The week in security: appealing to hackers' good sides

Julian Assange may be in the news for curious reasons these days, but the organisation he created raised eyebrows after the release of hacked emails from analyst firm Stratfor suggested companies including Google and may be interested in video-surveillance and analysis tool Trapwire.

Also on the questionable side of video surveillance was Facebook, as German authorities reopened proceedings against the company's facial-recognition technology, while some were suggesting that facial recognition technologies should be regulated to prevent abuse, while media sites are getting ready for abuse of a different sort as they steel themselves for an expected surge in politically motivated 'hacktivist' attacks such as the recent attack on energy giant Saudi Aramco.

One good-old activist lodged a complaint against Germany's ban on anonymous SIM card use even as hackers were still up to their old tricks, with a US medical centre reportedly held for ransom by hackers that encrypted thousands of patient records and emails. Another new piece of malware had some scratching their heads after installing a new font on victims' computers.

Vendor Trusteer said an attack on an airport VPN illustrated that hackers had figured out how to circumvent multi-factor authentication systems. Media giant Reuters was hacked for the second time in a month, while a nasty new piece of malware called Shamoon deletes the contents of victims' computers and prevents a reboot.

The severity of such exploits was reinforced by the revelation that many security suites cannot defend against recent exploit-based attacks. Many are concerned that today's malware has taken a turn towards the nasty with the next generation of attacks more insidious than ever.

As the rise of state-sponsored hacking changes the nature of security and US politicians continue their stalemate over security legislation, the head of the US National Security Agency was appealing to hackers' good sides as he entreated attendees at the recent Defcon conference to help him keep the online world secure.

Consumers may also play a role as security pundits consider whether consumers should be forced to use enterprise-grade security to ensure they're protected online. One expert said that it's "possible, but not likely"; what do you think? Speaking of enterprise-grade security: some in the security industry are arguing that vendors should be pressured by businesses to upgrade to 1024-bit security before hackers catch up with the relatively weaker 128-bit and 256-bit encryption being used in current scenarios.

Along similar lines, governments may be pushed into a wave of website upgrades after new NIST encryption guidelines were put out for public review; none too soon, as a jump in phishing attacks during July suggested the public sector was being targeted by digital troublemakers.

Encryption or no encryption, an AFP security investigator said that Australian police agencies tend not to push for evidence discovery through mutual assistance treaties because it takes so long to get the information – often up to two years – that police cannot present it within statutory 90-day limits.

Even as security experts continued to deconstruct Gauss malware and called out for help in decrypting its payload, Russian security firm Dr Web warned that 140,000 Macs are still infected with Flashback malware and scientists in Switzerland were working on a way to ferret out the source of malware and spam attacks.

Many of those attacks are generated automatically through rootkit tools, so it was an interesting turning of the tables to see security vendor Prolexic detailing vulnerabilities it discovered in a hacker toolkit used to launch DDoS attacks against company networks. Turns out the authors of the toolkit left the system's C&C servers open to attack through discovered vulnerabilities in their code.

Microsoft was taking its own steps to improve security, encouraging developers to buy Extended Validation code-signing certificates to ensure their software isn't flagged by Windows 8's SmartScreen 'reputation checker'. These issues can become big problems, as Adobe found out after the Google Chrome security team revealed flaws in Adobe Reader because the company won't release its own updates until August 27. Adobe had its own problems, pulling mobile Flash for its instability but concerning many because of its lack of a 'kill switch' to turn off existing installs.

On the privacy front, Microsoft found itself on the wrong side of advertisers after announcing it would enable a do-not-track mode in its upcoming Internet Explorer 10 browser (Windows 8 RTM shows how it will look). Perhaps they should take some cues from police, who by some accounts are getting much better at finding people based on their online activity. And they're not the only ones: reports said Michael Dell's teenage daughter had her Twitter account shut down after the family's security team became concerned that her tweets were sharing too much information about the family's movements.

The continuing assault by hackers is driving startup company SecurityStarfish to try to position itself as a 'CISO collective' through which security executives can share information on attacks to try and be more proactive in fighting future attacks. Google is backing its call for better transparency in Chrome bug reporting with cash, offering $US2m for major vulnerabilities discovered at the upcoming Pwnium hacking contest.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts