instructors. Running from Saturday 15th to Monday 24th November 2014, the courses offer both learning experience and the opportunity to network and socialise with fellow security executives, plus SANS instructors. Registration is now underway. Visit: http://www.sans.org/event/london-2014/


Customer cards hacks increase

British businesses have paid out more than £878,000 over the last three years due to hackers successfully accessing cardholder data according to figures from payment processing company Worldpay.

Of those companies whose customer card data was hacked in 2013, 61 percent were small companies. Businesses in the electrical, hardware, and automotive industries have had more card data security breaches than any other, followed by pharmaceuticals, cosmetics, and clothing retailers.

This cost, paid out to third parties who undertake forensic investigations into the fraud and make repairs, is the result of a wider problem facing businesses and consumers. Worldpay's data shows that the number of credit and debit cards at risk from security breaches in the UK has grown by a staggering 1518 percent since 2012 – from under 200,000 cards to more than three million in 2013. At least 6.57 million cards have been put at risk over the past three years.


Malvertising: a bigger problem than the industry thinks?  

Hard on the heels of the mysterious `Kyle and Stan' South Park themed `malvertising' attack seen earlier in the week, it appears that the problem of malvertising is a lot larger than anyone suspected, with research suggesting that as many as 20 percent of computers are being hit by the problem globally.

The attack has been running since May and is described by Cisco as "highly sophisticated" because it delivers different 'mutating' adware and spyware depending on whether the recipient is a Windows or Mac user. The code also reportedly drops unique malware on every victim to help avoid detection.

More (original article) 

ICO warns on leaving employees walking off with company info

The warning comes in a week when a paralegal - who previously worked at Dewsbury-based Jordans Solicitors - was prosecuted for illegally taking the sensitive information of more than 100 people before leaving for a rival firm in April 2013. The UK data regulator say the information was contained in six emails sent by James Pickles in the weeks before he left the firm.

Pickles had hoped, says the ICO, to use the information - which included workload lists, file notes and template documents but still contained sensitive personal data - in his new position. He was prosecuted under section 55 of the Data Protection Act and on Tuesday fined £300, ordered to pay a £30 victim surcharge and £438.63 prosecution costs.

Commenting on the case, Stephen Eckersley, the ICO's Head of Enforcement, said that stealing personal information is a crime.

"Employees may think work related documents that they have produced or worked on belong to them and so they are entitled to take them when they leave. But if they include people's details, then taking them without permission is breaking the law. Don't risk a day in court," he added.

More (original article)


Biometric smartphone use to rise tenfold in four years

Biometric smartphone use is expected to rise almost tenfold, from the 43.23 million users in 2013, to 471.11 million by 2017. In these four years, biometrics will transition from the early adopters to the early maturity phase, enabling the technology to overtake existing technologies. By 2019, biometrics will be a significant component of most mobile devices.

New findings from Frost & Sullivan, Biometrics Go Mobile: A Market Overview, show the biometric revenue from smart phones is expected to increase from US$ 53.6 million (£33 million) in 2013 to US$ 396.2 million (£224 million) in 2019 growing 39.6 percent per year. Apple and Samsung already launched mobile devices with biometric features in 2013, both using fingerprint sensors as a way of unlocking the device. 

More (original article)


Cloud computing hit by 'Celebgate'

The mass media coverage of 'Celebgate' – the leaking of dozens of nude photos of Hollywood actresses and others stored on Apple's iCloud service – has severely damaged its credibility and caused many consumers and enterprises to question their cloud strategy.

The pictures –some genuine, some fake – were dumped on two image-sharing sites, 4Chan and AnonIB, along with a list of over 100 other celebs whose images may have been stolen, including Downton Abbey actress Jessica Brown Findlay, model Cara Delevigne, singer Avril Lavigne and ‘Big Bang Theory' actress Kaley Cuoco.

The leaks were blamed on hackers using brute-force attacks to crack the victims' Apple account passwords and download the images stored on iCloud.

Apple initially found no breach of iCloud or Find my iPhone and advised: “To protect against this type of attack, we advise all users to always use a strong password and enable two-step verification (2FA).” But damagingly, the BBC and mobile security firm Lookout, among others, reported that as well as Apple allowing repeated brute-force attacks in the first place, the 2FA system on iCloud can be bypassed using some commonly available software (whilst still needing the user's password), and in any case 2FA only protects some services – not including photo storage.

More (original article)


Kids - the weakest link in computer security

With children - of all ages - returning to school and college across most of the UK this week, Kaspersky Lab has released a timely piece of research that claims these bundles of joy to their parents and guardians are also the weakest link when it comes to computer and Internet security.

According to joint research by Kaspersky Lab and B2B International, 21 percent of users say they have lost either money or important information as a result of their children's online activity.

This number suggests that, in addition to the risk of children encountering cyberthreats, they can also cause inadvertent problems for their parents.

Kaspersky's research says that this percentile is not so surprising when you consider that 44 percent of respondents believe their children know little about computer technology - and 35 percent of kids know nothing of cyberthreats.

More (original article)


Women's security society event in London

The Women's Security Society, which aims to encourage and promote both women and men across the security industry, will be holding an event on Tuesday 16th September from 18.30 to 21.00 at PwC Embankment Place, London WC2N 6RH around the theme "Your Personal Brand: Capitalising On Who You Are ". Newcomers are particularly invited to join the event which will feature speakers and an opportunity to network with members.


'Kyle and Stan' malvertising attack infects millions

The attack has been running since May and is described by Cisco as “highly sophisticated” because it delivers different ‘mutating' adware and spyware depending on whether the recipient is a Windows or Mac user.

It also drops unique malware on every victim to help avoid detection, says the company in an 8 September blog.

Cisco has nicknamed the network ‘Kyle and Stan' because most of the 700-plus domains it identified being used by the attackers are named ‘stan.mxp(1-4 digits).com' or ‘kyle.mxp(1-4 digits).com'.

In the blog, Cisco's Armin Pelkmann, Shaun Hurley and David McDaniel say: “The network leverages the enormous reach of well-placed malicious advertisements on very well-known websites in order to potentially reach millions of users.

More (original article)