The week in security: Jingle bell hack: Cybercrims delivering malware, DDoS as Christmas presents to “unprepared” SMBs

The holiday season always brings its share of security warnings and actual threats – and this year was no exception. DDoS attacks were threatening retailers' profits but Australia's mobile-using shoppers were creating even more problems for themselves, experts warned. Little wonder companies were scrambling to fix the lack of encryption on mobile apps.

That's hardly a vote of confidence in improving the security situation, but there were good signs. Even a former Secret Service agent was sentenced for corruption in an investigation of now-closed marketplace Silk Road, the US cybercriminal underground is a shopping haven, by reports – although the underground may not be as underground anymore in France if the police there get their way by banning Tor and public WiFi.

The Darkode hacking forum was back but as a shadow of its former self – a phrase that may also describe much of the Internet if millions of users are locked out as the SHA-1 digital-certificate algorithm is retired.

Some were weighing the possible revival of proposed legislation forcing technology companies to report terrorist activity, while others were renewing the push for government back doors into tech products on grounds of securing information of suspected terrorists.

The hack of Australia's Bureau of Meteorology highlighted the growing security threat to Australian government targets. With major security incidents held to be unavoidable, this is worrying news – particularly since most Australian SMBs feel unprepared to handle the threats they face. Territoriality and outright denial of the threats, common in many companies, aren't helping either – with one security expert arguing that it will take “a rude awakening” before many companies act.

DDoS attacks were another growing threat, with the latest Akamai figures suggesting DDoS perpetrators were exploiting Web-based stress-testing networks and launching more but smaller DDoS attacks.

Amidst all this, there were warnings about new payment-card malware that is hard to detect and remove. This, combined with news of Barbie dolls as a security vulnerability and new vulnerabilities in the remote-support software of several vendors, highlighted the many types of issues that users consumers need to be aware of.

The government's big splash into information security, as part of its $1.1b innovation initiative, provided a big shot in the arm for research into quantum-computing techniques that have strong security implications – but may not be such a popular topic of conversation with NASA. IBM was facilitating better collaboration around threat intelligence in a quest to help corporates catch up to collaboration-heavy cybercriminals.

Marketers were sounding alarm bells on the government's proposed breach-notification laws, warning that they would drive over-reporting and overwhelm consumers. Also overwhelmed were the defences of the Trump Tower web site, which was hit by online activist group Anonymous in retaliation for comments by US presidential candidate Donald Trump that he would ban Muslims from entering that country.

The US NSA's CIO explained how the agency uses analytics to improve its security. Also on the political front, Symantec warned that Iranian hackers may be tracking dissidents and activists on line.

Google was patching critical media-processing and rooting vulnerabilities, even as it brought its desktop-browser malware warnings to its Android-based Chrome browser. Apple found itself patching 49 iOS bugs and Adobe fixed 79 flaws in Flash. And a major UK newspaper was fixing things after criminals tried to use its site as a conduit for ransomware.

Read more: Territoriality, denial confounding chances at IT-security improvement, risk expert warns

Security ALERT!

Need help making the right choice for you business? Need to update your system but don't know where to start? CSO can help, check out our security hub today.

Gigamon Transform Security Zone

Join the CSO newsletter!

Error: Please check your email address.

Tags Torsecurity warningsSHA-1cybercriminalssilk roadmalwareAustralia's Bureau of MeteorologyCSO AustraliaDDoS attacksmobile applicationsakamaiSMB'sddosencryption

More about AppleBureau of MeteorologyCSOGigamonGoogleNASANSASymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place