Monthly Archives: February 2018

Breach Exposes Sensitive California State Employee Data

Data Breaches occur almost on a daily basis. You may not know that your IT Security problem is. We will find it and we’ll develop and implement real-world solutions.  Read on to learn more about the data breach that leaked state government material.

News has surfaced of a breach of sensitive data of California state employees.

As reported by The Sacramento Bee, it appears thousands of Social Security numbers have been exposed at the Department of Fish and Wildlife, with the department confirming so in a memo sent to its staff.

It is alleged the breach was discovered in December last year but was only disclosed to employees this week. The California Highway Patrol is thought to be investigating the incident, which is believed to have been brought about as a result of a former state employee downloading data to a personal device before taking the device outside of the state’s network. Read more »

The most common type of data breach in hospitals? Paper records, study suggests

Our HIPAA risk assessment includes a comprehensive review of your current IT and data security policies, procedures, networks, systems, and configurations. Adsero Security can help your company or practice improve its security and HIPAA compliance. Read on to discover what type of data breach is most likely to happen in a hospital and how this could lead to a HIPAA disaster.  Read more »

FedEx data breach: 119,000 passports or photo IDs found on unsecured server

We are solutions, builders who provide comprehensive, complete, IT security management programs. In an IT security solutions initiative involving many vendors, we are the project managers who pull it all together and make sure it works as planned- for the long term. Breaches such as the one afflicting FedEx could have been avoided if Adsero Security were involved. Read on to find out how this happened.

Thousands of FedEx (FDX) customers’ private information was exposed after the company left scanned passports, driver’s licenses and other personal documentation on a publicly accessible server.

The incident was first discovered by researchers at a German-based security center called Kromtech earlier this month.

According to the security firm, the server belonged to Bongo International, a company that helped customers with shipping calculations and currency translations. FedEx purchased Bongo in 2014 but renamed the company FedEx Cross-Border International a year later before discontinuing the service in April 2017.

FedEx said on Thursday that it has secured some of the customer identification records that were exposed earlier this month and added that so far it has found no evidence that private data were “misappropriated.” The company, however, said it continues to investigate.

“After a preliminary investigation, we can confirm that some archived Bongo International account information located on a server hosted by a third-party, public cloud provider is secure. The data was part of a service that was discontinued after our acquisition of Bongo. We have found no indication that any information has been misappropriated and will continue our investigation,” a spokesman confirmed to FOX Business on Friday.

The data breach could affect anyone who might have used Bongo’s services anytime from 2009 to 2012, and it’s possible the data were exposed online for several years,” according to Bob Diachenko, Kromtech’s head of communications.

What cybersecurity surprises does 2018 hold?

As more technological advancements are made, more opportunities for cybersecurity issues will arise. One thing is for sure, there is no problem that Adsero Security can’t solve. Read on to find out what surprises are in store for this year.

Bitcoin, the General Data Protection Regulation in Europe and the Internet of Things (IoT) are just three recent developments that will present security professionals with new challenges in 2018. That’s in addition to the usual raft of malware, DDoS attacks and database thefts that have dominated the headlines for some time.

To get a handle on what to expect, we asked two Keeper Security experts – Director of Security and Architecture Patrick Tiquet and Chief Technology Officer Craig Lurey – to peer into their crystal balls to find what 2018 holds. Here’s what they saw.

IoT

IoT has been on Patrick’s mind a lot lately, not just because it represents a vast expansion of the attack surface, but also because it opens whole new types of data to compromise. “Every aspect of your everyday life is potentially accessible to anyone anywhere in the world in seconds,” he says. “All your conversations can be accessed, captured and converted.”

Vulnerabilities have already been reported in voice-activated personal assistants, and attackers years ago figured out how to turn on smartphone microphones and cameras without the owner’s knowledge. “We will see a major IoT security disaster this year, and I think it will be bigger than the Dyn hack of 2016,” which originated with printers, security cameras, residential gateways and baby monitors,” Patrick says.

New attack vectors

New attack vectors have also been on Craig’s mind, particularly in light of recent disclosures of hardware flaws in microprocessors. “There’ll be more activity by hackers around hardware-based attacks that go after the memory of the device,” he says. Particularly concerning is that “Spectre and Meltdown took advantage of hardware flaws but were able to abstract them to the software level.” That makes them harder to stop with conventional anti-malware protections alone. Hardware vulnerabilities may demand a whole new type of protection.

Japan’s Coincheck set to report to regulators over $530 million cryptocurrency heist

With a combined  45 years experience, Adsero’s principals have seen it all. We can solve any problem. Prevention is pivotal in cases like this. Read on to find out how over $530 million in cryptocurrency was taken in a heist.

Japanese cryptocurrency exchange Coincheck, stung by the theft of $530 million of digital money last month, is expected to file a report with regulators on the hacking on Tuesday.

The Financial Services Agency ordered Coincheck to raise its standards after the hack and gave the exchange until Feb. 13 to submit a report on the heist, the safety of its systems, and measures it would take to prevent a repeat.

Coincheck said on Friday it would allow customers to restart yen withdrawals on Tuesday. The exchange, which froze all withdrawals of yen as well as digital currencies following the theft, said it had confirmed the integrity of its system security.

Coincheck has received withdrawal requests from customers totaling about 30 billion yen ($280 million), a person with direct knowledge of the matter told Reuters last week.

Still, the exchange said it would keep restrictions on cryptocurrency withdrawals until it could guarantee the secure resumption of its operations. It did not give further details.

The Coincheck heist exposed flaws in Japan’s system of regulating cryptocurrency trading, and raised questions over the country’s dash to oversee the industry – a move that was in sharp contrast to clampdowns by policymakers in countries such as South Korea, China and India. Read more »

Winter Olympics: Computer virus targeted Pyeongchang Games, say cyber security firms

As previously mentioned, the Olympics are a highly suspected target for cybersecurity threats. It did actually happen. Adsero Security would have performed penetration testing to assess any risks and from there developed a security written policy, set risk management standards, and then train various staff members. With Adsero Security on their side, they would have slept better at night. Read on to see how this nightmare occurred

PYEONGCHANG (REUTERS) – Several US cybersecurity firms said on Monday (Feb 12) that they had uncovered a computer virus dubbed “Olympic Destroyer” that was likely used in an attack on Friday’s opening ceremony of the Pyeongchang Winter Games.

Games Organisers confirmed the attack on Sunday, saying that it affected Internet and television services but did not compromise critical operations.

Organisers did not say who was behind the attack or provide a detailed discussion of the malware, though a spokesman said that all issues had been resolved as of Saturday.

Researchers with cybersecurity firms Cisco Systems Inc, CrowdStrike and FireEye Inc said in blog posts and statements to Reuters on Monday that they had analyzed computer code they believed was used in Friday’s attack.

All three security companies said the Olympic Destroyer malware was designed to knock computers offline by deleting critical system files, which would render the machines useless. The three firms said they did not know who was behind the attack.

“Disruption is the clear objective in this type of attack and it leaves us confident in thinking that the actors behind this were after the embarrassment of the Olympic committee during the opening ceremony,” Cisco said in its blog.

 The attack took the Olympics website offline, which meant that some people could not print out tickets and WiFi used by reporters covering the games did not work during the opening ceremony, according to Cisco.

Read more »

Winter Olympics “draws hackers like flies to a candle,” cybersecurity expert says

Cyber Security is a global issue. Adsero has seen it all and done it all. Read on to discover why hackers are so attracted to the Winter Olympics.

 

Officials in South Korea are investigating a security breach at the Winter Olympics Opening Ceremony. A spectator managed to slide down the ramp leading to the Olympic Flame and wandered around the stage during a performance. He was taken away by security.

Meanwhile, Olympic organizers are investigating a possible cyber attack on their internet and WiFi systems before the Opening Ceremony. There were no serious problems, but officials are concerned that the Games could be targeted again by hackers.

The most pressing threat to the Winter Olympics may be one that South Korean security teams can’t see.

“It’s got political importance. It’s got a lot of money — that draws hackers like flies to a candle,” said cybersecurity expert Jim Lewis.

He told CBS News hackers have repeatedly targeted the Games.

During the Olympics in Beijing, London and Brazil, there were reportedly millions of attempted cyber attacks a day. Some succeeded.

“Low-level but scamming tickets, stealing money,” Lewis said

The Department of Homeland Security alert warned travelers to Pyeongchang that their mobile devices could be monitored or compromised.

One concern in South Korea is whether Russian hacking units may seek payback for the decision to ban Russia’s Olympic team from the Games amid doping allegations.

“And in previous Olympics, they’ve done their usual trick,” Lewis said. “They hack emails and release things that are damaging to American athletes or athletes from other countries.”

Cybersecurity firm Trend Micro says a hacking unit with Russian ties called “Pawn Storm”  recently sent malicious emails to the International Ski Federation, International Ice Hockey Federation and several other organizations with a stake in the Winter Games.

Read more »

Viewpoint: Equifax breach is a reminder of society’s larger cybersecurity problems

Our society is faced with an array of opportunities of being hacked. This is why Adsero Security’s specialty in writing IT security policies and training your staff on policy adherence thus developing a culture of compliance is so important. Read on to discover why cybersecurity issues affect society as a whole.

The Equifax data breach was yet another cybersecurity incident involving the theft of significant personal data from a large company. Moreover, it is another reminder that the modern world depends on critical systems, networks and data repositories that are not as secure as they should be. And it signals that these data breaches will continue until society as a whole (industry, government and individual users) is able to objectively assess and improve cybersecurity procedures.

Although this specific incident is still under investigation, the fact that breaches like this have been happening – and getting bigger – for more than a decade provides cybersecurity researchers another opportunity to examine why these events keep happening. Unfortunately, there is plenty of responsibility for everyone.

Several major problems need to be addressed before people can live in a truly secure society: For example, companies must find and hire the right people to actually solve the overall problems and think innovatively rather than just fixing the day-to-day issues. Companies must be made to get serious about cybersecurity – at a time when many firms have financial incentives not to, also. Until then, major breaches will keep happening and may get even worse.

Finding the right people

Data breaches are commonplace now, and have widespread effects. The Equifax(NYSE: EFX) breach affected more than 143 million people– far more than than the 110 million victims in 2013 at Target, the 45 million TJX customers hit in 2007, and significantly more than the 20 million or so current and former government employees in the 2015 U.S. Office of Personnel Management incidentYahoo’s 2016 loss of user records, with a purported one billion victims, likely holds the dubious record for most victims in a single incident.

Read more »

Uber says hackers behind data breach were in Canada, Florida

Hackers can strike from anywhere. This means that any organization is vulnerable. Adero’s penetration testing allows clients to detect their areas of vulnerability. Read on to discover how easy it was for two people to hack into Uber’s system.

The two people behind a 2016 data breach at Uber Technologies Inc. were found to be in Canada and Florida, an Uber cyber security executive told the U.S. Congress on Tuesday.

About 25 million users affected by the breach are users located in the United States, John Flynn, chief information security officer at Uber, said in written testimony to a Senate Commerce Committee panel.

Uber announced the breach of 57 million worldwide users last November. Of those impacted in the United States, 4.1 million were drivers, according to the testimony.

Uber Canada announced late last year that 815,000 Canadian riders and drivers may have been affected.

The testimony from Flynn is the most comprehensive public account to date of the Uber hack, the handling of which prompted newly appointed Uber chief executive Dara Khosrowshahi to fire two of the company’s top security officials.

Reuters reported in December that a 20-year-old man was primarily behind the massive data breach, and that he was paid by Uber to destroy the data through a so-called “bug bounty” program normally used to identify small code vulnerabilities.

Flynn confirmed the man who obtained data from Uber was in Florida and that his partner, who first contacted the company on Nov. 14, 2016, to demand a six-figure payment, was located in Canada.

The company’s security team made contact with both people and received assurances the pilfered data had been destroyed before paying the intruders $100,000, Flynn said.

Read more »

Consumer Reports finds Samsung, Roku TVs vulnerable to hacking

You may not know exactly what your IT Security issue is. We will find it and develop and implement a solution. The more reliant on technology that we become, the more prone to hacking our society is. Listen to how easily Roku TVs can be hacked.

We’ve written in the past about how your TV is probably tracking you, and now Consumer Reports, as part of a broad privacy and security evaluation, has has found that millions of smart TVs are vulnerable to hackers and “raise privacy concerns by collecting very detailed information on their users.”

According to the report, the problems affect Samsung televisions, plus models made by TCL and “other brands that use the Roku TV smart TV platform, as well as Roku’s popular streaming devices.”

“We found that a relatively unsophisticated hacker could change channels, play offensive content or crank up the volume, which might be deeply unsettling to someone who didn’t understand what was happening,” Consumer Reports said. “This could be done over the web, from thousands of miles away.”

The good news is these TVs’ security vulnerabilities apparently won’t allow hackers to spy on you or steal your information, according to Consumer Reports.

The report singled out Samsung, TCL and other Roku TVs as being vulnerable, but smart TVs from LGSony and Vizio were also evaluated. While they were cleared from a security standpoint, the testing found “that all these TVs raised privacy concerns by collecting very detailed information on their users.”

As CNET’s David Katzmaier wrote last year, Vizio was slapped with a $2.2 million fine by the FTC for failing to properly disclose how it shares its tracking information, and in previous years Samsung and LG have both faced similar scrutiny. Streamers from Roku, AppleAmazon and Google haven’t yet made any major privacy missteps, but their policies are generally less intrusive than those of TVs. Read more »