The week in security: Millions compromised in Apple, Linux forum hacks

Are you covered for damage from a security attack? If you’re like most companies, the answer may be ‘no’ even if you think otherwise. One insurance-industry figure warns that some uncomfortable truths may come out in the wash as growing pressure for mandatory breach warnings drives companies to fess up about their real vulnerabilities.

Amid increasingly-repeated concerns the NSA’s spying activities could have a deleterious effect on US-based cloud firms, the White House opposed a bill that would curtail NSA surveillance spending and the court overseeing the activities of the US NSA has renewed the standing permission for continued collection of telephone-call metadata. A vote on the issue was tight enough that privacy advocates hope the tide is starting to turn against surveillance, even as the US-based American Civil Liberties Union (ACLU) released a report documenting widespread license-plate scanning on that country’s highways. Little wonder a German government report recommended companies should stop sending Europeans’ personal data to the US.

User forums have become the target du jour for hackers, with a Ubuntu Linux discussion forum breached and taken offline after encrypted passwords and email addresses for nearly 2 million users stolen.

Apple’s own developer site was hacked, suffering a high-profile multi-day outage that saw the company openly admitting the incident, closing down the site and gradually overhauling and eventually restoring services throughout the week. Predictably, phishers wasted no time targeting the users’ credentials.

Despite the high-profile user-forum hacks, good old security flaws were also abundant: for example, researchers found a major encryption flaw in older mobile-phone SIM cards that some said boosted the case for secure mobile data containers. Others argued that the flaw has significant implications for mobile-reliant businesses, even though the researcher who identified the issues says they are easy to fix.

Indonesia came from nowhere to emerge as a major global source of malware in Akamai’s latest State of the Internet report, while Network Solutions was facing its own problems as latency of its MySQL databases increased in the wake of its defence against DDoS attacks. A hacker group called the Syrian Electronic Army hacked the customer support Web site of instant-messaging and VoIP provider Viber. Another report found a rise in Android malware that turns handsets into spying devices, while Symantec reported an Android flaw that’s allowing apps to modify legitimate applications by using a ‘master key’ vulnerability.

Little wonder so many CSOs are thinking about mobile security policies. Yet others should also be looking at more practical matters such as the handling of digital certificates, which one security specialist has warned remains an often unrealised weakness in corporate environments.

Even as figures suggested 500 hosted Web sites are compromised every day and a new Trojan called KINS threatened the integrity of online banking, hackers’ continuous ingenuity in identifying new vulnerabilities has shifted the focus of many vendors’ tools elsewhere, with one security analyst pointing out that regardless of their nature it’s relatively easy to spot malware based on its use of nonstandard IP ports.

More companies may want to consider the technique: even though Microsoft said almost 90% of Citadel botnets had been disrupted in June, Trend Micro reported that the malware is active on 20,000 PCs in Japan alone and a Center for Strategic and International Studies estimate suggesting cybercrime costs the world $US400 billion ($A431.7 billion) every year. This, as indications are that the cybercriminals are only getting smarter – using the anonymous Tor network to control their botnets.

In an unusual situation, the decision to fine a UK council £250,000 ($A414,895) – for carelessly disposing of paper records containing private information – was ruled to be excessive by an appeals tribunal. In a less unusual situation, a Spanish scammer took in nearly $US53,000 ($A57,175) over the course of two months using the Whatsapp messaging system. A Texas man was charged with running a Bitcoin Ponzi scheme, while five Russians and Ukrainians were incidted in New Jersey for hacking major corporate networks to steal credit card numbers.

UK Internet search providers pressured Google, Yahoo and Microsoft to block child-abuse images from their search results, then invited controversy with a measure that would force ISPs to block pornographic content by default.

Bitdefender launched a purpose-built browser designed to protect online-shopping sessions, while Cisco Systems spent $US2.7 billion ($A2.91 billion) to acquire security vendor Sourcefire – leading some to wonder about how the company will resolve product overlap between the two.

Another open-source project, known as Crypton, seeks to help developers add unbreakable encryption to their applications, while RSA is acquiring companies to improve its authentication and identify management capabilities. For its part, IBM added vulnerability-management capabilities to its QRadar SIEM platform, while a new biometric display screen was demonstrated that can recognise fingerprints as well as functioning as a touchscreen.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about Akamai TechnologiesAppleCiscoCiscoCisco SecurityCisco SecurityCitadelCSOGoogleIBM AustraliaLinuxMicrosoftMySQLNSARSASymantecTrend Micro AustraliaUbuntuYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place