Cyber Security in Argentina

Argentina is a country that only in the late 2000s (circa 2008) has implemented some semblance of cyber law. This is attributed to the lack of electronic advancements in the country and the lack of a middle class willing to purchase such devices. It is important to note that the Argentine economy has been unstable for many decades and had not seen any significant improvement in recent years. In an article written by Financier Worldwide it is stated that most of the current protections that people have in terms of cyber security comes from a law called the Personal Data Protection Law about data privacy that was passed in 2001. This law states that any party with personal data has the right to that information and any other party wanting to receive that data must go through procedures to get the permission of that party to be passed the information. However, this does not protect people from any cyber crimes committed to them because there are no clauses pertaining to this kind of data theft. This changed in 2008 when the Criminal Code was amended by the adoption of the Cybercrime Law. This law allows for the prosecution of cyber attacks on any entity by stating that data theft over the internet goes against the data protection law. Though it might seem as though the new law may aid in protecting people from data theft it does not as there were no ways of enforcing the law. At the moment the best protection people have legally is the National Program against cyber crimes which has helped with the biggest issue people who were hacked faced which was lack of necessary actions needed to improve the system’s ability to counteract cyber criminals and illegal acts committed using computer software tools. The program also promotes more efficient criminal investigations using modern means to acquire evidence based on computer systems and telecommunications, guaranteeing that such procedures also respect the fundamental rights of citizens.

 

Source:

https://www.financierworldwide.com/cyber-security-and-data-privacy-in-argentina/#.WnIt2WaZMnc

Attack on the clouds

In mid-January 2018, Allscripts, an electronic health records vendor, was attacked. The attack was discovered at two of their data centers where they found an alteration of “SamSam”, a ransomware.

In a statement, Allscripts said that approximately 1,500 clients were affected. However, even with this number of clients being affected, Allscripts claims that no data was successfully removed from their servers, so the clients are safe. Due to the attacks, many of Allscripts services were out of order for a few days. One of these services was an electronic prescription service which allowed clients to obtain their prescriptions. The impact from the attack was much deeper than just a data breach. Having a service associated with healthcare be out of order could be disastrous.

Even if the ransomware was unsuccessful in securing data, the breach in security was a big red flag to all cloud services. The attack made Allscripts reevaluate their disaster recovery plan along with strengthening the initial cyber security. Tom Walsh, president of consulting firm tw-Security, stated that clients of cloud-based services are at risk because such services have their “eggs all in one basket”.

Source: https://www.databreachtoday.com/allscripts-ransomware-attack-reminder-cloud-risks-a-10602

-Ty Johnson

‘Jackpotting’ Comes to the United States.

 

Thieves have been using using software and hardware to rob ATM’s in a process called ‘jackpotting’ in Europe and Asia for many years.  However, now it seems to have come to the United States.  Major new outlets picked up on a report that ATM company Diebold Nixdord sent out memos to customers about the flaw.  The attacks are mainly being conducted on Opteva ATM devices in secluded locations that do not see a lot of pedestrian traffic.  

One of the ‘jackpotting’ attacks described in an article by Engadget is that first the attackers would disguise themselves as technicians and pretend to be fixing the machine.  With ‘jackpotting’ malware you can hook up a mouse and keyboard to a machine, by using endoscopes to find the reset button.  Then they take a mirror of the operating system, with the malware installed, and pair it with the ATM device which ultimately allows them to take all the money in a given machine.  The whole process does not take very long.  

The machines most at fault according to the Secret Service are ones that use Windows XP, which Microsoft no longer supports with security updates.  However, updating to a new OS like Windows 7 or 10 would fix the particular attack mentioned in the article it is also recommended to improve physical security.  They say that even updating to rear-loading ATM’s would be significantly safer as well as locking down access and monitoring the ATM at all times with a camera device.

According to another article by Gizmodo, which is quoting Reuters quoting Russian Firm Group IB, that in 2016 over a dozen Europeon countries were attacked.  According to CNN the original alert from ATM company Diebold Nixdorf suggest that the first sign of these attacks were in Mexico and made their way to the States.  The outlook of this issue, argues engadget, is not going to be positive as it is unlikely that companies will update their security, both physical and software, because it would most likely hurt the bottom line.  They suggest that it is not until the issue becomes overblown will any stance be taken by most companies.  

 

Sources:

https://www.cnet.com/news/jackpotting-hack-makes-its-way-to-atms-in-us-krebs-diebold-nixdorf-ncr/

https://www.engadget.com/2018/01/28/atm-jackpotting-hacks-reach-the-us/

https://gizmodo.com/apparently-a-way-of-hacking-atms-called-jackpotting-has-1822494175

Japanese Company Loses Nearly a Half Billion in Cryptocurrency

This week a Japanese based cryptocurrency exchange, Coincheck, was targeted by hackers. It lost $425 million in currency. The company has been very quiet about the reason and ways that the hack was carried out. It released a press statement on Friday saying only that the theft had occurred, but not how. Later it was revealed that the money was stored in a “hot wallet” as apposed to a “cold wallet” (a system not connected to the internet).

The company has said it will repay its users at about 81% the value of their lost assets. The value of the cryptocurrencies they were handling has dropped in response to the hack. Japanese officials have stated that there is a possibility for further attacks on cryptocurrency exchanges and warned them to stay alert.

This is not the first cyber attack on a cryptocurrency exchange. Mt Gox which handled 80% of the world’s bitcoin was hacked in 2014.

 

Sources:

Reuters. “Hacked Japanese Cryptocurrency Exchange Coincheck to Repay $425 Million.”NBCNews.com, NBCUniversal News Group, 28 Jan. 2018, http://www.nbcnews.com/news/world/hacked-japanese-cryptocurrency-exchange-coincheck-repay-425-million-n841761.

Wei, Wang. “Someone Stole Almost Half a BILLION Dollars from Japanese Cryptocurrency Exchange.” The Hacker News, 26 Jan. 2018, thehackernews.com/2018/01/coincheck-cryptocurrency-heist.html.

The Future of Artificial Intelligence

Artificial Intelligence (AI) technology is on the course to become a beneficial asset to the cyber security tool kit. Orli Gan from Check Point Software Technologies, an Israeli based, multinational provider of both software and hardware in Information Technology (IT) security, stated that, while having the “potential to be hugely useful, is still prone to serious and embarrassing errors.” Gan further expands on the issuing, suggesting that the largest issue lies in not having enough data or expertise to train the AI, and this, according to Gan, is due to the reluctancy in which people are willing to share their data for training purposes.The second issue Gan proposes is in “verdict logic,” meaning that the system is probable to throw false detections. Upon overcoming these issues, Gan speculates that the automation of processes previously performed by humans could “revolutionize the security sector.”

Check Point claims that they have been using AI to run analytics and detect attacks, and “10% of the attacks it blocks are attacks that its human analysts would not otherwise have spotted.” Nick Coleman, the IBM global head of cyber security intelligence stated at the 2017 Isaca CSX conference that “security professionals risked making themselves obsolete if they did not move towards adopting AI.” Check Point has also announced its newest software and hardware security, Infinity Total Protection, which claims to possess “zero-day threat prevention, together with a unified management and 24/7 support.” This security measure is intended to defend against “Gen V” attacks, which are cyber attacks categorized as “large-scale and fast moving.” What makes Infinity Total Protection so powerful is the shared intelligence across all consumers; this means that if one person were to suffer from a certain type of, or new attack, Infinity Total Protection responds and countermeasures are developed as soon a possible. Infinity Total Protection defends in multiple environments, including mobile and cloud defense.

Source: http://www.computerweekly.com/news/252433705/AI-is-moving-towards-acceptance-in-cyber-security-says-Check-Point

– Justin Armstrong