Tag Archives: Hacking

Latin America and Caribbean Becoming Haven For CyberCrime

A recent report by Trend Micro has highlighted the steep rise in cyber crime originating and targeting Latin America and the Caribbean. The report was prompted by what TrendMicro call “incomplete” knowledge of the cyberthreat landscape in the two regions.

The report, which comes as  the use of technology and the internet has increased in these regions over recent years, brought to light the opportunistic tactics of cyber criminals who prey on newly emerging technologies before they have been adequately protected. It also highlighted that many countries in the two regions do not have adequate security threat detection or defences and so many incidents go either unnoticed or unabated.

The study threw up some interesting results. For example, between the countries included in the study, the increase in incidents from 2011 to 2012 ranged from 8% to 40%, however, some countries reported a decreased number of incidents overall. Some countries’ national cyber security organisations stated that their individual results may have been skewed in many cases by improved detection results, this is emphasised by the fact that countries with newly established cyber security agencies have some of the highest increases in threats detected. Trend Micro stated that these types of results “reinforced the notion that attacks had been occurring all along but had simply gone undiscovered or undocumented”.

The main emphasis of the report is on the relatively underdeveloped cyber security setup of the two regions. This is not altogether surprising as you would expect from two regions largely made up of developing nations. As computers and other types of technology, such as mobile devices, become more popular, more and more people are becoming exposed to what is already a very sophisticated and developed cybercrime landscape. The techniques being used to target business, such as banks, and individual users are nothing new, and have been seen in many developed countries for a number of years. The crucial difference is many governments and institutions in the Caribbean and Latin America  have not invested in their cyber security strategy as much as other parts of the world, either because of a perceived lack of threat, or lack of resources.

However, the report does mention that threats from hacktivist groups did in fact inspire some governments to rapidly invest in their internet defences. The report mentions two participating countries were threatened with action by political groups, which “motivated both governments to implement plans of action to mitigate and respond to potential attacks.” These threats were never carried out but they did bring about cooperation between what Trend Micro call “key stakeholders”, namely law enforcement agencies, ISPs and an infrastructure operator which helped improve the countries’ “national cyber resilience”.

As a whole, hacktivism was still relatively low as motivation for hacking and general misuse of the internet. Monetary gain was still the most common reason for cybercrime, with hackers targeting financial and personal details to be used on the international black market. The report does make a startling claim, that in 2012 the “economic impact and loss hacking caused…is likely greater than the loss caused by any other form of crime, including drug trafficking.”

The report concludes by saying that all of these factors, as well as many others detailed in the report lead to an inadequate “awareness of the problem” and “continued vulnerability” for the two regions. There is no doubt that in time more investment will be made in the cyber security strategies of these regions but until this is done, the regions will continue to be hit with wave after wave of hacking attack.

 

 

 

The Importance of utilising an offsite data backup solution

Most businesses utilise a data backup solution to help protect their data knowing that a data loss can potentially cost them thousands of pounds and significantly affect the running of the business. There are several data backup methods that are utilised to help protect critical data which either keeps it onsite or offsite. Keeping your data onsite or offsite alone brings different advantages and disadvantages so ideally a solution which can keep an onsite copy and offsite copy is ideal.

By implementing a backup solution which only keeps a copy of your data onsite places it at greater risk at becoming lost or stolen. If you suffer from a disaster such as a flood, fire or a natural disaster, the percentage of your live working data and your backups being destroyed or significantly damaged is increased. The staff from an Australian primary school suffered from the perils of only having an onsite backup earlier this month when their server was hacked into and their data was made inaccessible.

The staff at Byron Community Primary School soon found out that they couldn’t access data and modify existing financial and medical records. A couple of days after the initial hack, the school received an email demanding $5,000 in exchange for their data. Although the local authorities were contacted regarding this, the school didn’t receive much help as they were told that there was very little that they could do.

The IT staff did manage to recover a small amount of data from the drives, although the vast majority of it remained inaccessible. An attempt was made to recover the data from a backup that was kept onsite, but this was also encrypted and therefore making it useless.

Frank Binkley who is the school’s finance manager stated, “There’s a really big important message out there for small businesses – make sure you have off-site data backup.” Binkley also confirmed that the school will start to backup their data offsite to a third party server along with keeping their onsite backups.

By utilising a data backup solution which keeps your data offsite means that you will always have a copy of your data available, no matter what happens at your office. By only implementing an onsite data backup solution, your critical business data is being put at greater risk of being lost or destroyed in the event of a disaster. If you suffer from a disaster and cannot recover your data as the backups have become damages or lost, then the time spent running and monitoring backups on a daily basis has been futile.
Do you backup your data offsite? Do you feel the need to utilise an offsite data backup solution?

Data Published After AmeriCash Advance Refuse to Pay Blackmailers

Payday Loans company AmeriCash Advance have become the latest company to suffer from the actions of a hacking group after they refused to give in to their demands and pay $15,000 for the safe return of the stolen data.

The group of hackers who go by the name Rex Mundi have claimed responsibility for the hack and the eventual publication of the stolen files. It has been reported that the hacking group managed to infiltrate the customer database through an unsecure page which resulted in them obtaining customer names, email addresses and the last four digits of Social Security numbers (SSN). The hacking group Rex Mundi demanded $15,000 for the safe return of the data and described the sum as an idiot tax as they claim that the system was completely unsecure.

Rex Mundi stated, “This company which specializes in payday cash advances (basically small loans for low-income workers, which are vastly overpriced) left a confidential page unsecured on their server. This page allows its affiliates to see how many loan applicants they recruited and how much money they made. Not only was this page unsecured, it was actually referenced in their robots.txt file (Bad, bad move, guys).

Rex Mundi later added, “We managed to download thousands of loan applicant records. This data contains the names of applicants, the amount they applied for, their email addresses and the last four digits of their SSN. In addition, some ‘problematic’ applications also include comments left by AmeriCash Advance’s employees about the applicant and the name of the applicant’s bank. As usual, we will publish those records on the internet if AmeriCash Advance does not pay us by next Tuesday.”

AmeriCash Advance have acknowledged that there system has been successfully hacked and released the following statement. “On June 12, AmeriCash Advance received a fax, telling us that part of our website had been hacked. The letter went on to demand initial payment of $15,000 from us. We immediately notified the appropriate authorities and promptly took steps to ensure that no other data could be accessed. We will not cave in to blackmail, and are cooperating fully with the authorities to protect our customers and bring these criminals to justice.”

AmeriCash Advance later added, “”We have notified those who have been affected and warned them to be vigilant. We are continuing to work closely with the authorities to identify the criminals,”

Rex Mundi have responded and stated that they didn’t need to hack into the system as it was left wide open. Such a claim surely needs to be investigated and if adequate security measures were not in place, surely the authorities should take some kind of action against AmeriCash Advance.

Anonymous Attack China

During the past few days, the hacktivist group Anonymous have concentrated a series of attacks on Chinese websites. The group is claiming that they have successfully defaced 480 websites which include regional government sites. The hacktivist group has also left messages on the defaced sites encouraging Chinese hackers to follow suit and continue with what they have started.

The Chinese authorities have responded quickly, taking the affected sites offline. However, the Wall Street Journal (WSJ) was successful in finding an affected site before it had been taken offline. A screen shot that was taken revealed a message written in English saying:

‘Dear Chinese government, you are not infallible, today websites are hacked, tomorrow it will be your vile regime that will fall. So expect us because we do not forgive, never. What you are doing today to your Great People, tomorrow will be inflicted to you. With no mercy.’

The WSJ also commented that on that same site that has now been taken offline, there was link that would divert the user to an Anonymous site which detailed how hackers could bypass the Great Firewall that the Chinese Government have put in place to help censor and monitor the web activities of the Chinese people.

To further enhance their message, a member of the Anonymous group left a post on the popular website PasteBin.com. The message was an attempt to encourage Chinese people start a revolt against the existing Chinese Government.

The message read, “So, we are writing this message to tell you that you should protest, you should revolt yourself protesting and who has the skills for hacking and programming and design and other ‘computer things’ come to our IRC.”

Surprisingly, this is the first time that the group Anonymous group have targeted the Chinese Government. The main reason for the group to target this government is the web censorship regulations and their stance towards human rights. The Chinese Government currently blocks website content and monitor internet access for the Chinese people.

The overall impact that these hacks have had is yet to be seen but many feel that the Chinese Government will not be too concerned at this moment of time. The main reason for this are that the sites that were defaced, displayed messages in English, which many Chinese people will not have been able to understand.

The attacks on the Chinese Government look set to continue as the hacktivist group are looking for someone who will be able to translate their messages into Chinese. If the attacks do continue and become more successful in sending out a message to the Chinese people, it will be interesting to see how the Chinese Government responds.

Military Personnel Data at Risk After Dating Website Hacked

It is being reported that the website MilitarySingles.com has been successfully hacked by a group who call themselves LulzSec Reborn.  It is thought that information such as email addresses and passwords relating to a total of 170,000 accounts has been compromised. Despite such claims by security experts, the company that operates the dating website, ESingles, has refused to acknowledge that a security breach has occurred at this stage and that they are going to go through the necessary procedures to make sure that the databases are safe.

In a statement that was released by ESingles, they proclaimed “At this time there is no actual evidence that MilitarySingles.com was hacked and it is possible that the Tweet from Operation Digiturk is simply a false claim.” The company then stated that it will treat this claim as if it were real and precede with the required security steps in order to ensure the website and its database is secure.”

If the website MilitarySingles.com has been hacked, the main concern is the .mil addresses and passwords that haven been compromised. If a member has signed up to the website using their .mil email address and used the same password, this could lead to confidential military information being compromised which could have unprecedented results.

On the MilitarySingles website, there are no warning messages of a possible breach and no indication that data may have been compromised. On the homepage, a statement still remains about how seriously they have taken security measures, “”We are fanatical about your privacy and security. Our site is constantly monitored using state-of-the-art technology. We have spared no expense that your personal information is stored and encrypted securely, 24 hours a day, 365 days a year.”

Zach Lanier, a security researcher, advises that any members of the dating website change their passwords. He also added that everyone should ensure that they use complex passwords. Lanier went as far as stating that he doesn’t even know most of his passwords because he keeps them in a password vault.

 

Iranian Government are Likely Culprit Behind BBC Hack

Simultaneous cyber attacks have been directed at the BBC with Iranian authorities thought to be the culprit.

Satellite feeds into Iran have been jammed as well as automated calls jamming their London phone lines.

The source of this type of attack is extremely difficult to pinpoint however the multiplicity of BBC broadcast feeds being jammed in Iran points a very convincing finger at the Iranian government.

The government have long been suspicious of western media and often the only people able to access BBC broadcasts have been those who own illegal satellite receivers.

In general the level of censorship means that the form of Internet the Iranian people have access to bares no resemblance to that available in the West.

In addition during troubled times the Iranian government have often being known to slow internet speeds to a point whereby it is impossible to send/upload evidential videos or even photos.

The attacks are nothing new and BBC Persian staff are forced to conduct their work outside of Iran with their families being the victim of harassment and even arrest.

Director General Mark Thompson stated on Wednesday “We regard the coincidence of these attacks as self- evidently suspicious,” but said no further details would be released at this time.

“Nation states are honing their cyber warfare and cyber espionage skills, and such activity can only be expected to increase. As a result, the accurate attribution of cyber attacks has never been more important,” commented Ross Brewer, CEO at LogRhythm.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal