Chatback Security's Word Cloud - Physical Security, Personnel Security and Information Security

Security Threat Report 2012 - Hacktivism, Cybercriminals and Malware

Foreword by Gerhard Eschelbeck, CTO, Sophos

Over the past year we in the IT security industry have seen a growing awareness of the work we do.

In 2011, a number of highly visible cyberattacks made news headlines around the world, but the underlying problem affects us all. It seems that the cybercriminals are getting bolder in their attacks as the availability of commercial tools makes mass generation of new malicious code campaigns and exploits easier. The net result has been significant growth in volume of malware and infections.

And for 2012, I anticipate growing sophistication in web-borne attacks, even broader use of mobile and smart devices, and rapid adoption of cloud computing bringing new security challenges.

The web will undoubtedly continue to be the most prominent vector of attack. Cybercriminals tend to focus where the weak spots are and use a technique until it becomes far less effective. We saw this with spam email, which is still present but less popular with cybercriminals as people deploy highly effective gateways. The web remains the dominant source of distribution for malware —in particular malware using social engineering, or targeting the browser and associated applications with exploits. Social media platforms and similar web applications have become hugely popular with the bad guys, a trend that is only set to continue.

Click above image to read
full the report

The rapid inflow of consumer-owned smartphones and tablets is causing significant security challenges for many organizations. IT departments are being asked to connect devices to corporate networks and secure data on these devices, which they have very little control over. Due to the high degree of mobility, security requirements are plentiful, including enforcement of use policies, corporate data encryption, access to corporate networks, productivity/content filtering, and of course malware protection. The unique nature of modern form factors (in terms of processing power, memory, battery life) requires rethinking of security and defense mechanisms.

Cloud computing is one of the most significant revolutions in delivering software applications to users, and can significantly improve the effectiveness and manageability of security solutions—web security, data protection, or even endpoint and mobile security managed via the cloud are great examples. The service model takes the burden of managing applications away from the user, but introduces new issues of security and privacy for data at rest and in transit.

Protecting data in a world where systems are changing rapidly and information flows freely introduces a whole new set of people, process and technology challenges, reinforced by enhanced scrutiny by compliance and regulatory bodies. As we all radically reform the way we communicate and share data, we can expect cybercriminals to hook themselves into these systems to tout their nasty malicious code.

With this edition of the Sophos Security Threat Report, we want to share our latest research on hacktivism, online threats, mobile malware, cloud computing, and social network security. And we offer a look ahead to the coming year.

Best wishes,

Gerhard Eschelbeck

CTO, Sophos

What do you do when your twitter account has been compromised.

Like most out there I have received lots of DM's from twitter followers recently that would either not usually contact me or that are not following me. Now, I don't believe my account has been compromised and up until yesterday I didn't do anything about others that had contacted me. On Friday though I received a couple of DM's from a family relation telling me I should see what others have been writing about me on twitter, this caused me alarm as I know they would not be bothered what was said about me, but I spoke to them and advised them they should change their password and check to see if their twitter account had been used to authorise other applications as a bit of a starter for 10. But, today I received a mail-shot from and saw the Naked Security twitter feed giving the best information I have seen so far. So I thought i'd share it, thanks to all at Naked Security as always very helpful and relevant information.

Best Regards Richard

@securityspeak

Orginal Source: Naked Security : Many Naked Security readers email our tips email account every day asking for help when their online accounts are compromised.

I thought it might be a good idea to provide a step-by-step guide to recover from some common attacks people fall victim to, beginning with Twitter.

There are two primary methods for your Twitter account to become compromised. Either you authorized a malicious application to connect to your account, or your password was guessed/stolen.

The first thing to do as soon as you notice a problem is to scan your system with an up to date anti-virus product to be sure your machine isn’t infected and doesn’t have a keylogger installed. Next you need to set a new password. As always we recommend selecting a strong password that is unique for each website.

If mixing numbers, letters, punctuation and case is too complicated (because you aren’t using a password manager) then the most important thing to remember is that size *does* matter. Going long is better than something short with a number on the end.

Then you should review the applications you have granted access to your Twitter account. To view the list log in to Twitter, select your account in the upper-right corner and choose settings, then click on the Applications tab.

You’ll notice this account has a rogue application installed, Your Profile Views, that has already been suspended by Twitter.

You could just revoke access to any applications you don’t trust, but I recommend starting over and revoking all of them. You can simply reauthorize any applications you are actually using as you need them.

The last step is to tweet out an apology to your friends and be sure to alert the Twitter team by sending a message to @safety.

To stay aware of the latest scams and warnings, it is a good idea to follow @safety as well as @NakedSecurity, and even @spam if you wish to stay abreast of the latest spammer activity.

Often corporate accounts can fall victim to hackers, most often from insecure choice of passwords and the need for multiple people to be able to tweet from the accounts to maintain 24/7 coverage.

There are some great solutions that can help you ensure the shared account has a good password without needing to share it.

Services like GroupTweet and HootSuite allow you to delegate tweeting to other user accounts and even moderate tweets before they are posted (in the paid versions).

This won’t prevent your employees from choosing a poor password for their own account, but with the moderation feature you can prevent any damage to your brand by accepting a bit of management overhead.

I hope this is helpful to those of you who need to recover your Twitter accounts and for those of us who have to help bail out our friends when they are in trouble.

I will continue to update this article with any additional insights posted in the comments and keep it as a living post.

Mobile Phone Hacking and How To Prevent It

Mobile phone hacking isn't a new phenomenon it has been taking place for years, it normally occurs via two methods:

Voicemail hacking – somebody remotely listening to your phone’s voicemail messages

Data hacking – somebody viewing or stealing information stored on your phone (or a PC based backup), such as phone numbers, bank account details and emails.

Celebrities have been the main targets for the mobile phone hacks because that apparently sells newspapers but fraudsters will also target us 'normal' people to obtain our sensitive data so as they can commit fraud or to sell the data on.

Voicemail hacking is an invasion of privacy but what information can really be obtained  from a left message (?), well really that depends on the person leaving it I suppose....

Hackers can get away with such simple access thanks to a massive flaw, namely that public voicemail systems don't record the numbers from which the service is being accessed, only the time of access. This alone would make simple voicemail hacks harder to execute by leaving a trail of evidence of access.

Some simple preventive measures are:

Voicemail hacking normally takes place via the system that allows you to listen to your messages when you don't have your mobile with you or your away from home. This is normally via a land line number (or your own land line number if its a home based answer phone system) and then you enter a security pin to listen to your messages however most people never change their pin from the default which is normally 1234 or 0000. If you don’t change this pin code then a phone hacker could potentially listen to your voicemails by entering one of the default pins. Assuming your new pin is four digits, that allows up to 10,000 possible combinations for a hacker to guess, not completely secure but a reasonable start.

Click the image to read some of
the recent news stories

Data hacking is a significant risk as most of us now walk around with the same amount of data storage in our mobiles as our PCs are capable of holding at home. To minimise the risk of your mobile data falling into the wrong hands you could try the following:

• Be careful where you store sensitive information - for example don't use a non secure 'notes' type app to store your credit card, bank account or pin codes in. Use a secure (password/pin protected) app or better still don't store this type of information anywhere!
• Avoid public wi-fi – Avoid checking emails, logging into mobile banking sites and accessing private information when your phone is connected to public wi-fi such as those in coffee shops – as these are often insecure.
• Set a phone password – If your phone’s lost or stolen then a password could stop a data hacker in their tracks.
• Turn off Bluetooth – When you’re not using Bluetooth always turn it off as hackers could use the wireless connection to gain remote access to your phone.
• Turn off auto-complete – Some phones save user names and passwords automatically to help you log-in faster next time, but this could also help a hacker access your personal data. Check your phone’s “Settings” menu to see if it is automatically storing information.
• Delete your browsing history – Not seeing a list of which websites you’ve recently visited and the information you’ve accessed might be a little inconvenient, but clearing your mobile phone’s Internet browser history, cookies and cache will make it harder for a hacker to get your data.
• Remote locate, lock or wipe - sign up to a 'mobileme - find my iphone' type service that allows you via another authorised device or web page to locate, lock, wipe or send an alert to your lost (or stolen) device. There has been a few good media stories on these services.

The recent stories in the media are not good news for the people who have experienced the hacks but this is only the tip of the iceberg for sure. Accessing people's voicemails has for a longtime been a 'tool' that law enforcement and investigators have utilised to gain intel but thanks to this recent media coverage fraudsters will now jump on the band wagon. You have been warned!

 - Posted using BlogPress from my iPhone  - which is password protected ;-)