A Closer Look at Some of the Top Threats of 2016

A Closer Look at Some of the Top Threats of 2016

We hear all the time about different cyber threats that jeopardize our safety while navigating the online world. Because of this, it can be overwhelming trying to determine which threats are of serious concern and which do not need to be worried about as much. In an attempt to clarify these thoughts, the European Network and Information Security Agency (ENISA), the European Union agency dedicated to preventing and addressing network and information security problems, has released its Current Emerging Threat Landscape list of the top threats in the online world for the year 2016.

While the list of these top fifteen threats of the year can be clarity enough for some tech-savvy users, many people hear the names of these cyber-threats only as buzz words and are unable to clearly define what they mean. Below, we take a closer look at some of the top threats in hopes of making knowledge of them more common.

Malware

Malware tops ENISA’s list for yet another year, with over 600 million samples identified per quarter for 2016. Not only have traditional malware attacks grown, but 2016 saw mobile malware reach a growth of nearly 150%. Malware is a broad category of malicious software intended to damage or disable computers and network systems, and is often spread via email, pop-ups, and social media. Some of the most common variants are viruses/worms, Trojans, adware, backdoors, and also included under this broad category are botnets, the fifth most assessed trend of 2016. however, there are millions of malware variants and malware families. How to avoid: There are many ways to avoid this threat, but the primary defenses include running antivirus/anti-malware tools regularly, keeping firewalls up-to-date, use of strong and intricate passwords, and avoiding clicking on suspicious links.

Web-based attacks

According to ENISA’s report, “Web based attacks are those that use web components as an attack surface…such as web servers, web clients (browsers) content management systems (CMS) and browser extensions.” In particular, threats such as drive-by attacks, redirection, water-holing attacks, web browser and web server exploits, browser extension attacks abusing vulnerabilities and man-in-thebrowser-attacks.” Essentially, these are weaknesses and vulnerabilities within a user’s browser.How to avoid: According to ENIAS, major causes of this type of threat are outdated plug-ins and lackadaisical judgement when it comes to clicking on links. Keep your plug-ins up-to-date, and as with all other cyber-threats, do NOT click on any unfamiliar links. Also, be sure to use a secure browser and be wary of pop-ups.

Within the larger web-based attacks category are web-application attacks. These are attacks on web applications which include email, online retail sales, online auction sites, wikis, instant messaging services, and many others.

Denial of service

Denial of Service (DoS) and Distributed Denial of Service (DDoS) grew significantly over the last year. These attacks are intended to send traffic to certain, targeted website(s) in order to take them down — this used to be more of a form of activism for people to take down corporate sites, however ENISA’s report said that DDoS attacks are now being used for extortion attempts, as part of the trend toward monetising hacking.

The primary difference between DoS and DDoS is that a DoS attack comes from one computer and one Internet connection to flood a target, whereas a DDoS attack uses multiple computers or devices on numerous Internet connections in order to flood the targeted source. This increase in these attacks is due majorly to the innovations created by hackers to use unsecured Internet of Things (IoT) devices (i.e. household items with Internet-connectivity such as DVRs, digital cameras, and home Internet routers) as a part of their attacks. How to avoid: There are a few key ways to secure yourself from this attack: secure your IoT devices with non-default passwords, turn off remote access to devices when not in use, and keep your systems (home and office) up-to-date.

In addition to these top five threats, other threats that saw a rise in number of assessed trends last year include physical manipulation, damage, or loss, exploit kits, data breaches, and information leakage. Though this can be disheartening, spam, identity theft, and cyber espionage, a few of the most detrimental cyber-attacks out there, saw a decrease in their number of instances; phishing, ransomware, and insider threats remained relatively constant from the previous year’s attacks, which isn’t necessarily good news, but it highlights the cybersecurity industry’s shift in focus to combating these common threats.

To quote both Sir Francis Bacon and Schoolhouse RockKnowledge is Power. The only way to avoid these threats is to know what you’re up against; educate your family and friends and stay up-to-date on the current online threat landscape by keeping up with Axiom Cyber Solution’s blog where we address the major issues of the cyber world.

Hailey R. Carlson | Axiom Cyber Solutions | 02/24/2017

Image Source/The current digital threat landscape according to ENISA 

Online Social Media Security – How Safe Are You and Your Children?

Online Social Media Security – How Safe Are You and Your Children?

In early December, I was asked to speak to a reporter from Univision Las Vegas about online social media security. The reason for the story was that an online scammer stole the pictures of a little girl and made up a story about how the little girl had been kidnapped. Thankfully, the little girl was at home safe with her family but the fake story aimed to raise funds to pay for a ransom to have her released and people were falling for the scam.

Another worrying trend with photos of children is what has been termed as “digital kidnapping” or baby role playing. In these cases, a person will steal photos of a child and repost the pictures claiming that the children are their own. Parents have found entire profiles filled with pictures of their children with another person claiming to be the person’s mother or father.

While there are risks to posting pictures of your little ones on social media, it does not mean that you should stop sharing those precious moments with far-away friends & family on social media although a survey from the University of Michigan found that 68% of parents are worried about their child’s privacy online and 67% are worried that the photos will be reshared.

There are things that you can do to increase your social media profile security when posting pictures of your children including:

  • Restrict who can see your child’s pictures
  • Restrict the ability to share your child’s picture
  • Use a watermark
  • Turn off location services when posting from your phone

Children aren’t the only victims

Remember the story about how now NFL star Manti Te’o fell for a girl who really never existed over a period of a couple of years? Online romance scams have become so prevalent that they account for higher financial losses than other internet-based crimes with victims typically losing tens of thousands of dollars according to the FBI Internet Crime Complaint Center. There have also been so many victims that there is now a support group called Scam Survivors, with a hotline and information resource center for those that have been duped by online scams.

For years now, fake profiles are created by scammers with duplicated names and profile pictures. And because people still fall for their scams, the fraudsters continue despite Facebook’s attempts to reduce the number of fake accounts. Once a fake profile is created the scammer may begin adding and contact family or friends. Then they start collecting information. And eventually, there comes a message claiming that they had been mugged, lost everything, and are stranded on the streets of a foreign city and in desperate need of help. Some years ago, this happened to my parents who received one such message from one of my brothers saying that he had been mugged in London which prompted my parents to question first how did he end up there and secondly, how did the scammer know to contact them to ask for help?

Other social media online safety tips include:

  • Don’t publicly post about going on vacation. It lets people know that your home will be vacant.
  • Never publicly post your address, home telephone or mobile number.
  • Manage your friends lists. Not all friends are created equal as Stay Safe Online eloquently puts it so categorize your social media friends into groups and restrict the information that you share with them.
  • Privacy settings exist for a reason, so use them! Use privacy settings (such as restricting posts to just select people or groups) when posting personal details.
Potential Security Threats to Wearable Technology

Potential Security Threats to Wearable Technology

The first computer, known as Electronic Numerical Integrator and Computer (ENIAC), was made over the course of three years, took up over 1,800 square feet, and weighed nearly 50 tons. Since then, computers have gotten smaller and more innovative, first to fit our desks, then our laps, our pockets, and now, we can wear computing devices on our bodies.

These devices, known as wearable technology, can be divided into five major categories: smart headgear, smart watches, fitness trackers, wearable medical devices, and smart clothing/accessories. As you can tell by the categories, these devices range from vanity gadgets, like Google Glass, to health-related devices, such as the ZIO wireless patch (which wirelessly tracks cardiac arrhythmia) and fitness trackers like Fitbit which help you manage your health.

The market for wearable technology is expected to grow to be worth over $34 billion with 411 million smart wearable devices sold by 2020, with the majority of the devices being comprised of smart watches and fitness trackers. With such a high amount of anticipated growth, there are also many factors that need to be considered, primarily the potential vulnerabilities that these devices can pose to their users.

Potential Vulnerabilities

Insecure Wireless Connections

Wearable devices often offer the ability to connect us even further by linking to our smartphones, laptops, and tablets via Bluetooth, Wi-Fi, and other connections. While this allows us to do things like track our food intake in tandem with exercise on fitness trackers and related tracking apps, it also creates another potential point of entry for hackers to gain access to our information.

Lack of Encryption

Like other Internet of Things (IoT) devices, wearable technology relies heavily on cloud-based computing. While ‘the cloud’ has become a buzz word, it is not a very secure space. Data being stored on manufacturer’s or service provider’s cloud servers is highly vulnerable because of a lack of encryption by service providers. This lack of security allows for hackers to have easier access to sensitive data stored in these devices’ clouds. Some third-party apps, which connect to these wearable devices, neglect basic security standards and hold onto information that is not encrypted. The kind of data that’s automatically being collected and stored by wearable devices is very valuable to hackers trying to steal sensitive information.

Nonexistent Regulations

Manufacturers will have to address the many security issues surrounding wearable devices — whether they choose to self-regulate or be bound by government regulations, a decision needs to be made in order to protect individuals and businesses from attack. These IoT devices need to be secured before being brought into businesses in order to protect the company’s network. Regulations could potentially shift the responsibility for any subsequent breaches or attacks that occur from the manufacturers of these devices to the company’s who fail to secure their networks.

Sensitive Data Exposure

Devices like fitness trackers, smart watches, and VR headsets contain a plethora of information about their users. On a smart watch, for example, users have the ability to receive text and email alerts, and even conduct online banking activity as well. When users use these devices, which are lacking in regulations and lacking in encryption, they could potentially be exposing any of the sensitive data accessed on these devices, including login credentials, banking information, Social Security numbers, and much more. Because of the potential severity of a malicious actor accessing this data, it is important for individuals and businesses alike to look at how they can secure these devices.

Secure your Devices

We can now all pretend to be David Hasselhoff in Knight Rider with spy-like smart watches, or submerse ourselves in virtual worlds with VR headsets, and while these are great technological advancements, it is essential that these devices are protected. Fitness bands or smart watches that monitor and capture information about things such as your movement using GPS or your personal information like logins and passwords can provide a malicious actor with details about our daily routines and current location or allow them access to your private accounts. While this can be a scary thought, there are steps that can be taken in order to protect you from these, and other, vulnerabilities.

  • Remote erase feature– If your business allows wearable technology, employees should be encouraged to enable the ability to remotely erase data from and/or disable their device if it is ever lost or stolen. This is similar to the ‘Find my iPhone’ feature on Apple smartphones, and it is a feature that wearable device manufacturers should really consider implementing in the future production of devices in order to protect their users.
  • Increased regulation– As mentioned before, whether it is among the manufacturers or by government intervention, regulations are necessary in order to keep a certain high-quality standard for these devices’ integral cybersecurity upon their creation.
  • Custom security levels– By allowing users the ability to choose their own level of security, this gives them responsibility over their own safeness. Users seldom consider security when wearing their devices, so defaulting to the least secure settings opens a vulnerability for hackers to exploit; however, if users are prompted to look directly at their own level of cybersecurity for the massive amounts of data stored on these devices, they are likely to decide to better protect themselves.
  • Encryption of data– If a hacker was tricky enough to actually gain access to your wearable technology device, having that data encrypted makes it that much harder for him/her to gain access to the sensitive information stored on it. Though there is currently a lack of encryption when it comes to these devices, Bluetooth encrypting and the encryption of valuable data will aid users in enhancing their overall cybersecurity.
  • Physical protection of devices– A small Apple watch is much easier for someone to steal from you while you walk down the street than it would have ever been to steal ENIAC back in the ’40s. Like many IoT devices today, a major concern is that a passerby might grab your device out of your pocket when you’re not looking. By storing your devices in safe places and passcode locking them, you can make it harder for physical criminals to take your data or access it if they do. As mentioned above, if this were to occur, newer wearable technology oftentimes comes with a remote erase feature in order to save your data.

Hailey R. Carlson | Axiom Cyber Solutions | 02/20/2017

Physical Repercussions of a Ransomware Attack

Physical Repercussions of a Ransomware Attack

Ransomware is a threat that has been growing steadily for the past two decades, evolving from a mail scam conducted from a P.O. box in Panama to an advanced cyber threat that is so common, it has become a major concern for individuals, governments, and businesses across every sector around the globe.

The number of ransomware attacks quadrupled from 2015 to 2016, and researchers believe that this number will double during 2017. In addition to the threat itself growing daily, the way in which ransomware affects its victims has evolved as well; whereas it used to be that the only consequences of an attack were online, there are now real-life, physical threats as a result of ransomware; there are two recent instances that are of considerable note.

Austrian Hotel Key Lock System

In early January of this year, four-star Austrian Hotel, Romantik Seehotel Jägerwirt, was infected with a ransomware attack that hit the hotel’s computer that was managing multiple systems including its reservation system, cash desk system, and most notably, the electronic key locking system.

The potential danger from hijacking this major system is guest safety; guests’ keys were not functional, meaning that they could have potentially been locked in or out of their rooms. Thankfully, fire code regulations globally mandate that electronic key locks open manually from the inside, so this threat was never realized. However, the hotel was unable to issue new room keys after the cyber attack, causing incoming guests to have to relocate to another hotel. This instance has been eye-opening for the hotel’s owner, who has since decided to switch back to ‘classic locks’ from the complex, modern ‘smart locks.’  Though this will not prevent further attack, it will prevent the new key card issuance problem from happening in the future.

Whereas this particular attack primarily impacted the business’s operations, an even more recent attack on the U.S. capital had potentially deadly consequences for the public.

Washington, D.C. Security Cameras

One week before the 2017 Presidential Inauguration of 45th President of the United States, Donald Trump, there was a ransomware attack on 66% of Washington, D.C. security surveillance cameras. Though the Metropolitan Police Department never saw any indication of a serious threat to the public, there was much concern over the attack. The infection lasted three days, keeping police from retrieving any surveillance footage during that time. This means that any activity that took place over this time span could not be reviewed if there was a security threat suspected. With events such as the Inauguration and the Marches for multiple causes in the days following, any actor with malicious intentions could have hidden something or done something that would have caused harm to those millions of people. National or global events often draw in much attention, including cyber crime and terrorism; a tech-savvy attacker could have hijacked the specific cameras that he/she did, in order to make it easier for an attack to take place. Not only this, but general public safety, regardless of upcoming events, was put in jeopardy by such a significant number of security cameras being out of working order.

This cyber threat was not only advanced in that it could have had potentially dangerous physical repercussions, but it also followed the modern trend of using IoT devices to deliver an attack. In the past few months, hackers have used Internet-connected devices such as digital cameras and DVR players to carry out DDoS attacks, and they have obviously evolved to be used in ransomware attacks.

Protect against these real world threats

Though thankfully neither of these two cases experienced the potentially dangerous, real-life threats they could have, lack of cyber defenses left people with serious digital and physical risk. Because of this, precautions must be taken in order to protect against similar attacks in the future which may have different and deadly outcomes.

  • Educate employees– Computers involved in ransomware attacks are usually infected because of employees clicking on malicious phishing emails from hackers. Though neither of the cases above have discovered exactly how their systems were infected, 91% of cyber attacks are caused initially by a phishing email. Teach employees how to recognize these emails in order to prevent ransomware from coming into your company in this way.
  • Have a recovery plan– The biggest issue for the Austrian hotel was that they had no clue what they would do if something like what occurred with their electronic key lock system happened. Having a backup plan is one of the key aspects of cybersecurity, as it is almost impossible to avoid every single threat that is out there. The phrase ‘expect the unexpected’ comes to mind in this case, where companies need a way to continue their major operations, even in the event of something like an unexpected cyber attack.
  • Secure your IoT devices– Cameras in Washington, D.C. were not properly secured from attack, similar to the way digital cameras and DVR players were left unsecured and then consequently used in recent DDoS attacks. Prevent your smart devices from getting infected by ransomware by turning off remote access to devices when not in use, changing device default usernames/passwords, and keeping an updated system.

Hailey R. Carlson | Axiom Cyber Solutions | 02/06/2017