The week in security: Data retention looms, Superfish gutted

Are your staff suitably trained to detect and ignore phishing spam? If not, you may want to revisit your policies: in the latest security embarrassment, banks in 30 countries have been systematically deprived of more than $US1 billion by cybercriminals due to what many are attributing to poor staff training around the handling of malware threats. Indeed, despite billions spent on security tools one study found that researchers were able to garner sensitive information in 88 percent of attempts just by using their eyes.

Companies offering bank-security tools may see a boost, and the fight for improved banking security may also be helped along as Microsoft strengthens support for biometric authentication in Windows 10 and proclaims the technology to be the future of its security architecture.

The Coalition government's push for data-retention legislation was coming to a head, with concerns that the government doesn't even know what it is legislating. It had better tread carefully, if a Dutch precedent is any indication: that country's privacy watchdog ruled that a revised proposal for data retention was not enough to make it compliant with its privacy laws. And Google, for its part, was concerned that the US government could use an amended warrant rule to be able to search computers overseas.

Lenovo was already working along that front, with reports that the computer maker was bundling an adware program called Superfish that presented significant security risks by hijacking HTTPS traffic. An explosion of concern led the company to back away from Superfish, with how-tos proliferating about how to remove the insidious spyware and Lenovo admitting that it “messed up badly” by installing the security-compromising tool. Meanwhile, another report suggested that 2 in every 1000 employee smartphones was infected with 'child-monitoring' spyware

The new ANZ head of Dell SecureWorks sees big opportunities ahead as organisations increasingly turn to managed security services providers to keep up with the growing security threat. Many of those will support growing use of cloud services, which got a boost as Google offered cloud security scanning for customer apps and Microsoft's Azure and Office 365 got the tick for a new cloud privacy standard.

Such compliance will be increasingly important as the threat level continues to increase: there were 1500 data breaches globally last year, according to one reckoning. A group of 'cyberespionage' perpetrators have, for example, used NSA-style techniques to attack online targets in Iran and Russia and set their sights on Macs as well as Windows PCs.

Speaking of the NSA, there were reports that snooping malware designed by that agency to intentionally infect hard drives and SSDs is completely undetectable by security tools. Along similar lines, a hacking group's ability to reprogram a hard drive's firmware had some concerned that you can't even trust your storage these days. Even regular security tools were in the firing line with reports that they are taking too long to detect new malware.

Also straight from the cyberespionage files was the discovery of a 'superworm' called Fanny that was likely the precursor to the insidious Stuxnet industrial espionage malware. There was also more evidence tying North Korea to last year's hack of Sony Pictures.

Yet infiltrating corporate networks is far from the only way that online nasties are perpetrating their work: some scammers are, according to reports, trawling obituary notices to acquire new victims. Others, as in the case of an Arab-speaking hacker group targeting Israeli institutions, are using pornographic videos to lure their prey.

Companies considering blocking Wi-Fi signals must tread carefully despite the availability of increasingly easy-to-use Wi-Fi blockers. Such issues are symptomatic of the increased scrutiny of device security: a flaw in Netgear wireless routers, for example, was said to expose them to attacks, leading many to consider how to protect their routers from malware. Others were concerned that a setup mistake had left hundreds of thousands of private home routers running SSH instances with identical private and public keys.

Cisco Systems reported that its firewall appliance is under attack from hackers, while Samsung's TVs were also proving problematic, with revelations that Samsung TVs don't encrypt the voice data they collect despite claims that they do encrypt users' personal information.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @LeviathanSec

Read more: Three adware-serving Android apps on Google Play reach millions

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)

Join the CSO newsletter!

Error: Please check your email address.

Tags Wi-Fi signalscyberespionageSuperfish guttedCoalition Governmenthijacking HTTPS trafficcybercriminalsmalwareCSO AustraliaCisco Systemssecureworkssecuritydata retentionLenovosecurity embarrassmentbank-security tools

More about CiscoCSODellEnex TestLabGoogleIT SecurityLenovoMacsMicrosoftNSASamsungSecureWorksSonySSH

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place