Tag Archives: Hacking

Subway Restaurants; Other Retailers Targeted by Hackers

In December of 2011, four Romanian nationals were arrested for allegedly hacking into hundreds of U.S. retailers’ point-of-sale (POS) machines, including machines belonging to popular fast-food chain Subway.  According to an article in Wired magazine, the hackers accessed the POS machines remotely and used keystroke-logging software to steal sensitive information – including credit/debit card and gift card numbers – from more than 80,000 customers.

Investigators are still trying to determine if the hackers responsible for the December 2011 Subway hacking are also responsible for hacking into the POS systems of several restaurant chains in Louisiana and Mississippi in 2009.  In that case, just like the 2011 case, hackers broke into POS systems to steal credit and debit card information.

In both cases, hackers accessed the retailers’ POS systems remotely, and they breezed through the security systems by guessing passwords. (This may not have been that hard – in the 2009 incident, one of the remote-access passwords was “computer.”  The username?  “Administrator.”)

The lesson here?  When it comes to hacking, every company is at risk.  It doesn’t matter if you’re an oil company in the Middle East or a Subway restaurant in an American strip mall.  If you use technology to do business, you have to make sure that sensitive information is protected.  Change your passwords regularly.  Update your security often.  Don’t assume that you’re immune just because you’re selling sandwiches instead of oil and gas or healthcare technology.

Do you think most American companies are serious about tech security?  Do you get nervous swiping your credit or debit card at a POS machine?  Weigh in below!

Norwegian Firms Lose Confidential Data to Hackers

Oil, gas and defence firms in Norway are the victim of a series of sophisticated attacks made by hackers. Norway’s National Security Agency (NSM) has stated that industrial secrets and information about contract negotiations have been stolen.

NSM are currently unsure how many firms have actually been targeted but know that at least ten firms have been affected so far.

These cyber-attacks on Norwegian firms have added the country to an ever growing list of nations that have lost secrets and intellectual information to hackers.

The attackers managed to gain access to corporate networks by sending emails with viruses attached. These had been customised and designed to avoid detection from anti-malware detection systems.  The NSM have revealed that the attackers sent the harmful emails to specific named individuals within firms and had designed the email to look like it had come from a legitimate source.

The companies that were targeted and received the harmful emails are those who they believed were in the process of negotiating large contracts. The data that has been compromised is thought to include usernames, passwords, industrial drawings, contracts and documents. The confidential data that has been stolen has been taken out of the country to an unknown destination.

The NSM believe that the attacks were conducted by one group of people after analysing the methods they used such as the code inside the viruses and how the data was extracted. The NSM has also stated that they are going to publish information about the attacks in an attempt to encourage other targeted firms to come forward and to serve as a warning to other unaffected firms.

In a statement that was released by the NSM, they proclaimed “This is the first time Norway has revealed extensive and wide computer espionage attacks.”

The attacks were discovered when some users discovered that the emails were not from a legitimate source and informed their internal IT security staff. The IT security staff then notified the NSM.

Their major concern for the NSM is that many other companies may well have been hit by these emails and remain unaware that hackers had gained access to their system and stole valuable documents.

Cyber Attacks Traced to China

The security company Symantec have revealed that at least 29 firms in the chemicals industry have been targeted by a series of cyber-attacks which have been traced back to China. Symantec has also revealed that they have evidence that another 19 companies, including defence specialists have been affected.

It is believed that the attacks took place from late July and lasted until mid- September.  Symantec’s report revealed that at least 12 companies in the US, five in the UK and two in Denmark have been affected by the attacks. The names of the companies that are thought to have been affected have not been disclosed, but the report did reveal that companies ranked within Fortune 100 firms had been targeted. It was also recognised that several of the firms targeted are involved in developing materials for military vehicles.

Symantec believe that the campaign was focused on obtaining intellectual property such as formulas and design processes.

The US company Dow Chemicals has confirmed that they have been a target as staff received “unusual emails.” A spokesman for the company added “Dow engaged internal and external response teams, including law enforcement, to address the situation. As a result, we have no reason to believe our operations were compromised.”

Symantec have confirmed that workers at the organisations were sent emails asking them to open attachments. In some cases, the hackers attempted to deceive workers by claiming that the attachment contained important security updates or that it was an invitation from business partners.

Those who opened the attachment ended up installing a Trojan horse (a piece of code) which enabled hackers to obtain details of the targets’ computer networks. Once the Trojan was installed, the attackers used the information to locate and copy files to another part of the targets’ system. Once the desired files had been copied, the attackers could then commence with extracting the data with the company being none the wiser.

The Trojan used has been identified as PoisonIvy, which was developed by a Chinese speaker. Symantec have traced the attacks back to a “20-something male located in the Hebei region of China” who funnelled the process through a US computer server.

When Symantec contacted the potential hacker and prompted him to leave them contact details, he replied with details for someone who would “perform hacking for hire”. The only problem is that the company couldn’t determine whether this was the same person who had been involved in the attacks.

With the number of cyber-attacks increasing, Symantec’s chief technology officer, Greg Day stated “This is unfortunately becoming a new normal behaviour. We had at least a decade of cybercrime which generally targeted anybody. Then we had the emergence of very skilled techniques involving a lot of time and effort to target global organisations. What we have now is almost the commercialisation of those techniques, using elements such as advanced persistent threats to pursue espionage and intellectual property theft, whether that is for their own gain or resale.”

With the number of cyber-attacks set to increase, employees of companies need to remain vigilant and remain cautious when such as in this case, receive suspicious emails. Attachments should only be opened if the user knows that it has come from a trusteed source as opening attachments from untrustworthy sources can result in sensitive data being compromised.

UK firms under threat from foreign hackers.

The country’s head of cyber security has warned that British companies are being put out of business and coasting the economy £27 billion because of hacking undertaken by foreign governments and corporations.

Major General Jonathan Shaw, the head of the Ministry of Defence’s Cyber Security Programme, stated that cyber-attacks are the biggest threat to national security. The main reason for this is that foreign competitors are stealing valuable information from British companies and using it to develop and produce products at a more competitive price. A firm in Warrington, Cheshire, recently experienced this first hand. They had designed a new state of the art blade for wind turbines but soon went out of business after hackers stole the blueprints and produced it for a much cheaper price.

Major General Shaw stated “The biggest threat to this country by cyber is not military, it is economic.”

Major General Shaw later emphasised his point by stating that Britain’s position as one of the world’s leading hi-tech manufacturers is under threat unless if companies improve their security measures and prevent valuable information being stolen and used by foreign competitors.

“The cyber threat could affect anyone, and we all need to take measures to protect ourselves against the threat it poses. If the moment you come up with a brilliant new idea, it gets nicked by the Chinese then you can end up with your company going bust,” claimed Major General Shaw.

He believes that it is the Chinese who are the biggest threat to Britain’s hi-tech manufacturers as it is them who regularly target British companies and attempt to steal highly sensitive and important data.

Major General Shaw believes that in order for Britain to protect itself against cyber-attacks, an effective national response where everybody has to be involved. He argued that “About 80 per cent of our cyber problems are caused by what I call poor cyber hygiene.  Many of them would go away if our cyber hygiene was better. We have embraced the opportunities provided by new technology, such as computers and mobile phones, without giving proper consideration to the downsides.”

In an attempt to develop deterrents which can deal with hostile viruses, the Government has invested an extra £650 million. This extra amount of money has been given to the GCHQ eavesdropping complex in Cheltenham which is the nerve centre of Britain’s cyber defences and the Ministry of Defence.

Major General Shaw wants the government to introduce training schools which will educate businesses how to best protect themselves from cyber-attacks and reduce the chances of important and potential life changing data being stolen.

“Anyone can take part in these courses and learn how to implement effective precautions against cyber-attacks,” stated Major General Shaw.

What Happens to the Data of the Deceased

The number of applications which people have accounts with online has grown exponentially in recent years. This is leading to an increased tendency to leave account passwords in wills for friends and relatives.

A study by Goldsmiths at the University of London found that 1 in 10 people are leaving such information behind. This has come from the recognition that people can have their digital identity stolen by hackers if it is left hanging online. Furthermore such accounts are often hit with large amounts of spam.

Matthew Strain, a solicitor told Sky New “With more photos, books, music and so on being stored online and in digital format, the question of what happens to these when people are gone becomes more important everyday.” Such data held in the cloud is collectively worth billions of pounds.

Viviane Reding, the EU justice commissioner stated “the burden of proof should be on controllers – those who process your personal data. They must prove that they need to keep the data, rather than individuals having to prove that collecting their data is not necessary.”

China Accused of 5 Year Hacking Spree

McAfee claims that it has uncovered one of the largest cyber attacks ever.

More than 70 government agencies and corporations have had data extracted over a period of five years. International organisations have been infiltrated ranging from the UN to the International Olympic committee.

According to Dmitri Alperovitch, McAfee’s vice president of threat research the evidence points to “a nation state” being the culprit.

“Even we were taken aback by the audacity of the perpetrators” Alperovitch.

At the moment China is highest in the list of suspects. Beijing however have denied involvement calling all accusations “groundless.” Earlier this year Google also pointed the finger at China when some of their source code went missing.

Jim Lewis, a cyber expert with the centre for strategic and international studies was quoted by the Reuters news agency as stating that it was “very likely China was behind the campaign due to some of the targets being of particular interest to Beijing.”

Furthermore Raj Samani, McAfee’s Chief European Technology Officer has already said to the BBC that he suspects the attacks to be still going on “This is a whole different level to the ‘Night Dragon’ attacks that occurred earlier this year. Those were attacks on a specific sector. This one is very, very broad.”

As many companies have been distracted by the very public attacks of groups such as LulzSec and Anonymous there have been secret attacks going on, conducted by an unknown. Graham Cluley, a security expert with Sophos told the BBC, “sometimes it’s not about stealing your money or publicly leaking your data. It’s about quietly stealing your information, which can have a very high political, military or financial value.”

Although the intent of the hackers is unclear, what is clear is that they have been able to make off with valuable data and this story will intensify the US government’s push to fortify its cyber security.

 

 

 

 

 

 

 

 

 

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal