Combating Creative Criminals — Protect your identity this holiday season

malware_analysis

This week’s blog will focus on malware sites and malware spam.  With the holidays quickly approaching, hackers are looking for creative ways to get you to download malicious content.  In addition to the normal adult themed, gibberish .coms, and legitimate sounding sites, we found a few with close misspellings of real and popular sites.  For example, a site seeking to trap those shopping at ‘Nordstrom’ used a close spelling of ‘Nordsrtom’.  Typing in an address too quickly can cause you to inadvertently download malware.  I suggest you use a search engine and follow the real link.

From the ePrism side, we continue to see low level shopping campaigns, with an expected ramp up early next week.  The vast majority of sites blocked over the past week were from known spamming servers.  These accounted for over 3 million emails blocked.

Many people are concerned, and rightly so, about data breaches over the past few months.  But let’s consider the problem from a different angle.  The reason that the stolen data is so valuable is because credit cards can be used without anyone checking if the card really belongs to them.  When was the last time someone asked for ID when you used a credit card at the supermarket? The gas station? Or ever when purchasing online?   Consider these tips when shopping in the future to limit your risks:

  1. Only use prepaid or low limit credit card for purchases.  Even if these numbers are stolen, the damage is more manageable over your $30K limit credit card.
  2. Use alternative methods of payment.  Apple Pay may be the way of the future.  Credit cards have been around since the 70’s.  The technological shift to new payment methods, that use more than one verification source, is far more secure.  Consider that even if you lose your phone, a thief could not access payment methods without your finger print.  Europe does something similar with their credit cards.  When a card is used, a pin is sent to the user’s cell phone for authentication.  Without the new pin for each purchase, the card is useless.
  3. Use cash.  Although you may not get the credit card “bonus points”, small retailers my offer a better discount when paying in cash.

Have a safe and happy Thanksgiving.  See you next week.


Mike Walls is Managing Director, Security and Operations and Analysis at EdgeWave. While on Active Duty in the U.S. Navy, Mike served as Commander Task Force 1030 reporting directly to the Navy’s Fleet Cyber Command, and was responsible for Cyber readiness of over 400,000 people, 300 ships, and 4,000 aircraft.  Comments and questions for Mike Walls are welcome: blog@edgewave.com

 

Cyber Security during the Holidays: All your troubles will be out of sight

crowded-studying

 

AAA projects that 46.3 million Americans will travel 50 miles or more from home during Thanksgiving weekend, the highest level since 2007. While traveling, it is likely that we make use of free Wifi in the airport, hotel lobby, or the coffee shop and will do some shopping online.

An estimated 3.4 million people more than last year will be shopping online during this holiday shopping season. A National Retail Federation (NRF) 2014 survey says that a record high, 56 percent of shoppers plan to make online purchases—up from 51.5 percent in 2013. Using mobile devices such as smartphones and tablets, online shoppers will pay out 16 percent more than other shoppers this year, spending and average of $931.75 on gifts, decorations, food, etc. Hackers know this is the big season, and due to the many breaches in retail and banking, and the recent discovery of operating system vulnerabilities, there are lots of opportunities to make money.

Using our own devices for a combination of work and personal transactions is the norm. We are so busy with the task at hand that it doesn’t occur to us that someone at the next table may be waiting for us to give them access. In public places, cyber criminals position themselves between your computer and the unsecured free wireless connection point so they can intercept information; even hackers hangout at the local Starbucks. Through this they can steal credit card numbers, email, website and company log-in credentials. They can also download malware on to a computer by offering a bogus update for commonly used software. If we accept the update, we have introduced an often undetectable piece of malicious software.

Free Wifi is everywhere, and can be a godsend when we want to work while traveling or avoid massive crowds while shopping online for the holidays. There are a few ways we can protect ourselves before we use public Wifi:

• First of all, disable WifI if you don’t need it. Our devices are set to search for networks by default, and if you’re working on local software for word processing or spreadsheets, you don’t need it. Also, turn off sharing in your system preferences or control panel.

• Use a Virtual Private Network (VPN) when connecting to your business. It will encrypt your data and make it very difficult for hackers to translate your information. Hackers are humans too, so they will willingly move onto an easier target.

• If you don’t have access to a VPN, you can go to your settings and select “always use HTTPS” to secure your log in credentials for frequently used websites.

Multi-tasking remotely with several devices is business-as-usual today. Most IT departments are aware of threats to internal networks and have precautions in place, but the more we know about how we can help prevent intrusions the better.

A comprehensive security system includes user education, human analysis of possible threats to sensitive information, and constantly updated automated intelligence. With a team of experts on duty 24/7, EdgeWave can prevent exploits from compromising networks across all devices with access. Visit www.edgewave.com to learn more.

The Dark Side: Ready for Black Friday

black-friday-shopping-620km111612-1363291018

While most Americans are in a blissful food coma, sleeping off a day of feasting and family celebration, hundreds of thousands of bargain hunters prepare for an early Holiday shopping rush. Black Friday, hailed as the largest shopping event of the year, will begin a few hours early this season. Many retail chains will leave their doors open on Thanksgiving, allowing their customers to take advantage of the massive discounts one day early. Let’s hope IT professionals take extra cyber security precautions before powering down for the festivities, keeping in mind that cybercriminals are the 21st century Grinch, and they will stop at nothing to try and steal your Christmas. Hackers around the world, who prey on vulnerabilities in the legacy systems that many retailers employ, are rubbing their hands together in anticipation of the biggest spending weekend of the year.

It has only been twelve months since Target’s breach made history, causing the retailer’s profits to plummet 46 percent in the last quarter of 2013, when the holiday season should have been their best time of the year. Michaels craft stores, which was breached twice in three years learned a valuable lesson; just because you have been breached once, have patched up vulnerabilities, and invested in new systems, does not make you immune to future intrusions. It is a problem that will never go away; the only thing to do is have a defense team that is one step ahead of the hackers.

A recent survey conducted by creditcards.com, estimated that about 45 percent of holiday shoppers this year will shy away from shopping at stores that experienced a data breach. Less than half of those surveyed said they might choose a cash option when shopping at those stores.

The National Retail Federation estimates that the average person, partaking in the Holiday shopping, will spend $804.42 this year, up 5 percent from last. While the use of cash seems like the logical solution to defeat the risk of credit and debit card fraud, few people are comfortable carrying that much cash to the mall for midnight sales, so choosing plastic over paper will seem far less risky.

Near Field Communication (NFC) payment systems, where you can tap your mobile phone directly to the POS to transfer funds, might be a more secure solution to carrying around wads of cash— but not so fast.

At Hewlett Packard’s Mobile Pwn2Own hacking competition in Tokyo last week, professionals proved that Near Field Communication (NFC) payment systems have fatal flaws that can allow criminals to take over mobile device setup for touch-payment. If you own an Apple iPhone, Samsung Galaxy, LG Nexus, or an Amazon Fire Phone, exercise caution when checking out.

Once you have experienced a security breach, you know that everything you have done up to that point has been inadequate. In the digital world, someone is constantly trying to break in. That’s why a Military Grade defense is the best offense. With a team of security specialists, engineers, and analysts on duty 24/7, EdgeWave protects businesses of all sizes against Advanced Persistent Threats.

Visit EdgeWave.com to or call 1-855-881-2004 to learn how easy it is to put Military-Grade cyber security to work protecting your business-critical data.

Next: Dark Side of Black Friday Part 2: Mobile Sites and Travel

11/13/2014 Cyber Threat Update

EPIC CTU

We are continually impressed with the human review process and our team of EdgeWave EPICanalysts. Our top EdgeWave ePrism Email Security rule this week swept up 1.25 Million emails with a great variety of senders, content and links. Even when switching between senders, hundreds of sender email addresses, subjects and content, we stopped an unbelievable campaign. Great job to the team.

Our second largest spam campaign focused on Ugg Boots. We stopped over 850,000 emails, and want consumers to know that the company does not give these kinds of discounts.

Lastly, again stopping over 850k emails, our customers will have to miss out on that “new pic”from the unknown woman. Nothing good will come from clicking that link.

From our EdgeWave iPrism Web Security side, we noticed several unrated sites for veterans and Veterans Day. As a veteran myself, I will make it a priority to get these sites rated!

Cyber crooks never miss an opportunity to send malicious email, and many will tug on our emotions surrounding calendar events and popular products and services —banking on just one click to hit the jackpot. We expect volumes to increase during the holidays and will report on topical campaigns as we detect them.


EdgeWave EPIC2 is a Military-Grade approach to cyber security that combines expert analyst review, advanced technology and a rigorous cyber operations approach to deliver real-time, active defense against cyber threats. Learn more or watch a short video.

National Cyber Security: A 25-year old with a thumb drive is no longer our biggest concern

CallFurst_Government_Agency

On Monday the Associated Press reported on recent government cyber security breaches and said that 50% of them are the consequence of employee error, usually from someone clicking a bad clink in a malicious email message. AP reported that in spite of a $10 million effort to combat cyber attacks, there were close to a quarter of a million attempts on federal agencies and government contractors this year. The research revealed that the people responsible for keeping systems secure are usually the culprits who make the mistakes that allow installation of malware.

“Workers scattered across more than a dozen agencies, from the defense and education departments to the National Weather Service, are responsible for at least half of the federal cyber incidents reported each year since 2010,”said the AP report.

The results of months of analysis came from AP the same day the U.S. Postal Service announced that 750,000 USPS workers had names, social security numbers and other personal information stolen from USPS servers. The breach also compromised the personal data of close to three million customers, including names, home addresses and phone numbers.

Government breaches revealed this fall include:

November:

  • U.S. Postal  Service: 750,000 employees, three million customers

October:

  • Unclassified computers at the White House were breached; Russian hackers believed to be responsible
  • National Weather Service employee downloaded restricted files containing sensitive information about vulnerabilities in 85,000 U.S. dams

September:

  • Malicious software uploaded to the networks of civilian transportation entities doing business with the Pentagon by the Chinese Military. A Senate investigation revealed at least 20 intrusions allowing the theft of documents, emails, computer codes, and other critical information from commercial ships and airlines used by the U.S. military.

These are known intrusions. It often takes months or years for breaches to be discovered and revealed, so the full extent of damage done is usually unknown. The breach of infrastructure information at the National Weather Service was discovered in 2012, but was not publicized until this month.

Educating employees about their roles and responsibilities in the protection of networks is critical, but even those who know better can be persuaded to click on malicious links. That is why preventing bad email from reaching them in the first place is the best defense.

EdgeWave’s Military Grade email security and web security systems provide a combination of expert human analysis and the strongest automated intelligence on the market to keep your network safe from hackers both internal and external to your organization. Read more about Military Grade cyber defense at www.edgewave.com.