Smart Watch Security Threats

As with any piece of new technology, the introduction of smart watches come with new threats to security. A recent study was conducted on these watches and to no ones surprise, many vulnerabilities were found. A few of the vulnerabilities listed include, a lack of transport encryption, lack of user authentication, privacy problems, and firmware problems. It was also found that communications were easy to interfere with and intercept. This means that as of right now, if sensitive data is being transmitted over the watches, anyone could get a hold of it.

Experts recommend to protect sensitive information with strong passwords and to make sure you are controlling your communications to avoid middle man attacks. Another suggestion they make is to manage your transport layer security settings and make sure they are in good shape for protecting you. The biggest concern however seems to be the vulnerabilities of the apps rather than the watch itself. Previously there have been attacks on apps for the iPhone and such so the experts say it wouldn’t be surprising to see attacks on the smart watch apps.

The bottom line is to approach these new smart watch products with care and to focus more on the security of the apps than the watch itself. Additionally, as time goes on, more apps for increased security will be released. Apple has already released several since the release of their Apple Watch.

-Thomas Coburn

“Computer terror simulation used to recruit ‘cyber defenders’ “

The United Kingdom is having a contest to test contestants skill with cyber defense.  The ones who are running this contest are members of the National Crime Agency (NCA).  They are hosting the contest on the HMS Belfast, where 42 contests are split into teams.  The simulation is that the guns have been taken control of by hackers and are aimed at the city hall building and will go off when the countdown timer goes off.  The contestants taking part are not working for any cyber-security companies or in the field.  The contest had been started over 10 months ago and had many people competing to qualify for this.  The reason for the contest is that the people in field of cyber-security said they have had a shortage of skill across the country and they are hoping to give them a job in the field if they have the skills they are looking for.  The simulation went on for 48 hours and had a lot of twists and turns. The contestants had to use the 48 hours to see if the threat was real, find the threat and stop it, and gather forensic evidence to use against the hackers.  There is another room that has critical national infrastructure simulations like water systems and power systems. The contestants are taken in this other room and they have to see if the hackers have been in there too.  The ones who are running the simulation say that the simulation could be real and that anything that is internet-enabled is at risk of being hacked.

Sources:

http://www.bbc.com/news/uk-31875832

Bank Hackers Steal Millions Via Malware

There was a story published in The New York Times, a few weeks ago about a organized group of cybercriminals that pulled off one of the largest bank heists, digitally, ever. This group, named by Kaspersky, Carbanak, is responsible for deploying malware to gain access to computers at more than 100 banks and steal well over $300 million.

Image: Kaspersky

There were 300 IP addresses targeted and the attack spanned nearly 30 countries worldwide. And the method used:

Phising

I’d hope that a bank would have better sense not to fall for a simple phising attack, but this wasn’t very simple. Most times, phishing attacks are aimed at the customers, trying to gain sensitive information. Carbanak targeted the machines in the banks directly, and finding ways to steal cash directly from the financial institution.

This same group is also thought to be behind several credit/debit card breaches at retail stores around the world, including Staples, however there has not been any noticable activity since the bank heists, which the story was covered by Brian Krebs back in December 2014.

Article: http://krebsonsecurity.com/2015/02/the-great-bank-heist-or-death-by-1000-cuts/#more-29921

Kaspersky Report: http://krebsonsecurity.com/wp-content/uploads/2015/02/Carbanak_APT_eng.pdf

-Jeremiah Faison

CryptoWall 2.0

CryptoWall is a virus known as ransomware. This virus is known to infiltrate your computer when you click on a legitimate-looking attachment or through existing malware that is in your hard drive. Once the virus is released it instantly encrypts all your files. Once all your files are encrypted you receive a ransom note demanding money for a decryption key. If the money it not received within a week, the price is doubled. After that is not paid then the decryption key would be destroyed and your files would be lost forever.

CryptoWall only accept Bitcoins as their currency, which can be even more difficult for some users who don’t know much about this online currency. Conveniently, the hackers attach a link on how Bitcoins work (with pictures).

Once you get this virus it is technically impossible to get rid of it without paying the ransom. So you are pretty much forced to pay up unless you want to lose your files. It is also hard for government agencies to crack down on these group of hackers, not because we can’t find them ( normally originating from Russia), but because its difficult getting foreign governments to cooperate and extradite them.

Some ways to avoid getting this ransomware would be not opening attachments from emails that don’t typically add attachments and aren’t very trustworthy. Also it would be very smart to keep your files backed up so if this does end up happening to you, you have a back up to fall back on and you won’t lose everything.

http://www.nytimes.com/2015/01/04/opinion/sunday/how-my-mom-got-hacked.html?_r=0

Patient Data Breached in Armed Robbery

Boston, MA – On September 24, 2014, A laptop and a cell phone containing patient data was stolen from a Brigham and Women’s Hospital physician. Even through both devices were encrypted, the assailants forced the physician to provide the pass codes to bypass the security measures. The press release issued on November 17 by the Brigham and Women’s  Hospitable indicted that 999 patients had some of the following information on the devices: names or partial names, medical record number, age, medications, or information about diagnosis and treatment. The patients received treatment at the hospitable between October 2011 and September 2014 and a small amount of the data were participants in research studies. The devices have not been recovered.

The Boston Police were notified immediately and the hospitable started an investigation and created a work group to deal with the incident. They are also reviewing policies and procedures  to better counter similar incidents in the future. The hospitable is also notifying the affected patients.

-David Mauriello