by Connor Madsen | Jan 25, 2019 | Industry Intel
Anatova Ransomware Reaches Global Market
A new ransomware
family, dubbed Anatova by researchers, has been infecting machines across
the globe. During encryption, Anatova appears to focus on small files to speed
up overall encryption times, but doesn’t append the encrypted files with a new
extension. Unexpectedly, this variant demands DASH crypto coins, rather than
using a currency with a less visible transaction ledger. It also uses several tactics
to prevent analysis in both real-world and virtual environments.
Android Malware Remains Dormant until it Detects Motion
On the Google Play store, researchers have discovered several
malicious
apps that rely on an unusual trigger to install a banking Trojan: motion
sensors. By monitoring the motion sensor in a specific mobile device, the
malware can determine if it is a real victim device or a research emulator (which
would likely remain stationary during analysis.) In particular, one of these
insidious apps was downloading the Anubis banking Trojan, which launched a fake
Android update screen to start keylogging in hopes of capturing banking
credentials.
Google Faces First Major GDPR Fine
Regulators in France have issued a fine
against Google for two separate complaints, the first being the company’s
misuse of their users’ data, the second being the legal use of that data
without providing the user enough details to give fully-informed consent. This
fine is the first issued by the CNIL, the official regulator for France, and
could cost Google up to $57 million.
ElasticSearch Database Exposes Online Gambling Bets
In the last couple days, security researchers have
discovered a database holding sensitive information on dozens of online
casino sites’ bettors. After contacting the hosting provider,
researchers verified that the database, which contained over 100 million bet
entries, had finally been secured. However, it’s still unclear whether the database’s
owner or the ISP was responsible.
Chinese Crypto Farms Get Unique Ransomware Strain
Since China houses most of the world’s cryptocurrency
mining farms, it comes as little surprise that malware authors are beginning
to focus on this lucrative market. By infecting Antminer devices, which mine
Litecoin and Bitcoin, this variant can quickly shut down the device and prevent
further mining operations. Victims must choose between paying an extremely high
ransom and allowing the infection to spread to thousands of other devices. For victims
who do not pay, this variant also threatens to shut down devices’ fans, causing
them to overheat and eventually destroy themselves.
by Emily Kowalsky | Jan 23, 2019 | Home + Mobile
Fitness trackers and other digital wearables have unlocked a new era of convenience and engagement in consumer health. Beyond general fitness trackers, you can find wearables for a variety of purposes; some help diabetics, some monitor for seizure activity, and some can aid in senior citizens’ health and quality of life. But the convenience of an interconnected lifestyle may be a double-edged sword. Fitness trackers and wearables are notoriously unsecured. Wearables record and store some of our most sensitive health data—which is often 10x more valuable than a stolen credit card— making them a particularly attractive target for hackers.
So what types of data does your fitness
tracker store? For a start, it holds the identifying information required to
set up your account, such as your email, username, and password. But other
fitness tracking specifics can make a user easier to identify, including as
gender, birthdate, geographical location, height, and weight. Health and
activity data provides an in-depth look at the user’s daily habits through the
power of GPS monitoring. If your device is paired inside of a network, other
personal device information will also be stored, such as your Unique Device IDs
or MAC addresses. Depending on the device, your wearables may also store your
credit card information or bank account information.
New vulnerabilities
Because of their versatility, wearables and
fitness trackers leave us vulnerable in many ways. In last year’s MyFitnessPal
hack, which affected 150 million users, attackers hoped
to access credit card information but came away with only usernames and
passwords. But what about the information that is more specific to wearables,
like GPS tracking? After the fitness tracker Strava revealed hidden army bases
through heatmap tracking, the Pentagon began to restrict the use of wearables
by military personnel due to the potential security threat. And the recently
uncovered MiSafe
vulnerability left thousands of children unsecured,
allowing hackers to track their movements, listen in on conversations, and
actually call children on their smart watches.
Even with these concerns, the wearables market
continues to grow, with the prevalence of such devices predicted to double by 2021. Large healthcare
organizations and insurance carriers are also starting to use insights from
fitness trackers to influence both patient care and insurance rates. We’re even
beginning to see the introduction of wearables for employee tracking, although
this has met with mixed response. With this increased exposure to potentially
insecure technologies, you’ll need to take extra steps to ensure your family’s
security.
Where to start
Always research any fitness trackers or
wearable devices before you commit, and be sure to avoid devices with any known
security flaws. Notable examples to
avoid are Medion’s Life S2000 Activity Tracker and Moov’s Now tracker. The Life
S2000 requires no authentication and sends data unencrypted, and the Now
tracker can leave users vulnerable to attack via Bluetooth connectivity. Even
larger brands like Lenovo struggle to maintain an adequate level of security in
their fitness trackers; the Lenovo HW01 smart band sends both registration and
login data to its servers unencrypted.
Although it’s tedious, we recommend you always read the privacy policy of any wearable device or fitness tracking app before you use it. If the data storage and security measures outlined in the policy aren’t up to snuff, request a refund and let the manufacturer know why. Periodically reviewing your app’s privacy settings on your phone is also a good practice—just to make sure you’re comfortable with the app’s level of access. Take common-sense cybersecurity measures to help keep your wearables as secure as possible. Never reuse passwords or use third party login services like Facebook Login, and consider using a password manager like LastPass® instead.
Wearables and fitness trackers are here to stay, and the Internet of Things (IOT) is only going to keep growing. We have to work together to protect ourselves as we integrate these technologies into our daily lives. After all, the price of convenience cannot match the value of our personal security.
As always, be sure to check back here to stay updated on the newest cybersecurity trends.
by Connor Madsen | Jan 18, 2019 | Industry Intel
Texas Town Brought to a Halt by Ransomware
Several days ago the town of Del
Rio, Texas, fell victim to a ransomware attack that knocked most of
the town’s major systems offline. While the town’s IT department quickly worked
to isolate the infection, remaining departments were forced to switch to
hand-written transactions in order to not completely shut down. Fortunately,
the attack was quickly resolved and all city websites returned to normal within
only a couple of days.
Data Vulnerability Affects Booking Systems for 141 Airlines
Researchers recently discovered a data vulnerability affecting the Amadeus ticket booking system, which is used by more than a hundred international airlines. By making simple changes to a provided URL link, researchers were able to access passenger records and view related flight information. They were also able to access an Israeli airline’s user portal and make changes to the user account, and even change or cancel flight reservations.
Ryuk Ransomware Surpasses $4 Million in Ransom Payments
The ransomware variant known as Ryuk
has pulled in nearly $4 million in Bitcoin payments alone since last August. By
remaining dormant on previously infected systems, Ryuk can stay hidden for
months or even years while its operators build an understanding of the system.
In doing so, the attackers are able to command much higher ransom payments by
focusing on victims with the means to pay a larger sum.
Account Vulnerability Plaguing Fortnite Players
A new vulnerability has been found pertaining to user
accounts for Fortnite
that could allow attackers to take full control of an account. By intercepting game-specific
authentication tokens, attackers could access a user’s payment card details and
use them to purchase in-game currency, or even gain access to a victim’s
in-game conversations. Fortunately, Epic Games reacted swiftly to the announced
exploits and quickly resolved the security flaws.
Advertising Hack Pushes Malware on Online Shoppers
The latest MageCart attack has compromised the entire
distribution network for Adverline,
a French advertising company that conducts a substantial amount of business in
Europe. By injecting a malicious JavaScript code into dozens of online stores,
the attack has been used to steal payment data from at least 277 unique
websites thus far. By starting the attack at the top of the distribution chain,
these types of attacks have an increased chance of success as the number of
victims rises.
by George Anderson | Jan 15, 2019 | Business + Partners, Managed Service Providers
For many MSPs, integrating their security solution with their remote monitoring and management (RMM) and professional service automation (PSA) platforms is essential for doing business. Together, these platforms help lower the cost of keeping up with each client, ensuring profitable margins for a healthy, growing business.
For true providers of IT services—MSPs that sell services rather than licenses and take a holistic approach to client IT health—RMM and PSA integrations are critical for keeping track of hundreds or even thousands of unique endpoints and automating recurring operations for numerous clients.
Like many of the other features of our security solutions, our RMM and PSA integrations are custom-built with the needs of MSPs in mind. They’re designed to help MSPs create the most efficient, well-oiled versions of their businesses possible so that service is prompt, solutions are effective, and profit is preserved.
Here’s what you should expect from your RMM and PSA security integrations:
- Faster rollouts- One of the core benefits of RMM-assisted deployments, expect rollouts to new endpoints to be fast and hassle-free with well-designed integrations. New endpoints should be easy to set up with protection turned on in just a few clicks.
- Simplified management- Efficiency is key to profitability. So a centralized dashboard displaying what’s running, what’s broken and how, infection statuses, endpoints requiring attention, and more helps increase the number of endpoints a single technician can manage, boosting efficiency and, ultimately, profitability.
- The data you need- The best RMM and PSA integrations make it possible to get the data you need to run a successful business. Whether it’s per-client data for calculating a client’s cost to you, information on policy settings for sites and endpoints, or additional reporting delivered to clients to promote peace-of-mind, having access to allof your data empowers decision-making.
Integrations don’t have to end there
Integrating disparate products can be a laborious, time-intensive process. For that reason, many security vendors are reluctant to coordinate too closely with customers to automate functions unique to their businesses. But it doesn’t have to be that way.
Advanced plugins and tools allow for complete customization of dashboards, reporting, and data tracking. Each can be customized to track the metrics most useful to the organization. Critical processes, like issuing periodic reports, can be fully automated. This can be extremely beneficial when it comes to communicating with customers. Weekly or monthly reports demonstrate that, despite a lack of any major security incidents, it wasn’t for lack of trying on the part of cybercriminals.
More than simply allowing different business platforms to talk to one another, integration plugins can be used for running commands and performing actions. This includes creating, modifying, or deleting licenses, removing duplicate endpoints, or quickly creating new console sites.
Insist on better integrations
So when considering which cybersecurity vendor offers the most for your MSP, consider not only whether the solution allows you to communicate with your RMM and PSA platforms, but also how deeply. Does the vendor have a dedicated integrations team? Do they offer tools for the customization of business-specific reporting? Can essential, recurring business processes be automated?
The answers to the questions above will help you determine how much value RMM and PSA integrations add for your business. In a market where margins can be razor thin and built-in efficiencies can make or break the bottom line, the answers may make all the difference.
by Connor Madsen | Jan 11, 2019 | Industry Intel
Malicious Apps Get Millions of Installs
Google recently removed 85 apps from the Play Store after
they were found to contain predatory
adware. With over nine million combined downloads, the apps were
mostly fake games or utility apps that began pushing a constant stream of full-screen
ads to users until the app itself crashed. More worrisome, while nearly all the
apps shared similar code, they were mostly uploaded from different developer
accounts and used different digital certificates to minimize detection.
Tuition Scam Targets UK College
Several parents of students attending St.
Lawrence College in the UK fell victim to an email scam over the
holidays that requested early tuition payment at a discounted rate for the
upcoming terms. While security measures surrounding parental information have
since been improved, at least two separate families confirmed they sent
undisclosed amounts of money to the scammers. Though these types of attacks target
large audiences, it takes only a small number of successful attempts to make
the campaign profitable.
Australian EWN System Hacked
With the help of a strong detection
system, a brief hack of the Australian Early Warning Network (EWN)
was quickly shutdown. Some of the messages contained warnings about the
security of the EWN and listed several links that the user could navigate
through. Fortunately, staff were quick to notice the severity of what was
occurring and acted to prevent additional customers from being spammed.
Ransomware Uses Children’s Charity as Cover
When CryptoMix
first came to light, it included a ransom note masquerading as a request for a
“donation” to a children’s charity. It has since returned, but now includes
actual information from crowdfunding sites attempting to help sick children and
using their stories to guilt victims into paying a ransom. Even worse, as
victims navigate the payment process, the ransomware continues to urge them on
with promises that the sick child will know their name for the aid they
provide.
Exploit Broker Raises Bounties for New Year
Following the New Year, a known exploit
broker, Zerodium, announced they would be effectively doubling all
bounty payouts for zero-day exploits. While lower-end Windows exploits will net
a researcher $80,000, some Android and iOS zero-days will pay out up to $2
million. Unfortunately for many working on the lawful side, nearly all the
exploits obtained by Zerodium will be privately sold, rather than used for
patching or improving security.
by Emily Kowalsky | Jan 10, 2019 | Home + Mobile
We live in a digital age where internet-connected devices are the norm. Our phones, our televisions, even our light bulbs are tied together in today’s tech ecosystem. For high school and college students, this degree of digital connection is the standard, and when school is in session, tech accessories are a popular way to customize the various connected devices that are now an essential part of students’ lives.
With their focus on specialized accessories, it’s easy for
students to overlook the importance of securing their connected devices. What’s
the point of an expensive phone case or the perfect PopSocket if you’re leaving
yourself, and your data, vulnerable? Hacks, security breaches, and stolen
identities are often seen as things that don’t happen to digital natives. But
security breaches can happen to anyone—no matter how sophisticated a user may
be—and are almost always preventable by practicing safe
cyber habits and having the right security is in place. But where do you start?
Back to basics
For students at any level, these best practices may seem eye-rollingly intuitive, but they are the basic tools for staying safe and secure online. Flaws with basic cybersecurity often prove to be the catalyst for a chain reaction of breaches, so by making sure these essential fail-safes are in place, you go a long way toward protecting yourself from cybercrime.
Awareness
Being aware of your surroundings and the connectivity of
your devices is the first step towards a digitally secure life. But what does
awareness mean from a cybersecurity standpoint? It means turning airdrop, file
sharing, and open Bluetooth connectivity off, before you use your device in a public area. It means not leaving
your laptop unattended, even if you’re just running to the bathroom at the
coffee shop. It means using a free tool, such as haveibeenpwned.com,
to see if your data has been breached in the past and taking corrective
measures if it has been. Most importantly, it means treating public networks
like they are public, and not accessing sensitive information through them
unless you take the proper precautions (more on that below).
Two-Factor authentication
Two-factor authentication, where a validation message is
sent upon login, is a security feature that verifies that you are the one who is actually attempting to access your account,
particularly if the access request is coming from an unrecognized device or
location. Two-factor authentication is the best way to
stop unauthorized users from logging into your accounts. Most social
media services offer two-factor authentication, but if you don’t trust them to
be up to the task, use a third party service such as Authy or Google
Authenticator. SMS and email two-factor authentication measures are demonstrably weaker than other
available two-factor measures, and should be avoided if possible (although it’s
better than using only a password alone).
Multiple passwords
No one likes to remember multiple passwords, let alone
multiple secure passwords. But never reusing passwords is the best way to
prevent third-party breaches from affecting multiple accounts. A good tip for
varied passwords you can remember? Choose a phrase (or favorite song lyric) and
break it down into sections. For example, the
quick brown fox jumps over the lazy dog, becomes three separate passphrases.
- the quick brown
- fox jumps over
- the lazy dog
This is a handy trick to wean yourself off the same two
passwords you’ve been using since middle school, and is better than password
redundancy. Make sure you include spaces in your passphrases. In the rare case
spaces are not allowed, then a phrase without spaces will suffice.
Digging deeper
If the tips above are the metaphorical security sign in the
window of your digital life, the measures outlined below are the actual
security system. A small amount of additional effort on your part will help
keep you safe during your educational career.
Antivirus software
Making sure you have trusted antivirus software running on
all devices is one of the most effective ways to stay safe from online threats.
A cross-device service, such as Webroot
SecureAnywhere® solutions, will keep you safe from potentially malicious
emails, files, or apps. An important step to never skip? Keeping your antivirus
software up to date. This will help prevent newly surfaced viruses and malware
from penetrating your systems. Or, chose cloud-based antivirus solutions, like Webroot’s,
that do not require updates.
Password managers
Don’t want to bother with remembering passwords at all?
Password managers with secure
encryption make generating and storing passwords safe and easy. Many
password managers are compatible with common browsers such as Chrome and
Firefox, making it easy
to securely auto-fill passwords and other forms online.
Message encryption
Encryption services use ciphers to convert messages into
random symbols, which are only able to be converted back when accessed by the
intended recipient, with a special key. Common encryption options are Apple
Messages and Signal, as well as WhatsApp, which is owned by Facebook. If you
prefer an encryption option that isn’t owned by a large corporation, Signal is
a part of Open Whisper Systems.
Virtual private networks
If you must access sensitive information through a public
network, setting up a virtual private network (VPN) will block and
redirect your IP address, preventing outside parties from tracking
and storing your information. Your VPN setup will largely depend on both your
specific devices and price point, but with a little research and energy you can
prevent anyone and anything from accessing your digital vault.
Vigilance is key
These tools are the true must-have tech accessories to
support young people today and their digitally enhanced life. It’s easy to be
overwhelmed as a student with school, work, and social life, but don’t let your
cybersecurity defenses lag. Stay informed and stay updated.
by Aaron Sherrill | Jan 7, 2019 | SMBs
SMBs are overconfident about their cybersecurity posture.
A survey of SMBs conducted by 451 Research found that in the preceding 24 months, 71% of respondents experienced a breach or attack that resulted in operational disruption, reputational damage, significant financial losses or regulatory penalties. At the same time, 49% of the SMBs surveyed said that cybersecurity is a low priority for their business, and 90% believe they have the appropriate security technologies in place. Clearly, SMBs are not correctly evaluating cybersecurity risk.
Many of us can relate – each day we ignore obvious signs that point to a reality that is in direct contrast to our beliefs. For example, as each year passes, most of us get a little slower, muscles ache that never ached before, we get a bit softer around the middle, and we hold our reading material farther away. Yet, we are convinced we could take on an NBA player in a game of one-on-one or complete the American Ninja Warrior obstacle course on the first try.
While it’s unlikely that most of us can make the improvements needed to compete with elite athletes, the same can’t be said for enterprise cybersecurity. The journey is not an easy one given the security talent vacuum, a lack of domain understanding at the executive level, and the complexity of implementing a long-term, metric-based strategy. But, if you are an SMB struggling to run up and down the proverbial court, here are five things you should consider when building a better security practice:
1. Experienced staff are valuable, but expensive, assets.
Although enterprise cybersecurity is a 24/7/365 effort requiring a full roster of experienced professionals, many SMB cybersecurity teams are underequipped to handle the constant deluge of alert notifications, let alone the investigation or remediation processes. In fact, only 23% of survey respondents plan to add staff to their security teams in the coming year. For many SMBs, the security staffing struggles may get worse as 87% reported difficulties in retaining existing security professionals. To fill this gap, SMBs are increasingly turning to MSPs and MSSPs to provide the expertise and resources needed to protect their organizations around the clock.
2. Executives understand what is at stake, but not what action to take.
As the threat landscape becomes more treacherous, regulatory requirements multiply, and security incidents become more common, executives at SMBs have become more acutely aware of the business impact of security incidents – most are feeling an urgency to strengthen organizational cybersecurity. However, acknowledging the problem is only the first step of the process. Executives need to interface with their internal security teams, industry experts and MSPs in order to fully understand their organization’s risk portfolio and design a long-term cybersecurity strategy that integrates with business objectives.
3. Security awareness training (SAT) is low-hanging fruit (if done right).
According to the 451 Research Voice of the Enterprise: Information Security: Workloads and Key Projects survey, 62% of SMBs said they have a SAT program in place, but 50% are delivering SAT on their own using ‘homegrown’ methods and materials. It should be no surprise that many SMBs described their SAT efforts as ineffective. MSPs are increasingly offering high-quality, comprehensive SAT for a variety of compliance and regulatory frameworks such as PCI-DSS, HIPAA, SOX, ISO, GDPR and GLBA. SMBs looking to strengthen their security posture should look to partner with these MSPs for security awareness training.
4. Securing now means securing for the future.
The future of IT architecture will span both private and public clouds. This hybrid- and multi-cloud infrastructure represents a significant challenge for SMBs that require a cybersecurity posture that is both layered and scalable. SMBs need to understand and consider long-term trends when evaluating their current cybersecurity strategy. With this aim in mind, SMBs can turn to MSPs and MSSPs with the experience and toolsets necessary for securing these types of complex environments.
5. A metrics-based security approach is needed for true accountability.
In a rush to shore up organizational security, SMBs might make the all-too-common mistake of equating money spent with security gained. To be clear: spending not backed by strategy and measurement only enhances security posture on the margins, if at all. To get the most bang for each buck, SMBs need to build an accountable security system predicated on quantifiable metrics.Again, this is an area where SMBs can partner with MSPs and MSSPs. This serves as an opportunity to develop cybersecurity strategy with measurable KPIs to ensure security gains are maintained over time. MSPs can help SMBs define the most applicable variables for their IT architectures, whether it be incident response rate, time-to-response or other relevant metrics.
The strategic reevaluation of organizational security is a daunting task for any organization, but given the risks SMBs face and their tendency to be underprepared, it is a necessary challenge. These key points of consideration for SMBs embarking on this critical journey underscore the importance of building an accountable and forward-looking security system and highlight the ways in which SMBs can work alongside MSP or MSSP partners to implement the right cybersecurity system for their organizations. I hope this will be the wake-up call all SMBs need to unleash their inner cybersecurity all-star.
If you’re interested in learning more about how other SMBs are approaching cybersecurity, read my report Security Services Fueling Growth for MSPs.
by Connor Madsen | Jan 4, 2019 | Industry Intel
American Newspapers Shutdown After Ransomware Attack
Nearly all news publications owned by Tribune Publishing suffered disruptions in printing or distribution after the publisher was hit by a ransomware attack. Many of the papers across the country were delivered incomplete or hours or days late. Even some papers that had been sold off to other publishers in previous years were affected. Fortunately, digital and mobile versions of the newspapers were untouched by the attack, allowing users to view local news as normal online.
‘PewDiePie’ Hacker Turns Focus to Smart Devices
The hacker previously responsible for hacking
thousands of printers and directing them to print ads in support of
PewDiePie, the world’s largest YouTuber, has now started using unsecured smart
devices to continue the campaign. In addition to requesting the “victim”
subscribe to PewDiePie, the hacker’s main message is to bring light to the
extreme lack of security many of us live with daily. By using the standard
ports used by smart TVs to connect to streaming devices, the hacker has even
created scripts that will search for these insecure ports and begin connecting
to them.
California Alcohol Retailer Faces Data Breach
One of the largest alcohol retailers in California, BevMo,
recently announced they’ve fallen victim to a credit card breach on their
online store. The breach lasted for nearly two months, during which time
customer payment card data for nearly 14,000 customers was illegitimately
accessed. While officials are still unclear as to who was behind the breach, it
is likely related to the MageCart attacks that appeared across the globe during
the latter half of 2018.
Blur Password Manager Leaves Passwords Exposed
An independent security researcher recently discovered a
server that was allowing unauthenticated access to sensitive
documents for well over two million users. The exposed information
included names, email addresses, IP addresses from prior logins, and even their
account password, though the company has remained firm that the passwords
contained within their accounts are still secure. Since the reveal, Blur’s parent
company, Abine, has prompted users to change their main passwords and enable
two-factor authentication, if they had not already done so.
Bitcoin Wallets: Still Major Target for Hackers
Nearly $750,000 worth of Bitcoin was stolen from Electrum
wallets in an attack that began only a few days before Christmas. By
exploiting a previously documented vulnerability, the hackers were able to inject
their own server list into the connections made by the Electrum wallet and
successfully rerout their victims to another server, where they were then
presented with a fake update screen. By moving forward with the “update,”
malware was promptly downloaded to the device and users could then enter their
wallet credentials, only for them to be stolen and their accounts drained.
by Connor Madsen | Dec 28, 2018 | Industry Intel
Amazon User Receives Thousands of Alexa-Recorded Messages
Upon requesting all his user data from Amazon, one user promptly received over 1,700 recorded messages from an Alexa device. Unfortunately, the individual didn’t own such a device. The messages were from a device belonging to complete stranger, and some of them could have easily been used to find the identity of the recorded person. While Amazon did offer the victim a free Prime membership, it’s cold comfort, as these devices are constantly recording and uploading everyday details about millions of users.
San Diego School District Hacked
In a recent phishing scheme, hackers successfully gained the trust of a San Diego Unified School Districtemployee and obtained credentials to a system that contained student, parent, and staff data from the past decade. The database mostly consisted of personal data for over half a million individuals, but also included student course schedules and even payroll information for the District’s staff.
Data Breach Affects Hundreds of Coffee Shops
Attackers were able to access payment data for 265 Caribou Coffee shopsacross the United States. The breach could affect any customers who made purchases between the end of August 2018 and the first week of December. The company recommends that any customers who may have visited any of their locations across 11 states engage a credit monitoring service to help avoid possible fraud.
FBI Shuts Down DDoS-for-Hire Sites
At least 15 DDoS-for-Hire siteshave been taken down in a recent sweep by the U.S. Justice Department, and three site operators are currently awaiting charges. Some of the sites had been operating for more than 4 years and were responsible for over 200,000 DDoS attacks across the globe. This is the second in a series of government-led cyberattack shutdowns over the last year.
Email Scam Offers Brand New BMW for Personal Info
A new email scam is informing victims that they’ve just won a 2018 BMW M240iand over $1 million dollars, which they can easily claim if they provide their name and contact information. Victims who provide their contact details are then contacted directly and asked to give additional information, such as their social security number and credit or bank card details. If you receive this email or one like it, we recommend you delete it immediately, without opening it.
by Megan Johnson | Dec 21, 2018 | Home + Mobile
The cybersecurity landscape is in constant
flux, keeping our team busy researching the newest threats to keep our
customers safe. As the new year approaches, we asked our cybersecurity experts
to predict which security trends will have the most impact in 2019 and what
consumers should prepare for.
Continued Growth of Cryptojacking
“Cryptojacking will continue to dominate the landscape. Arguably more than a third of all attacks in 2019 will be based off of leveraging hardware in your devices to mine cryptocurrency.” – Tyler Moffitt, Senior Threat Research Analyst
The largest cyber threat of 2018 will continue
its unprecedented growth in 2019. Cryptojacking—a type of hack that targets
almost any device with computing power, including mobile devices, company
servers, and even cable routers to mine for cryptocurrencies—grew
by more than 1,000% in the first half of 2018. Compared to ransomware attacks,
cryptojacking is incredibly stealthy, with many systems losing processing power
while sitting idle anyway. We are now seeing cryptojacking in more significant
systems, as was the case when Nova Scotia’s St. Francis Xavier University struggled
for weeks to recover after cryptojacking software led to the school to disable its
entire digital infrastructure in order to purge the network. For home internet
users, cryptojacking can put undue stress on your computer’s processor, slowing
down performance and increasing your electric bill.
But, as with any cybersecurity threat, it’s a
constant cat-and-mouse game between criminals and the security industry. As
cryptojacking continues to grow, so does criminals’ ability to successfully
implement the attack. At the same time, so does our knowledge and ability to
defend against it. This type of attack can impact your devices in multiple ways,
whether via a file on your computer or a website you visit. We recommend a
layered solution that can protect against these
different attack vectors, like Webroot SecureAnywhere® solutions.
General Data Protection Regulation (GDPR) Influence
“We are going to see a lot more legislation proposed within the US that will be very similar to GDPR, much like California already has. These types of laws will inspire the idea that companies don’t own data that identifies people, and we need to be better stewards of that data. Data, by all accounts, is a commodity. It’s necessary for innovation and to stay competitive, but the data must be good to be of any use.” – Briana Butler, Engineering Data Analyst
The General Data Protection Regulation (GDPR) is a set of regulations put in place in 2018 that standardize data protection measures within the European Union, marking the beginning of a new era of international data protection. In the United States, California has been on the frontlines of data protection law since 2003 when bill SB1386 was passed, pioneering mandatory data-breach notifications nationwide. California continues to innovate in data privacy law with the recently passed California Consumer Privacy Act of 2018 (CCPA), possibly the toughest data privacy law in the country. Although clearly influenced by GDPR, it differs in many ways—enough that companies who are compliant with GDPR may need to take additional steps to also be compliant under the CCPA. But it’s not just lawmakers who are pushing for data protection regulation, influential tech industry leaders like Tim Cook are also calling for stronger consumer protections on data collection nationwide.
What does this mean for you? Expect another wave of “Privacy Update” emails and cookie collection pop-up notices while browsing, as well as expanded protections regarding the collection and storage of your personal data. Given the rising regularity of third party data breaches—like the one that recently left 500 million Marriott guests exposed—stronger data protection laws can only mean good things for consumers.
Biometrics on the Rise
“We will see continued growth in biometric services. Devices with usernames and passwords will become the legacy choice for authentication.” – Paul Barnes, Sr. Director of Product Strategy
Largely associated with facial and fingerprint recognition, biometrics have been on the rise since at least 2013, when the launch of TouchID placed the technology in every iPhone user’s hands. But the adoption of biometric technologies—particularly facial recognition biometrics—was dampened by cultural and ethical concerns, with some fearing the establishment of a national biometric database. But today we are beginning to see the normalization of facial recognition biometrics, like those utilized by Snapchat and Instagram. Biometrics are also now widely seen used in critical infrastructure applications. Airports use biometrics to facilitate a faster boarding process, and hospitals are adopting biometrics for both patient care and as a HIPAA security precaution.
We predict this regular exposure to biometrics will lead to a larger cultural acceptance and adoption of biometrics as a trusted security standard, leading to the eventual death of usernames and passwords. Why bother with a login when your computer knows the minute details of your iris? But convenience may come as a cost. Corresponding with rising use, biometric data will continue to become a more valuable commodity for cybercriminals to steal.
The Beginning of the End for SSNs
“There will be significant discussion around replacing Social Security numbers for a more secure, universal personal identity option.” – Kristin Miller, Director of Communications
In 2017 the Equifax breach compromised 145.5
million Social Security numbers, forcing us to face an uncomfortable truth:
SSNs are a legacy system. First available in 1935 from the newly minted Social
Security Administration, they were created to track accounts using Social
Security programs. They were never intended to act as the secure database key
we expect them to be today.
The conversation has already begun on the
federal level. “I think it’s really clear there needs to be a change,” White
House Cybersecurity Coordinator Rob Joyce said at the 2017
Cambridge Cyber Summit. “It’s a flawed system. If you think about it, every
time we use the Social Security number you put it at risk.”
Although it will be some time until we fully replace Social Security numbers, what should you expect from a replacement? When it comes to personal identifiers that are both unique and secure, the conversations tend to center around two technologies: biometrics and blockchains. Biometrics—particularly behavioral biometrics, which derive their logic from individual’s behavioral patterns, such as the syncopation of types or taps on a screen, or even your unique heart beat—are proving to be an especially intuitive solution.
Certification for the Internet of Things
“We will finally see a consumer IoT/connected goods certification body, similar to the Consumer Electrical Safety Certifications today. This will enforce the notion of Security by Design for a smart goods manufacturer.” – Paul Barnes, Sr. Director of Product Strategy
We love the Internet of Things (IoT). It
powers our smart homes, our fitness trackers, and our voice assistants. But IoT
devices are notoriously insecure, oftentimes featuring overlooked flaws that
can lead to exploitation in unexpected places. A recent Pew Research Center survey looked
at how growing security concerns are influencing the spread of IoT connectivity
reported only 15% of participants saying security concerns would cause significant
numbers of people to disconnect from IoT devices. Alternatively, 85% believe
most people will move more deeply into an interconnected life due to the
convenience of IoT products. Recently
published documents may signal that the time of putting convenience
ahead of security is quickly coming to an end.
The United Kingdom’s department for Digital, Culture, Media, and Sport (DCMS) published the “Code of Practice for Consumer IoT Security.” The code outlines thirteen steps for organizations to follow for the implementation of appropriate security measures in IoT offerings. It also emphasizes the need for a secure-by-design philosophy, a belief that security measures need to be designed into products, not bolted on afterwards. This type of regulatory influence on the industry is sure to make waves across the pond, and we are already seeing this play out with California’s new IoT security law.
Keep these predictions in mind as you make
your way through 2019. Staying informed is the best way to keep you and your
family safe, so check back here for more cybersecurity trend updates in the
future!
