Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Canon Reveals Securi ...

 Security

Canon has officially acknowledged a security incident that took place in August, explaining that a ransomware infection reached its network and very sensitive data was exposed. Canon says the unauthorized activity happened between July 20 and August 6, so hackers had access to data stored on the company’s servers   show more ...

for some two weeks. The firm says it conducted an investigation with the help of a security vendor and discovered that files stored on the servers included information about current and former employees from 2005 to 2020, as well as beneficiaries and dependents. A lot of sensitive details have been, including Social Security number, driver's license number or government-issued identification number, financial account number provided to Canon for direct deposit, electronic signature, and date of birth. “We wanted to notify our current and former employees and their beneficiaries and dependents of this incident and to assure them that we take it seriously.... (read more)

image for Hack the lights: The ...

 Business

Protagonists, or their opponents, taking control of a city’s transportation management system is standard movie fare. The characters’ aim is to create either a traffic jam for pursuers or a getaway route for themselves. Hackers, Live Free or Die Hard and Taxi are a tiny sample of the artistic incarnations   show more ...

of this hacking scheme. The once-original set-piece has long since turned into a Hollywood cliché. The trope most likely began with the 1969 British film The Italian Job. Unsurprisingly for that era, it was the only cyber-related incident in the movie. But the traffic sabotage plot point spawned many imitations, including in two remakes of the original picture, one by Hollywood (The Italian Job, 2003) and one by Bollywood (Players, 2012). In its various iterations, the traffic-light scene remains pivotal. Thus, by comparing the three versions, we can trace the evolution of moviemakers’ and moviegoers’ attitudes about critical infrastructure hacks. The Italian Job (1969), the British way The future-oriented Turin is depicted basically as a smart city of the time. In the movie, a supercomputer controls every traffic light from a single center, where data from traffic cameras is also collected. The mastermind behind the robbery, who dies early on, bequeaths to main character Charlie Croker a detailed plan for a daring heist, along with malware for the supercomputer and an unexplained gadget that can disable cameras. The program’s origin is unknown; someone probably got hold of the original source code and modified it with chaos in mind. Of course, in 1969 not only was there no Internet, but even local area networks were not properly rolled out. The only way to install the malware onto the computer is to sneak into the building and manually swap the magnetic tape in the drive. That requires the services of Professor Peach, supposedly the top computer expert in the country. To get into the traffic control center and change the program, the computer needs to be stopped. Croker takes on the mission, hurling his bicycle into a power substation and cutting off not only the traffic control center, but also most of the rest of the city (and plunging a lavish mafia feast into darkness). Now Peach enters the game, removing the tape reel from the drive and loading another. With the power out, that’s really all that’s left to do, anyway. So, they got a computer expert just to perform the task of a lab assistant. In case you missed that absurdity, that tech genius is played by funnyman Benny Hill. The next phase of the plan is to knock out the cameras. To throw the traffic control center off the scent, and conceal the actual robbery, the criminals plant some devices — probably jammers, but the details are not revealed — on trash cans and roofs in the vicinity of the cameras. Traffic cameras in those days could not transmit wireless signals, but the mysterious gadgets manage to disable the cameras. The result: Everything goes like clockwork. The cameras switch off, the traffic lights start blinking, the city roads are paralyzed, and Peach is arrested for indecent behavior on public transportation (don’t ask). British version: Takeaways Cybersecurity The film displays a rather dismissive attitude toward the physical security of critical infrastructure. Both the power substation and the traffic control center are practically unguarded. The attackers get to the drive without a hitch and successfully replace the tape. The computer accepts the substitute program without question. That’s actually excusable; code signing wasn’t invented until much later. Perception Computer hacking is perceived as something highly complex. To fool the computer, the gang spends a lot of energy recruiting the best computer expert in the land (only to have him change a tape reel). There is no attempt to explain the technical side of things; instead, black-box gadgets miraculously disable the cameras. The Italian Job (2003), the American way The Hollywood version, in my view, cannot be considered a direct remake of the British film. Sure, the characters have the same goal (to steal gold bars), and the chase scene is practically a carbon copy of the original, but the motivations are very different. Psychology and morals aside, they still have to mess around with cameras and traffic lights. But these criminals do not have to look for a specialist; they already have a computer genius on the team: Lyle, whose day job happens to involve 3D modeling of buildings for planning and coordinating robberies. That’s your digital transformation at work. In 2003, having a computer specialist on the team is considered pretty normal. What’s more, the American version of the movie requires a bit more hacking. First, the criminals try to hack into a phone company’s remote monitoring system, convince its employees that it is a legal wiretapping operation, and ultimately redirect the audio stream to their own listening post. Lyle has experience with the latter, having spent years eavesdropping on his ex. But the main hack is unchanged. Getting inside the Los Angeles Automated Traffic Surveillance and Control Operations Center in 2003 is way easier than getting into Turin’s system was in 1969 — the center is connected to the Internet and even has a graphical user interface (GUI). Lyle sits at his laptop and tries to figure out the password — manually. He enters password after password without success, until at last the magic words “Access Granted” appear on the screen. The operations center predicts traffic flow and automatically changes traffic lights based on camera captures. But it has a manual mode too, and Lyle uses that to take control of the lights. As a demonstration, he changes all of the lights at one intersection to green, causing an accident. But he quickly switches the lights back, and the center writes off the incident as a glitch. The gang’s plan is to make a wave of green that lets them speed through while gridlocking the rest of Los Angeles. On the day of the robbery, a somewhat dazed Lyle sits on a baggage carousel at Union Station armed with a laptop and router, monitoring the situation on the roads, changing signal lights (not only on the road, but also in the subway), and paralyzing the control center by displaying the message “You’ll never shut down the real Napster” on every screen. (As a comic plot element, Lyle claims that he invented the Napster peer-to-peer network and that Shawn Fanning stole his idea. Lyle likes to call himself Napster. He does, to be fair, resemble the stereotypical computer whiz kid.) Thanks to the well-coordinated operation, the gold is stolen, everyone gets away, and the dastardly villain falls into the hands of the Ukrainian mafia, whose path he manages to cross. US version: Takeaways Cybersecurity If the password for remote access to a system can be picked manually, it’s a bad password. Critical infrastructure needs to use a secured Internet connection and should not be controllable through a Web-based GUI. And it should go without saying that staff should not fix its gaze on an idiotic message instead of trying to do something about it. Even the fictional Italians of 34 years before were more clued-in! Perception By 2003, hacking is a common occurrence, so pulling off the heist relies on more than just disabling a few traffic lights. In this nonremake remake, penetrating the traffic control center is a standard operation that arises naturally during the planning phase. Lyle/Napster is forever explaining what he’s doing and how. What he says is nonsense, of course, but the point is that the moviemakers wanted to root the on-screen events in some version of reality. Players (2012), the Indian way The Indian filmmakers tried to extract the best bits of both versions of The Italian Job and spice it up with Bollywood glam, including racing, singing, dancing, high-minded morality and, of course, hacking. The plot is admittedly pretty wild: Russia is returning to Romania some gold that the Romanian government hid in Russia before the German invasion in 1915. Nasty Russian army officers are transporting the gold, the even nastier Russian mafia is hunting it, and a group of noble Indian robbers wants to steal the gold and use the funds to build a school for orphans. Naturally, the smash-and-grab operation needs the best hacker in the world. And he needs a real hacker handle: in this case, it’s Spider. One problem, no one knows where to find him. Fortunately, the main character’s girlfriend has a master’s degree in computers with a gold medal and a master’s degree in ethical hacking (sure, why not?). She breaks into the systems of “the best hacker in the world” and discovers that he actually lives nearby. Having kidnapped him, they persuade him to take part in the raid. According to the plan, the kidnapped hacker has two tasks to perform. First, he must hack into the Russian army’s website to get information about the officers carrying the cargo. Second, he has to hack a satellite monitoring the movements of the train with the gold in real time (and paralyze the control center). He copes with both tasks easily by tapping a few keys on a laptop — but he turns against the gang, snatches the gold for himself, and runs. That leaves the job of disabling the traffic lights to the master ethical hacker. Incidentally, she does so in exactly the same way, with a quick drum roll on the keyboard to gain control of the traffic lights. Indian version: Takeaways Cybersecurity There is no cybersecurity to speak of. All systems can be hacked remotely, without preliminary preparation — just tap away on the keyboard, the faster the better. Perception Hackers are magicians. The Italian Job: Conclusion In all three movies, the criminals try to avoid bloodshed, and in the last two, they are even guided (partly) by noble intentions: revenge for a teacher’s murder and desire to build a school for orphans. However, they never stop to think about the consequences of gridlocking a huge city, including for firefighters, ambulances, and the like. And that means civilian casualties. Even though the robbers are portrayed as good guys, it’s hard to sympathize with them. As for cybersecurity, the image of the “genius hacker” has changed dramatically over half a century. If earlier the hacker was a gifted but strange, otherworldly kind of guy, now a hacker is depicted as a self-confident, near-omnipotent technowizard. Seizing control of traffic lights has evolved from a complex technical operation to a standard trick that is taken for granted. The reality, of course, is very different. Hacking a city’s traffic control system is far harder than it seems on the silver screen. The omnipotence of hackers in movies negatively affects perceptions of the threat of critical infrastructure break-ins. According to our colleagues at Kaspersky Security Awareness, the cinematic stereotype of the genius hacker harms the security of real companies. People are so sure that bad actors can do anything that they don’t bother with maximum protection, leaving unnecessary loopholes. That’s why we strongly recommend security awareness training for employees that shows them how things are in the real world. For example, our Kaspersky Automated Security Awareness Platform provides lessons that separate fact from fiction.

 Malware and Vulnerabilities

More than 20 malicious apps disguised as Minecraft mod packs were spotted on Google Play Store. The top five apps among them were installed by more than one million users.

 Trends, Reports, Analysis

The U.S. CISA issued an advisory warning online shoppers against scams ahead of the festive season. Additionally, Britain’s NCSC has posted guidelines for users to stay clear of Black Friday scams.

 Trends, Reports, Analysis

Sophisticated ransomware operators are exploiting VPNs and RDP endpoints to gain access. Threat actors have moved toward more targeted attacks, involving double extortion tactics.

 Threat Actors

Attackers typically perform reconnaissance to ascertain whether or not an expired domain is valuable to them. If it's used within a plugin to load a Javascript resource, it would be a perfect target.

 Identity Theft, Fraud, Scams

A security researcher known as TheAnalyst shared information about the attack with BleepingComputer after receiving hundreds of emails from this campaign targeting his company.

 Trends, Reports, Analysis

Driven by the potential profits achieved via ransomware, most botnet operators have dropped banking Trojans in favor of running crypto-locking malware attacks, according to security experts.

 Feed

Ubuntu Security Notice 4382-2 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.

 Feed

ElkarBackup version 1.3.3 suffers from persistent cross site scripting vulnerabilities. This notes a variant attack vector for the original vulnerability discovered in this version in August of 2020 by Enes Ozeser.

 Feed

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a new report published yesterday for their efforts to deploy "dozens of digitally signed variants" of

 Feed only

Many thanks to the great folks at Recorded Future, who have sponsored my writing for the past week. If 2020 taught the security industry anything, it is this: There has never been a better time to be a cybercriminal. From extortion ransomware to cyberespionage campaigns, adversaries are capitalizing on uncertainty,   show more ...

causing chaos, and cashing in. … Continue reading "You too can be a security intelligence expert, with these free tools from Recorded Future"

2020-11
Aggregator history
Friday, November 27
SUN
MON
TUE
WED
THU
FRI
SAT
NovemberDecemberJanuary