Displaying items by tag: cybersecurity
Security researcher Victor Gevers has uncovered a database of 1.8 million women in China who have their names, addresses, marital status, education levels, and phone numbers listed however the most troubling part of this database is the fact that women of a certain age group were also categorized as “breed ready”.
Gevers has said that anyone with an IP address has access to this database. This comes after his discovery of the Chinese database that leaked 300 million private messages last week.
“We don’t know who is behind this database and what the intention was… that is the part that worries us the most,” said Gevers. Most of the women in the database were located in Beijing.
Gevers reported the database on Twitter and had it closed down by 4am ET on Monday.
Some of the women are linked to their Facebook profiles and as Facebook is banned in China, they must have accessed it through the use of a VPN.
“In China, they have a shortage of women. So an organization started to build a database to start registering over 1.8 million women with all kinds of details like phone numbers, addresses, education, location, ID number, marital status, and a “BreedReady” status?” he tweeted.
Also, around 90 per cent of the women on that list were listed as single and were between the ages of 15 and 95. The “BreedReady” women were categorized, the youngest status was given to 18 year olds and the oldest with the status was 39.
The purpose of this database still remains uncertain however, many internet users said that it may have been the Chinese government’s effort to track the fertility of Chinese women as China’s birth rate has hit an all-time low.
China’s National Statistics Bureau found that only 15 million children were born in 2018 which was 2 million less than the previous year.
The House of Lords has called for a new central digital super-regulator to be created in order to inspect the different bodies protecting the internet and to replace the ‘clearly failing’ system of self regulation in place.
The Lords’ communications committee report has recommended a new Digital Authority. The report warns that the contribution of several regulators for the digital realm can be more problematic than helpful as it creates overlaps and gaps.
The report also states that large tech companies have failed to tackle cybersecurity issues and Ofcom should, in the future, expand their services to involve implementing a duty of care on those companies.
Lord Gilbert of Panteg, Chair of the committee, stated: “The government should not just be responding to news headlines but looking ahead so that the services that constitute the digital world can be held accountable to an agreed set of principles.”
He continued: “Self-regulation by online platforms is clearly failing and the current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation. Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people’s lives.”
The Lords said that the new Digital Authority should be guided by 10 guiding principles pertaining to online regulation. Some of these basic principles include: transparency, parity, recognition of childhood, accountability, privacy and human rights.
Last month, a Digital Culture, Media and Sport committee held Facebook responsible for being run by “digital gangsters” and as a result, recommending that tech and social media companies could regulate themselves independently under a ‘code of ethics’ which could be overseen by Ofcom.
The report by the Lords echoed this sentiment. It stated that self-regulation from internet behemoths from the likes of Google and Facebook were “clearly failing”.
Lord Panteg wrote: “Policy makers across different sectors have not responded adequately to changes in the digital world.”
He added: "The Digital Authority should be empowered to instruct regulators to address specific problems or areas. In cases where this is not possible because problems are not within the remit of any regulator, the Digital Authority should advise the Government and Parliament that new or strengthened legal powers are needed.”
The report recommends many changes to already existing regulations whether the Digital Authority is created or not. An example of these proposed changes is the public interest test for mergers and acquisitions which would protect peoples’ data from being bought and sold with no prior consent from the individual.
Additionally, the report recognizes the power which this new Digital Authority would hold and justified it by stating: “This is necessary because of the magnitude of urgent social and political problems caused by regulatory fragmentation in the digital world. These problems are less likely to become more complex as technology develops.”
Internet giants such as Google, Amazon and Facebook were not held in high regard amongst the Lords, especially in the report.
It concluded, “Major platforms have failed to invest in their moderation systems, leaving moderators overstretched and inadequately trained. Online platforms should make community standards clearer through a new classification framework akin to that of the British Board of Film Classification.”
The profiles and personal messages of 364 million users of Chinese social media sites were leaked online, exposing private records such as photos and identity card numbers which were being gathered by the Chinese government through a surveillance program.
Cybersecurity researcher for the NGO GDI Foundation, Victor Gevers, revealed in a series of tweets that the Chinese government was using a social media surveillance program which was “retrieving messages per province from 6 social platforms and extracts named, ID numbers, ID photos, GPS locations, network information, and all the conversations an file transfers get imported into a large online database.”
He continued “Around 364 million online profiles and their chats & file transfers get processed daily. Then these accounts get linked to a real ID/person. The date is then distributed over police stations per city/province to separate operators’ databases with the same surveillance network name.”
Gevers went on to say that the program used to retrieve all the private and sensitive information looked “like a jerry-rigged PRISM clone of the NSA.” NSA was the US government’s surveillance system that Edward Snowden revealed back in 2013.
In a direct message on Twitter, Gevers voiced some of his concerns regarding the situation.
“These surveillance systems are dangerous when they are open and fully accessible to anyone, which increases the risk of remote data manipulation. We have seen databases get ‘ransomed’ in the past.”
A great deal of the leaked data included information about cybercafés, which Gevers pointed out in a screenshot and said that those cafes may have been used as a potential tool to gather data on users.
QQ and WeChat were among the six Chinese messaging services which are both operated by Tencent.
In the past, WeChat denied their monitoring of user chat logs for government surveillance, however according to the Chinese legal system, all internet companies operating in China are expected to collect and store user data locally in case of an official inspection.
Security researcher Jane Manchun Wong said: “If sensitive information was exchanged in some of those conversations, it could have been sold to black markets, the same way how stolen credit card info from compromised databases work.”
She continued, “Except this one, it’s effortless to hackers. They could essentially just walk in and everything seems to be in plain text and accessible without any login information.”
The database was allegedly secured after Gevers exposed the issue.
There have been a few major leaks in China over the past few years.
Just last month Gevers reported a case regarding a Chinese tech company, SenseNets, which stored the data of 2.6 million people in the region of Xinjiang which is of Muslim majority and is under heavy police surveillance. The data included the ID numbers and addresses of the residents.
Chinese media outlets have launched a scathing attack on the United States for its role in the arrest and subsequent detainment of Huawei’s CFO in Vancouver earlier this week.
The Japanese government has announced that it will ban telecommunications equipment manufactured by Chinese vendors Huawei and ZTE amidst fears about cybersecurity.
Russia, Ukraine, and other areas have been hit by a new strain of ransomware called ‘Bad Rabbit’. The ransomware is said to bear similarities to the WannaCry and Petya outbreaks that caused chaos earlier this year. According to reports, it’s unknown how far this new malware will spread.
US officials said “multiple reports of Bad Rabbit ransomware infections” had been reported “in many countries around the world”. The US computer emergency team said it “discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored.”
Russian news agency Interfax was affected by the ransomware and also Fontanka.ru. Ilya Sachkov, head of Russian cybersecurity firm Group-IB, said, “In some companies, the work has been completely paralyzed – servers and workstations are encrypted.” Most of the victims were located in Russia, according to Kaspersky Lab, and a few cases in Turkey and Germany.
Victims of the ransomware had their computer contents encrypted. The hackers asked for a payment to release the data – in this case 0.05 bitcoins which is about $280. It was only a matter of time before a new strain of ransomware came along, said Gregg Petersen from software firm Veeam. The attack appeared to be targeted at corporate networks.
“We continue to see this lucrative business of ransomware wreak havoc, as the perfect storm of poor maintenance of updates, weak security measures, employee and user errors of judgment, and pseudonymous crypto-currencies exist,” Petersen said.
Most anti-virus programs aren’t able to detect the ransomware, according to analysis by virus checking site Virus Total. The malware was distributed via a bogus Adobe Flash update, claims security firm Eset. The malware’s code, according to a screenshot posted by researcher Kevin Beaumont, referenced pop culture characters including the names of two dragons from Game of Thrones.
To prevent further attacks, Petersen suggests that updates should be maintained, processes to support IT securities policies should be adhered to, and robust IT defenses should be put in place. Organizations should also have backup data located off the live IT network, he said, which should be “a key part of your data management strategy.”
WeDo Technologies, a worldwide leader in revenue assurance and fraud management, announced that TPx Communications, a US-based premier provider of unified communications, managed IT and network connectivity, has selected its RAID Fraud Management Solution (FMS) to protect its expanding network and its customers from fraud.
With more than 80,000 enterprise customers, which include the country’s top financial services, education, government, retail and healthcare providers, TPx prides itself on guaranteeing 5-nines connectivity and bringing the latest technology advances to its customers.
Recently, the company was the first managed services provider in the US to offer 4G/LTE managed service offerings to business customers. While TPx sees an exciting future with these new technology developments, it also sees how complexity in the networks leaves it vulnerable to fraud.
The rise of LTE networks is providing huge industry opportunities for communication service providers that help better support customers, each day, every day. There is a high level of awareness on how complex fraud prevention really is, as traffic volumes escalate and fraudsters become more sophisticated. It is essential to ensure and use the best in class tools and managed services that can support end customers’ services, in a fully protected network environment.
“WeDo is pleased that TPx has joined our roster of clients in the U.S,” said Thomas Steagall, Vice President North America and Caribbean, WeDo Technologies. “By recognizing the challenges that new digital networks and services are posing to their legacy fraud prevention solutions, TPx is taking a proactive approach to protecting themselves from potentially expensive and wide-ranging threats that may be difficult to contain, as we’ve seen from the increasing occurrence of ransomware attacks.”
WeDo Technologies provides a simpler, faster, smarter approach to managing telecom fraud.
RAID FMS enables CSPs to gain a holistic view of fraud by monitoring internal and external information from a single platform. The WeDo Technologies’ Fraud Management software system is a flexible application that runs on top of WeDo’s RAID Platform, enabling CSPs to integrate siloed data sources, as well as accommodate different strategies and operational requirements for diverse portfolios and product lines across the entire organization.
RAID can help stop losses from fraudulent activity, before they occur. By combining multiple detection methods – a hybrid rule based approach and machine learning – CSPs get greater accuracy and better predictive performance. RAID is available on-premise, as a managed service and via the Cloud. Visit RAID.Cloud for a free 60 day trial.
Large digital security breaches are a common occurrence in the corporate world today. The latest breach, experienced by consumer credit reporting agency Equifax, follows a trend of troubling hacks that have played out across the globe this year. It seems adversaries will stop at nothing to evolve their threats, move with even more speed, and find new ways to widen their operational space.
Equifax chief executive Richard Smith said his company “will make changes” after a massive security breach in July that may have exposed the data of up to 143 million people, he said in an opinion piece in USA Today on September 12. Smith said the company first learned of the breach on July 29, but didn’t go public with the information for six weeks because “we thought the intrusion was limited.”
Smith described the hack as the “most humbling moment” in the company’s 118-year history. Founded in 1899 and based in Atlanta, Georgia, it is the oldest of the three largest American credit agencies along with Experian and TransUnion. “We are devoting extraordinary resources to make sure this kind of incident doesn’t happen again,” Smith wrote, promising to “make changes and continue to strengthen our defenses against cyber crimes.”
The company has been highly scrutinized for its handling of the data breach, which compromised the personal information of as many as 143 million Americans. Residents in the United Kingdom and Canada were also impacted. After detecting the breach, Equifax waited six weeks before it notified the public in early September. Rather than informing people whose data had been compromised, the company set up a website that wasn’t ready for days.
Yahoo experienced similar scrutiny when it dealt with massive data breaches. The company announced in September 2016 that hackers in 2014 had stolen data from more than 500 million of its users’ accounts. Yahoo then announced in December 2016 another breach dating back to 2013 in which over a billion users had their data stolen. The US Securities and Exchange Commission opened an investigation into whether Yahoo should have informed investors sooner about the breaches.
To make up for its failure to protect users’ data, Equifax, which rakes in around US$ 3.1 billion in annual revenue, offered free credit monitoring services to its customers. But the company was criticized for requiring those who enrolled for the offer to waive their right to sue the company. Soon enough, Equifax backtracked on the requirement, allowing customers to sue the company if they sent it in writing within 30 days.
Nevertheless, Equifax has been forthcoming about the wider issue of cybersecurity and the need for change. Smith acknowledged some of the company’s problems in his article, admitting that consumers and media have raised “legitimate concerns” about the services Equifax offered and the operations of its call center and website. “We accept the criticism and we are working to address a range of issues,” he said.
Smith said the company is now committed to doing everything it can to support those affected by the breach. “Our team is focused on this effort and we are engaged around the clock in responding to millions of inquiries from consumers,” he said. Equifax has warned, however, that credit card numbers of around 209,000 people have been exposed, in addition to “personal identifying information” on roughly 182,000 customers involved in credit report disputes.
Prior to Equifax’s data breach, Time Warner-owned US TV network HBO was the latest major corporation to fall victim to hackers. HBO confirmed on July 31 that a whopping 1.5 terabytes of material had been stolen – a significantly larger amount than the 200 gigabytes stolen from Sony Pictures in 2014. Similar to Equifax’s breach, HBO’s hackers obtained potentially sensitive information, including employee data and even access to internal corporate emails.
The string of corporate hacks this year, including the global “WannaCry” ransomware attack in May and the subsequent “Petya” attack in late June, represent a chilling trend taking place all over the globe, in which cyber hackers are finding more avenues to infiltrate even the most seemingly protected organizations, by findingnew ways to widen their operational space.
An ever-evolving threat
Hackers today have more tools at their disposal than ever before. They also have a keen sense of when to use each one for maximum effect. In Cisco’s Annual Cybersecurity Report 2017, it explains how the explosive growth of mobile endpoints and online traffic work in favor of cyber hackers. Adversaries have more space in which to operate, the report claims, and more choices of targets and approaches.
It may not be possible to stop all attacks, the report says, but you can minimize both the risk and the impact of threats by “constraining your adversaries’ operational space and, thus, their ability to compromise assets.” Cisco suggests that companies should simplify their collection of security tools by integrating them into an automated architecture to streamline the process of detecting and mitigating threats. That leaves companies with more time to address more complex and persistent ones.
According to Cisco’s 2017 Security Capabilities Benchmark Study, organizations that have not yet suffered a security breach may believe their networks are safe. This confidence is probably misplaced, the report says, considering that 49 percent of the security professionals surveyed said their organizations have had to manage public scrutiny following a security breach.
Take Yahoo for instance: Following the shocking revelation that 1.5 billion of its users accounts were hacked on two separate occasions, the company was forced to slash the price of its core internet business in the sale to US telecom giant Verizon by $350 million. Yahoo is also in the midst of lawsuits related to the way the hacks were handled. In an effort to diffuse the situation and make up for damage to its reputation, Yahoo announced that it would not award CEO Marissa Mayer a cash bonus for 2016.
The Cisco study found that nearly a quarter of the organizations that have suffered an attack lost business opportunities, and four in ten said those losses were substantial. One in five organizations lost customers due to an attack, and nearly 30 percent lost revenue. When breaches occur, operations and finance were the functions most likely to be affected (36 percent and 30 percent, respectively), followed by brand reputation and customer retention (both at 26 percent).
The report once again emphasizes the importance of companies focusing their resources on reducing their adversaries’ operational space if they want to avoid the aforementioned consequences. As a result, attackers will find it difficult to gain access to valuable enterprise resources and to conduct their activities without being detected. Automation, the report says, is essential to achieving this goal.
Automation helps companies to understand what normal activity is in the network environment, so they can focus their resources on more significant threats. Simplifying security operations, the report says, is the most effective way of eliminating adversaries’ unconstrained operational space. Unfortunately, most organizations are using more than five solutions from more than five vendors, according to the study, creating a complex web of technology, which can be a recipe for less, not more, protection.
Qualcomm has joined AT&T, Nokia, IBM, Palo Alto Networks, Symantec and Trustonic as part of the IoT Cybersecurity Alliance formed earlier this year. The purpose of the group is to collaborate and pool together collective capabilities and resources to tackle emerging security challenges in the Internet of Things (IoT).
With over 1.5 billion IoT devices shipped using its chips, Qualcomm brings to the Alliance expertise in comprehensive security solutions rooted on hardware, for a wide array of edge devices including wearables, voice and music, connected cameras, robotics and drones, home control and automation, home entertainment, and commercial and industrial IoT.
“Robust IoT security needs to be built into the silicon that powers edge devices. A solid IoT security approach requires a combination of hardware-based security features tightly integrated with the software, communication protocols, applications and the cloud,” said Seshu Madhavapeddy, vice president, product management, IoT, Qualcomm Technologies, Inc.
“We are pleased to work with other members of the IoT Cybersecurity Alliance to support the IoT ecosystem, sharing best practices that help to protect consumers and businesses adopting IoT technologies,” Seshu added.
The IoT Cybersecurity Alliance brings together leading security providers and IoT experts to research and raise awareness of best practices for securing the growing IoT ecosystem. The Alliance’s mission is to advise businesses and their customers as well as to educate the industry on the cybersecurity measures needed to help create a safer IoT ecosystem that fosters collaboration and advances technologically secure IoT innovation.
Alliance members are raising awareness around IoT security at the endpoint, network, cloud and application layer, using overarching threat analytics to study the IoT ecosystem. The Alliance advocates for an “always-on” security approach.
More than a dozen tech giants in the United States, including Verizon, Facebook, Snap, Twitter and Alphabet’s Google, have filed a 44-page brief with the Supreme Court calling for tighter restrictions on government officials having access to private and sensitive cellphone data of individuals.
The move highlights an ongoing dispute in the US over whether authorities should have to obtain a warrant before accessing data that could reveal an individual’s location via their cellphone. More and more data is being collected through digital devices, the brief said; therefore greater protection is needed for individuals under the law.
The brief stated: “That users rely on technology companies to process their data for limited purposes does not mean that they expect their intimate data to be monitored by the government without a warrant.”
Timothy Carter, a man convicted of robbing Radio Shack and T-Mobile stories in Ohio and Michigan in 2013, appeared before the justices last June to hear his appeal that data was used to convict him without a warrant. Using “cell site location information” obtained from Carter’s wireless carrier, federal prosecutors were able to prove his location near several of the robbery sites.
Carpenter claims that the prosecutors didn’t obtain a warrant to access information about his whereabouts, which he said amounts to an unreasonable search and seizure under the US Constitution’s Fourth Amendment. But Carpenter’s convictions were upheld by a federal appeals court last year, who determined that no warrant was needed to access the data.
The debate over how much surveillance law enforcement and intelligence agencies should have over individuals is heating up in the US, amidst concern among lawmakers that authorities are ignoring warrant requirements to obtain private information.
Carpenter’s representative, Nathan Freed Wessler with the American Civil Liberties Union, said the brief by tech giants represents a “robust defense of their customers’ privacy rights in the digital age.” Carpenter’s case will be brought before the court some time after its new term begins in October, Reuters said.
Mr. Wessler highlighted the importance of Verizon’s role in the brief, given that, as the largest carrier in the United States, it receives thousands of requests for cellphone location records from authorities every year and just about always complies.
Civil liberties lawyers argue that in order to pursue an arrest, authorities need “probable cause” and therefore a warrant, to avoid searches that are unconstitutional.
People should be able to use technologies without running the risk of having their personal data taken without permission, the tech giants explain in their brief to the Supreme Court.