Friday’s Cyber Attack and Future Threats

By | October 24th, 2016|Industry News|

CSID

Photo by: DownDetector

Friday was an interesting one for Internet users in the U.S. A large-scale Distributed Denial of Service (DDoS) attack took down a number of sites including Twitter, Netflix, and Amazon for a large part of the day. Many of us were left with a newfound sense of how much we rely on web-based services in our day-to-day lives and a growing unease about how vulnerable these services are.

DDoS attacks are not new and are just one type of cyber attack in a growing arsenal. We’ve compiled a list of some of the types of cyber attacks that are seeing incredible growth, and a description of how each works. You’ll likely be hearing these terms more as these attacks continue to grow in prevalence and scope.

Distributed Denial of Service Attack: Friday’s Internet outage was caused by a DDoS attack on Dyn, a company that monitors and routes Internet traffic. While Friday’s attack did require a fair amount of sophistication (USA Today has a great summary of the details we know to date), most DDoS attacks are easy and inexpensive for hackers to execute. A DDoS attack occurs when a website’s servers are flooded with illegitimate page requests, preventing legitimate requests from getting through. This can often cause the website to crash. Cyber criminals can execute DDoS attacks for as little as $150 a day by purchasing botnets on the online black market. Botnets are a network of computers and connected devices infected by malware and controlled without the owner’s knowledge. Botnets are used to send the page requests, resulting in the overburdened servers. A recent study by CDN services company Akamai found that there has been a 125 percent increase in DDoS attacks year-over-year and a 35 percent increase in their duration.

Zero Day Attacks: A Zero Day vulnerability refers to a hole in a businesses’ software that is unknown to the software provider. A Zero Day attack refers to an incident in which this hole is exploited by hackers before it is discovered and fixed. Because these vulnerabilities are unknown to the developer, cyber criminals can often exploit holes for months before anything is detected. According to Symantec, the number of Zero Day attacks also increased by 125 percent last year.

Domain Name System (DNS) Highjacking: The DNS is a naming system for any resource connected to the Internet that associates various information with domain names. For example, a DNS translates a user-friendly name, like CSID.com, to its corresponding IP address. DNS hijacking, or DNS redirection, is the practice of intercepting and changing the information associated with a DNS record for malicious reasons. The result is a user ends up on a site that has malicious malware or code instead of the site intended.

These are just a few of the cyber attacks we’ll be reading more about in the coming years, especially as the skill set and resources needed to execute them continues to lessen. For businesses, it means strengthening security on their sites and focusing on security against web-based attacks. For consumers, it is about staying informed.

Were you affected by Friday’s DDoS attack? Share your experience with us on social media. Follow CSID on FacebookTwitter or LinkedIn.

 

Industry News Recap: Zero-Day Exploits In The Limelight

By | August 28th, 2015|Uncategorized|

Zero-Day AttackA large amount of tech coverage has recently been devoted to zero-day vulnerabilities and attacks and the industry’s widespread attempts to stop them.

The average Internet user has never encountered the term “zero-day attack” but it’s one that we are going to hear more about in future. A zero-day attack occurs when a hacker exploits a software flaw that is unknown to the developer. Techopedia’s Cory Janssen explains that this type of flaw is dangerous because “there is no known security fix [as] developers are unaware of the vulnerability or threat.” These threats are called “zero-day” because they occur on or before the day that a vendor becomes aware of the bug.

Zero-day attacks have long been a concern for software developers, but they have only recently received widespread attention due to a string of high-profile events. In July, leaked documents revealed multiple zero-day exploits in Shockwave Flash. From The Post-Standard: “Once the details were made public, it left anyone using Flash open to cyberattacks.” According to TechRepublic, the result was an eye-opening race, that revealed hackers were able to create malware to exploit the flaws a full day before developers could patch them. Since then, zero-day attacks against a wide variety of developers have dominated the headlines.

The insidious nature of zero-day attacks is alarming, but developers have systems in place to combat them. An exciting example: bug bounty programs, which give monetary rewards to members of the general public who discover software bugs. The tech industry has long used bug bounty programs to incentivize hackers to uncover and report security flaws. Infosecurity Magazine reports that United Airlines has also adopted this strategy and has already “awarded millions of frequent flier miles to white-hats.”

For end-users, the best way to stay safe is to keep your software updated. Frequently check for updates to your browser and select “auto-update” wherever possible so that your device always has the latest security patches.

Let us know what you think on Twitter and Facebook. Be sure to check out our Tumblr for the latest industry news stories.

Cyber Criminals Shut Down an SMB in One Hour

By | May 11th, 2015|Uncategorized|

JomocoThere’s a huge misconception among small businesses that cyber criminals are only interested in stealing data from big names like Target, Home Depot and Neiman Marcus. This misleading mindset may cause a small business (SMB) to inadequately invest in security measures and improperly enforce security policies at work. In fact, only 2 in 5 SMBs have a social media policy in place and only 2 in 10 SMBs plan to increase security spending this year. The truth of the matter is that cyber criminals are looking for the path of least resistance that will get them the most information as fast as possible.

With the growth of startup culture across the nation, we decided to test just how easy it is for cyber criminals to infiltrate a budding business. Thanks to the ingenuity of the sales and marketing team and some dark web help from our cyber team, Jomoco was brought to life. Jomoco is a fictitious coconut water company with a groovy coconut mascot and two fabricated employee personas. We set up Jomoco like any other startup would – with a company website, server, employee personal and work email addresses, a credit card and some employee social media accounts. CSID also ensured that Jomoco’s fictional employees made common mistakes when protecting their professional and personal data online, including sharing sensitive information via email and reusing passwords across multiple sites. The real cyber criminals took it from there.

Within one hour, Jomoco was taken over by cyber criminals. The website was defaced, the credit card had been used and employees were locked out of work emails and social media sites.

Interested in finding out how cyber criminals took down this business so fast? Download our case study to get the complete story, including pictures of the defaced website and the dark web forums where Jomoco’s credit card information was shared. If you’re an SMB looking to better protect your data, here are tips from the National Cyber Security Alliance on how to make your business more secure.

How can SMBs better protect their assets? What are some ways employees can protect business data? Please share your thoughts with us on Facebook, Twitter and LinkedIn! We’d love to hear what you have to say.

News Recap: US Postal Service Breach

By | November 14th, 2014|Breach, Uncategorized|

USPS BreachThis week, the United States Postal Service (USPS) became 2014’s latest data breach victim after a cyber attack targeting the organization’s computer systems resulted in the loss of employee information.

Devlin Barrett of the Wall Street Journal reported, “More than 800,000 people, including employees, top directors and regulators, could be affected by a computer systems breach that may have compromised data including names, Social Security numbers and addresses.” Barrett continued, “Employees, some retirees and staffers of the Postal Regulatory Commission, the U.S. Postal Inspection Service and the Postal Service Office of Inspector General have been affected… An unknown number of customers also could have been affected, though not to the same degree.”

Help Net Security shared a statement from the USPS, which said, “Postal Service transactional revenue systems in Post Offices as well as on usps.com where customers pay for services with credit and debit cards have not been affected by this incident. There is no evidence that any customer credit card information from retail or online purchases such as Click-N-Ship, the Postal Store, PostalOne!, change of address or other services was compromised.”

Ellen Nakashima of the Washington Post attributed the attack to hackers allegedly backed by the Chinese Government. Nakashima comments, “The Chinese government has consistently denied accusations that it engages in cyber theft and notes that Chinese law prohibits cybercrime. But China has been tied to several recent intrusions, including one into the computer systems of the Office of Personnel Management and another into the systems of a government contractor, USIS, that conducts security-clearance checks.” Nakashima also notes, “The intrusion into the USPS, officials said, was carried out by a sophisticated actor who did not appear to be interested in identity theft or credit card fraud.”

Does this particular incident have any unique implications impacting national security? While this breach did not necessarily result in the loss of consumer data, what safeguards or precautions should consumers be taking? Let us know your thoughts on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts