Kaspersky warns of more fake supply chain attacks

More fake supply chain attacks are expected given the heightened cyberheist activities of the notorious Lazarus group, Russian cybersecurity firm Kaspersky Lab AO said Thursday.

Seonsgu Park, Kaspersky’s senior security researcher in the Global Research and Threat Analysis Team (GReAT), warned that more fake supply chain attacks are expected.

“With major attacks up its sleeves—such as the Bangladesh Bank heist and the WannaCry ransomware, to name a few—the Lazarus group is like a constant presence in the world of cybersecurity and it is getting quite adept at hiding and spreading its evil schemes,” said Park.

Kaspersky found that the Lazarus group—an advanced persistent threat (APT)—has developed new malicious operations which at first glance looks like a supply chain.

Dubbed as AppleJesus, the APT’s attack compromised users through the Trojanized trading application Celas Trade Pro, developed by a legitimate company Celas Limited.

Once Trojanized, a software is infected by a malware which, once activated, enables cybercriminals to spy on users, steal sensitive data, and gain backdoor access to systems.

“The extensive effort it exerts to create malware for the supposedly safer MacOS environment, and the intricate details needed to create a legitimate-looking application and software company, prove it is far from stopping,” said Park.

“There are more attacks to come, and we had better be ready because it won’t get any easier,” he warned.

Kaspersky said individuals should be more prudent in choosing third-party vendors and more cautious in trusting legitimate-looking software applications, certificates, and developers.

“We have observed how the Lazarus group has constantly evolved—from waging cyber espionage campaigns worldwide to financial attacks against major banks. Last year, we warned that they are not after your data anymore. And indeed, they aren’t,” said Park.

“These state-backed attackers are now ramping up the sophistication of their attacks and widening their reach to steal more money and trick the cybersecurity industry,” he said. —Jon Viktor Cabuenas/VDS, GMA News

source: gmanetwork.com

The Hidden Costs of Data Breaches and How to Avoid Them

Today’s society has grown all too accustomed to hearing yet another well-known company listed in the headlines as the latest victims of a massive data breach. By the time we hear this news, the company-and often its customers-have already suffered losses. Some of these losses are obvious, like the loss of data stolen by hackers. There are also significant hidden costs of data breaches that were recently calculated as high as $350 million in a July 2018 global study conducted by IBM.

The hidden costs of data breaches include:

Lost business:
While a company is recovering from a data breach, their systems might be down or compromised. Some companies elect to cease operations all together until security can be restored. The cost of this lost business adds up by the second. Most of these breaches stem from a malicious or criminal attach (instead of a glitch or human error) so in addition to repairing the damage, cybersecurity professionals must also shore up the vulnerabilities that allowed the attack to happen in the first place.

Lost time:
While the damage accrues quickly, the process to identify and contain a breach often does not. According to this latest report, companies took an average of 197 to identify a data breach. Once identified, it takes an average of 69 days to contain the breach. If companies were able to contain a breach faster (i.e. in less than 30 days), they saved over $1 million dollars. There’s also the hidden cost of shifting employee resources and time during a breach or containment period. Work and focus on current projects often shuts down as all hands on deck address the crisis. In the cast of a large company, this can also demand an entire marketing campaign to message the results of the breach and company response to customers.

Lost reputation:
The reputational damage caused by a data breach can be the most painful to bear for companies. These costs are often hidden because it’s difficult to capture clients who would have been had they not heard of a company’s breach. Customers also seem to react and respond differently depending on the type of data lost in a breach. In a 2011 study on the impact of data breach on company reputation, most people surveyed were more concerned if their personal, confidential information was lost or stolen compared to their employee files. They also estimated that it would take 8 months to 1 year for a company to recover from the damage caused by a breach. Communicating a breach early, thoroughly, and providing updates to customers were noted as best practices to preserve and regain reputation following a breach.

Recognizing the hidden costs of data loss should provide additional motivation to pursue a dedicated data loss prevention strategy. Whether you own a company or have your data saved by hundreds of companies, we’re all impacted by data breaches. Challenge the companies that you trust your data with to protect it as if it was their own.

source: securedatarecovery.com

Massive data breach has cost Equifax nearly $90 million

SAN FRANCISCO — A massive security breach that hit Equifax has cost the US credit bureau nearly $90 million so far, a figure that is set to rise further, its chief financial officer said on Thursday.

The company, which gathers data on consumers to help lenders determine borrowers’ creditworthiness, revealed in September that hackers had stolen the personal details, including names, dates of birth and social security numbers, of nearly 146 million people.

In the third quarter, “we incurred a one-time charge related to the cybersecurity incident of $87.5 million,” John Gamble said during a conference call on quarterly results.

Equifax is forecasting between $60 and $75 million in spending that will include information technology security in the fourth quarter, he said.

In addition to the expenses, the group’s earnings have also been affected, particularly due to customer dissatisfaction, Equifax said.

Its net income fell 27 percent to $96.3 million in the third quarter.

Equifax also said in a document sent to the US Securities and Exchange commission that it is the subject of 240 class-action lawsuits in the US and Canada as well as more than 50 investigations in the US, Canada and Great Britain.

It did not quantify the possible financial impact of the lawsuits.

Equifax interim CEO Paulino do Rego Barros said that following the security breach, its senior leadership will not receive bonuses this year.

Its CEO Richard Smith resigned in late September, as did two other Equifax executives, its chief information officer and chief security officer.

source: business.inquirer.net

Virgin America computer systems hacked

SEATTLE — Alaska Airlines said it is taking precautions including requiring employees to change their passwords after Virgin America’s computer systems were hacked.

An Alaska Airlines spokeswoman said Monday that the company noticed unusual activity in Virgin’s systems in March and notified law enforcement and hired cybersecurity experts. She said customer information wasn’t affected but employees and contractors will be required to change passwords every 90 days.

About 3,100 employees may have had their login information stolen, the airline said. Another 110 also had personal information compromised, including addresses, Social Security numbers and health-related information. The airline is paying for credit-monitoring services for those 110 employees and contractors.

Alaska bought California-based Virgin America last year.

A letter to Virgin America employees from Kyle Levine, general counsel of Seattle-based Alaska Air Group Inc., was posted on the California attorney general’s website last week.

Levine said the hacker or hackers gained employees’ login information and passwords to Virgin America’s network. He offered advice for employees who think they might be victims of identity theft.

source: newsinfo.inquirer.net

5 Ways Small Businesses Must Protect their Data

Cyber security is a new concern for all businesses. Big hacks, like the Target, Home Depot, and Sony attacks, have only emphasized how much small businesses need to protect themselves. Large businesses have a lot of resources to do this, but small businesses often do not have the budget or knowledge to perform due diligence against cyber security attacks. Here are 5 ways a small business can protect itself from data threats.

Protecting Small Business Data: Backup
The new threat on the block is ransomware. Symantec estimates that 60% of small businesses face significant financial hardships after being attacked by ransomware. Some of these businesses even discontinue service or go out of business as a result of the attacks. Ransomware encrypts important files, like documents, pictures, and CAD files, on a PC. The local PC isn’t the only victim either. Ransomware will also attempt to reach out to other PCs on the network, especially mapped network drives. Once the ransomware finishes encrypting files and drives, the software demands money to un-encrypt the data that the business can no longer access. The ransom can be expensive.

Small business can’t afford that kind of monetary hit. However, if a system gets attacked by ransomware and the business has a quality backup, the business can simply wipe the PC and start over. Re-imaging a PC and restoring data only takes a day or two and saves the business thousands of dollars. Backing up and protecting small business data is easy. There are a lot of good, online services that automate this process for an affordable yearly fee. Likewise, it’s easy enough to setup on your own. The important thing is to keep 3 different backups for the 3 different time periods for each PC. Each backup set needs to be kept on-site, off-site but local, and not local. This ensures that data is saved in case a business goes up in flames or the offsite backup is hit by a natural or man-made disaster. Data storage is cheap today so there’s a backup is an easy choice..

Protecting Small Business Data: Switch to the Cloud
The cloud is still a scary thing for businesses. I understand why. Using a cloud infrastructure means that businesses have to hand over control of their IT systems and depend on another business to stay in business. Think of it this way, though, cloud businesses build their business on reliability, speed, and security. Microsoft’s Azure and Amazon’s S3 services are incredibly powerful. They both have over a 99% uptime guarantee in their Service Level Agreements. Both replicate data in servers throughout the country. Both backup data. Microsoft has the advantage of adding their entire Office Suite in the cloud, too. Best of all, cloud services can lower ownership expenses.

Protecting Small Business Data: Purchase, Update Quality AV
Antivirus protection is still needed in today’s environment. By now we shouldn’t have to warn anyone to install a quality antivirus program and keep it up-to-date. So many businesses still don’t follow this basic rule, though. This is something that any small business can implement in a few hours and automate.

Protecting Small Business Data: Restrict Admin Accounts
Most small businesses buy a few PCs and attach them to a small local area network. They don’t use domain services or group policies. That’s okay. It’s not always appropriate for a small business to utilize these kinds of services. It is important to make sure that employees aren’t using admin accounts on their PCs, though. Admin accounts are setup by default. Changing a user’s profile from being an admin to a standard user eliminates 90% of virus and attack-ware threats. Employees can always elevate privileges on the PC when they need to install software.

Protecting Small Business Data: Education
Nothing is more important than education. Employee education can significantly reduce the threat of cyber attacks. Even simple reminders to avoid opening links or attachments in email will significantly reduce the chances of an attack. Hold monthly education meetings or assign a “security guru” to send out weekly or monthly newsletters for employees to read and act on. These are basic steps but speaking to the last point, awareness and education is a significant part of the battle against data breach and data corruption. Please let us know if you have other questions. The needs of our customers frequently grow in one area or the other, such as the recent spike in ransomware. We might bring your concerns to the blog to help others, as well.

source: securedatarecovery.com