Week in security: Picking the real threats after the year of the data breach

The year 2012 has been named ‘the year of the data breach’ after a string of high-profile hacks and the unintentional release of government-held information.

It was also the year in which the high-profile Click Frenzy online-shopping experiment spectacularly crashed and burned in its early hours before recovering. It didn't fail because of a security breach, but the less-than-stellar debut of the Click Frenzy online-shopping experiment still has lessons for IT security professionals in best-practice implementations.

It's rare these days to hear about hacking becoming less common, but that's apparently what's happening on Skype, which has been successfully fighting scammers abusing the Microsoft-owned service. That hasn't stopped the attacks, however, with a Trojan bundled into a fake news.com.au report claiming Australia will be devastated by a tsunami on New Year's Eve.

One researcher found over 20 vulnerabilities in SCADA software controlling industrial systems – and found them easily – while others were advising that new database-targeting malware does not pose a real threat to Iranian businesses.

Also not posing a threat will be LulzSec hacker Jeremy Hammond, who has been denied bail and placed on a terrorist watch list. Romanian authorities also claimed a scalp, dismantling a cybercrime ring that ran up a $US25m bill using other people’s credit cards. And, also on the financial-losses front, a construction company and bank settled a dispute over a $US345,000 online banking theft.

Romanian authorities were also busy dealing with a hack attack on the .ro domains of Google, Microsoft, Yahoo and others, in which the sites were redirected to a less savoury target in the Netherlands. Yet while domain redirection remains an ongoing threat, ‘spear phishing’ is also growing as a mode of attack as email attachments maintain their role as malware couriers.

Cloud security was on the menu as always, with the US government approving privacy protections for cloud-stored email and documents. Hackers figured out a way to steal cloud-computing time using mobile devices, and PGP Corp founder Phil Dunkelberger now turning his hand to a new form of cloud-based authentication.

That's just one part of the process of building a secure place in the cloud for critical data – which, many privacy advocates fear, does not include Facebook; they’re pushing back against privacy-policy changes that would reduce users’ roles in determining how privacy is managed. Facebook may get even more pressure to change its data-sharing plans, however, after the Irish government stepped in with a few questions of its own.

Interestingly, a poll has found that users – who are supposedly highly concerned about privacy – may be less concerned about it if Internet Explorer 10’s Do Not Track feature interferes with the convenience of their passwords and autofills. Speaking of reducing users’ roles in privacy, US-CERT has warned that Samsung printers have a hardcoded administrator account that makes them vulnerable to attack and remote control. Ditto the installer for Web analytics platform Piwik, which was compromised by an unknown attacker.

Responses to such problems may be compromised by differences of opinion between CERTS and police, but Samsung wasted no time in issuing a fix for the security problem.

With such exploits both common and potentially disastrous, a number of vendors are working to secure such privileged-access accounts. They may need to broaden their scope: a string of hotel break-ins in the US city of Houston is being blamed on a door-lock exploit revealed earlier this year at the Black Hat security conference. Political targets got their share of hacker love as the International Atomic Energy Agency was compromised and a large number of nuclear experts’ email addresses leaked by hackers. US police are exploring how sensitive documents with details of a visit by presidential candidate Mitt Romney ended up being shredded and spread across a New York street.

Meanwhile, the European Union has boosted its cybersecurity budgetby 14 percent, while security firm Imperva has suggested that antivirus software is now so ineffective that most businesses could probably boost their own budgets by simply not buying it. That may be unlikely in practice, however, with forecasts suggesting global information-security spending will reach $US17.14 billion by 2017 as CIOs make security an enterprise necessity.

There’s no mention of how much of that will come from Syria, where the entire country suffered an apparently government-imposed, two-day Internet blackout. The move incurred the wrath of Anonymous, which has vowed to bring the Syrian government’s online presence to its knees. Yet some observers are becoming more and more sceptical, with one expert suggesting that the so-called ‘cybergeddon’ is most likely to be caused by a ‘glorious cock-up’ rather than a state-sponsored cyber attack.

Join the CSO newsletter!

Error: Please check your email address.

More about CERT AustraliaFacebookGoogleImpervaMicrosoftPGPSamsungSkypeYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place