The week in security: Teen hacker hit Target, JRE6 exposure continues

Kids these days. Investigations have suggested the malware that brought US retail giant Target to its e-commerce knees, stealing personal data of around 110 million customers, was written by a 17-year-old programmer from St Petersburg, Russia. A second coder was also linked to the hack, while a 23-year-old Russian went on TV to say he wrote the original program that was modified and used for the Target attack – and he did it as a side job.

Other repercussions from the hack continued to pile up as two Mexicans arrested after trying to use credit cards linked to the breach to enter the US. Security experts were warning that small businesses need to be aware of Target-like attacks, while three security companies were found to have removed information related to the Target attack from the Web. And Nieman Marcus, which was also hit by hackers, said its security precautions had been defeated by 'complex' malware.

Little wonder one security firm was warning banks to learn more about their customers than cyber-criminals can – although in some cases, African banks themselves are being implicated in recent spates of cybercrime. Yet there are other things to look out for: the latest Cisco Systems security figures suggested a huge proportion of Web-based attacks is still based on Java, with the continuing use of the highly-compromised Java Runtime Environment 6 presenting a clear and present danger for corporate information-systems users.

If you thought that was a worry, there's more: hacker groups are embracing more effective attacks in their targeted attacks, with 50 core groups dominating global cybercrime. Little wonder some security figures are pushing for CSOs to outgrow their lock-and-block mentality to security, which is quickly being superseded by determined hackers.

Even as Verizon revealed the US government made 320,000 requests for customer information in 2013, the EU's justice commissioner was urging governments to use punitive fines to keep Google's privacy practices in line – even as a German government agency issued a warning that a list of some 16 million email addresses and passwords had been compromised and fallen into the hands of botnet operators. Also on the international front, China's 'Great Firewall' was blamed for an eight-hour blackout of the Internet that spread across the globe; China blamed hackers.

CSOs might want to do some user education after another list of the most common passwords was released, with the ever-popular 'password' losing out to '123456'. Of course, they have other pressing issues too: a large number of US companies will still be running Windows XP after Microsoft discontinues official support in April, a recent survey warns. And, with social-media threats still as problematic as ever, it may also be worth considering four social-media privacy features users won't find in their settings. Whatever the threat, transgressors may need to be punished to reduce the prevalence of security breaches.

Speaking of education: if you're not completely sure about how advanced persistent threats (APTs) work, take the time to read this multi-part explanation of the APT lifecycle – which spans exploitation and installation, reconnaissance, exfiltration, and weaponisation and delivery.

Trust remains an important element of any security policy, which is why observers see great promise in a new conference, aptly named TrustyCon, which is capitalising upon growing mistrust of the NSA. Enter the US Privacy and Civil Liberties board, a federal watchdog that is advocating for the cessation of the NSA's surveillance program, which it says is illegal.

Google is also wearing a bit more mistrust than usual after indications suggest a malicious technique can be used to listen in on you using Chrome's built-in microphone capabilities; Google dismissed the issue. The company was also hit with a formal complaint to the US government from users upset about Google's linkage of its Google+ and Gmail services. Yet conventional issues are also expanding, with caution over new Android malware that intercepts and disconnects phone calls from specific numbers.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about APTCiscoCiscoEUGoogleMicrosoftNSAVerizonVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts