Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year.
Last Updated: May 19, 2020, 12:35 PM IST
Money trumped spying as the top motivator for data breaches last year, according to Verizon’s annual report on cybercrimes published on Tuesday. About nine out of 10 breaches were financially motivated, based on an examination of more than 32,000 incidents and nearly 4,000 confirmed break-ins in 81 countries, the report said.
Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year. As the coronavirus pandemic has forced people indoors, cyber attacks on businesses are expected to climb. The report found that 86% of breaches were for money, not for purposes of spying. Credential theft, phishing and compromising business emails caused 67% of the cyber attacks.
As more businesses moved to web-based solutions, so did hackers. According to the report, breaches on web and cloud applications rose to 43%, double the previous year. Companies like Facebook Inc and Salesforce have extended working remotely to at least the rest of the year, with more businesses expected to follow suit. Verizon Business Group CEO Tami Erwin said the “digital transformation” to the work-from-home model during the coronavirus pandemic has presented a number of security red flags.
“A lot of people ended up sending workers to work from home without really thinking through what were some of the security elements in the future,” Erwin told Reuters. “I think employees working from home are probably more vulnerable to attacks,” Erwin said businesses can protect themselves from cyber attacks by keeping employees educated on phishing and other fraudulent tactics to access sensitive information.
No, we are not reviewing the cute, bold and loyal dog that is usually very wary of strangers. But the concept seems similar. Here, Akita is a security device that is wary of strangers and anyone with a malicious intent who may be eyeing the smart devices in your Internet of Things (IoT) home. All the devices that connect with the internet at some point, can be used by hackers to spy on you or take control of smart home functionality, for instance, or can be the target of botnets, AI powered malware and crypto hijacking.
But why do you need one? Chances are, your home as more smart devices, and by that we mean connected devices, than you probably noticed. A smart TV, media players connected to the TV, smart lights, smart appliances, smart speakers such as Amazon Echo and Google Home, smart displays such as Amazon Echo Show and Google Nest Hub, smart cameras, a water purifier or air purifier that connects with the internet and so on. The thing is, none of these smart devices have any security built in. That is where Akita steps in and adds a layer that analyses the data packets being to and from these smart devices on your network—and immediately raises an alarm if something is amiss. It is priced at Rs 9,000 and one Akita is what you need for an entire home Wi-Fi network.
It looks very complicated. Is it?
It doesn’t take long to set up if things go well, but you need to be careful to be doing things right during this process. You need to keep some basics in mind when you do set up Akita. The hexagonal design does come across as rather attractive and cool. First, it needs to be connected directly to the modem that is hooked up to the internet line coming into your home. Use one of the LAN ports on the router (depending on your router, there will be between one to four ports) to connect to the Akita—and plug the ethernet cable into the yellow LAN port on the Akita. This is when you power on the Akita and wait for up to 10 minutes for the server connection to be established with the device. You can, in the meantime, download the Akita app on your iPhone or Android phone (free downloads on the Apple App Store and the Google Play Store) and begin the processing of connecting this with your Wi-Fi network.
You have to scan the QR code on the bottom of your Akita device to set it up. The app will guide you through the process. The one limitation with Akita is that is it only connects with 2.4GHz Wi-Fi networks. That should not be a problem with most recent Wi-Fi routers that allow you to set up an SSID (basically your network name) and it has both 2.4GHz and 5GHz bands enabled. If your router is slightly older or one of the more affordable ones—there should be the option to enable 2.4GHz band. The app will tell you what all networks you can connect to.
Once everything is set up and the server connection is established—you’ll get the blue light on the notification LED on the Akita—the app will list out all the smart devices on your network. Mind you, while Akita itself connects to a 2.4GHz Wi-Fi network, it can and will detect smart devices connected on 5GHz networks as well, as long as the network name or the SSID is the same. Be it Amazon Echo speakers, smart TVs, smart lights, the lot. It is not a very well designed or slick app, but you find your way around soon enough. However, leave the Akita hard-wired to your router anyway for the server connection to remain established and stable.
What does it do?
Akita monitors traffic on each of these devices. If it notices something that is out of the ordinary, which is usually when someone is attempting to do mischief with your smart devices such as smart cameras or smart thermostat, Akita will detect the incoming packets of traffic on the network for intrusion attempts and block access before notifying you. During this time Akita also sends the info from these packets back to its server for analyzing, to verify if it’s a genuine threat or not.
But I have a Mesh router? Will it work?
Yes, Akita works with traditional single unit routers as well as the newer mesh Wi-Fi systems for larger homes. It worked very well for me with the single unit router, the trusty old Netgear Nighthawk X6 and also the uber-cool Ubiquiti AmpliFi HD mesh system. Both these routers have different styles of controls for enabling and disabling 2.4GHz and 5GHz networks, and it worked seamlessly with both as long as the 2.4GHz network was available for it to scan and connect to.
So, is Akita a firewall?
Well, yes and no. It is a firewall in the sense that it will detect if something is amiss with your IoT gadgets. But that is where it does more—it proactively takes action to analyze and respond to threats. It is also not a firewall in the sense that it isn’t a piece of software or an app that you can manually control or install someplace.
Will this change the way I connect to the internet?
Akita runs a Qualcomm QCA9531 processor clocking at 650MHz, with 64MB RAM and a bunch of security software that runs on the device and from the cloud—Akita network scanner and monitor, Akita cloud system and more. At no point does Akita have any bearing or impact on your internet speed, or the connectivity of your laptop, PC, phones etc. to your home Wi-Fi network.
Is the protection free forever?
Yes. You have the option to sign up for one of the premium subscription options, but even if you don’t, the Akita service and the basic security prowess is available to you. The free plan will give you complete monitoring of all malware, botnets, crypto hijacking and hacking attempts.
There is the Advanced Protection Plan for $3.99 per month that enables access to human assistance in case you need to fix something in your IoT home that has been targeted. And then there is the one-time service that costs $24.95 as a one-time subscription fee that will give you the option of letting the Akita experts fix anything that is flagged or broken in your smart home security protocols.
The Last Word: Your smart home definitely needs this
It was incredible to note that after setting up the Akita for the review process and testing it thoroughly, I had powered it down because not many smart devices were active at the time. The Akita support team sent me multiple emails to remind me that my Akita seems to be offline and in case I’m not able to fix it, I should connect with them for help. That is the level of attention to detail which simply adds to the trust factor about a security device designed to keep your smart gadgets safe from those with malicious intent. As a device and as a concept, Akita is quite interesting. It may sound like a complex addition to your smart home ecosystem, but it isn’t. in fact, once this is up and running, it needs absolutely no attention—till it may notify you about something. It is the sort of insurance that I would recommend you get for your smart gadgets. The peace of mind knowing someone is monitoring your smart cameras, smart lights and smart speakers, is priceless.
The data was stolen from a large media and entertainment law firm by hackers which included a total of 756GB including contracts, nondisclosure agreements, phone numbers and email addresses, and personal correspondence.
Last Updated: May 12, 2020, 12:08 PM IST
A large media and entertainment law firm in the US representing top-notch celebrities like Priyanka Chopra, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen and more has experienced a major data breach where hackers got access to personal data of these celebrities. The trove of data stolen from the New York-based firm by hackers “a total of 756GB” includes contracts, nondisclosure agreements, phone numbers and email addresses, and “personal correspondence “, reports Variety.
The law firm Grubman Shire Meiselas & Sacks, or gsmlaw.com for short, experienced a ransomware attack that apparently involved the appropriately named REvil malware. Other celebrities whose sensitive personal data has been hacked are Christina Aguilera, Mariah Carey, Jessica Simpson, Naomi Campbell, Robert De Niro, Sofia Vergara, Spike Lee, the Osbournes (Ozzy, Sharon and Kelly), and several more.
Representatives for the law firm did not issue comment and their website gsmlaw.com was effectively offline, displaying only its logo. In addition, top companies on the firm’s client list include Discovery, EMI Music Group, Facebook, HBO, Imax, MTV, NBA Entertainment, Playboy Enterprises, Samsung Electronics, Sony Corp. Spotify, Tribeca Film Festival, Universal Music Group and Vice Media Group, among others. According to global cybersecurity firm Sophos, rather than simply knocking the law firm out of action temporarily, the ransomware crooks have stolen personal data from a laundry list of celebrity clients.
In such ransomware attacks, said Sophos, cybercriminals use the threat of releasing the stolen data as leverage to extort payment. REVil, also known as Sodin or Sodinokibi, isn’t just operating on the old-school ransomware model of “scramble your files and offer to sell you back the decryption key”. The latest trend in ransomware attacks is to use a double-barrelled weapon that gives victims two reasons to pay up.
According to Sophos, the original criminal plot behind ransomware was that if you didn’t have reliable backups that you could restore quickly, then you might have little choice but to pay up to decrypt all your scrambled files and get your business moving again. In recent months, however, the cybercriminals have doubled down on their leverage. Before scrambling all your files as a way of grabbing your attention, the crooks quietly upload huge troves of so-called acetrophy data” that they use to blackmail anyone who is hesitant to pay up.
In other words, the financial extortion is no longer just a “kidnap ransom” to get your files back, but also a blackmail demand to stop the crooks leaking your data – or, worse still, your customers’ data – to the world. “Indeed, the REvil crew has already followed through on its threats to embarrass victims who don’t pay,” Sophos said in a statement on Tuesday. Given that ransomware crooks are no longer just keeping you away from your data but also threatening to put the rest of the world in touch with it, prevention is very much better than cure, said Sophos.
Less star-studded but no less worrying is a simultaneous report that global mailing equipment company Pitney Bowes has experienced an attack by the Maze ransomware. According to Sophos, Maze is another cybercrime gang that goes in for huge ransoms and threatens to expose stolen data, infamously demanding about $6,000,000 last year from cable and wire manufacturer Southwire. Southwire hit back by filing a so-called John Doe (the name used in the USA where defendants haven’t yet been identified) civil lawsuit against the as-yet-unknown criminals behind Maze.
According to a study, a large number of mobile phone apps have hidden or harmful behaviours about which end users know little to nothing, allowing hackers to access private data.
Last Updated: April 1, 2020, 4:29 PM IST
Cybersecurity researchers have discovered that a large number of mobile phone applications contain hardcoded ‘backdoor secrets’ allowing hackers to access private data or block content provided by users. “The study’s findings: that the apps on mobile phones might have hidden or harmful behaviours about which end users know little to nothing,” said study author Zhiqiang Lin from the Ohio State University in the US.
“Typically, mobile apps engage with users by processing and responding to user input. For instance, users often need to type certain words or sentences or click buttons and slide screens. Those inputs prompt an app to perform different actions,” Lin added.
For this study, the team evaluated 150,000 apps. They selected the top 100,000 based on the number of downloads from the Google Play store, the top 20,000 from an alternative market, and 30,000 from pre-installed apps on Android smartphones. They found that 12,706 of those apps, about 8.5 per cent, contained something the research team labelled “backdoor secrets” – hidden behaviours within the app that accept certain types of content to trigger behaviours unknown to regular users.
They also found that some apps have built-in “master passwords,” which allow anyone with that password to access the app and any private data contained within it. And some apps, they found, had secret access keys that could trigger hidden options, including bypassing payment.
“Both users and developers are all at risk if a bad guy has obtained these ‘backdoor secrets,’. In fact, motivated attackers could reverse engineer the mobile apps to discover them,” Lin said. According to the study, developers often wrongly assume reverse engineering of their apps is not a legitimate threat. “A key reason why mobile apps contain these ‘backdoor secrets’ is because developers misplaced the trust,” said study lead author Qingchuan Zhao.
To truly secure their apps developers need to perform security-relevant user-input validations and push their secrets on the backend servers. In addition, the research team have developed an open-source tool, named InputScope, to help developers understand weaknesses in their apps and to demonstrate that the reverse engineering process can be fully automated. The study was accepted for publication by the 2020 IEEE Symposium on Security and Privacy in May. The conference has been moved online because of the global coronavirus (COVID-19) outbreak.
A hacker named “EvanConnect” has developed a device which helps users break into any luxury car that uses a wireless key fob system. He named the device “keyless repeater” which he sells for $9,000 and demonstrated that how it works in a video which he released recently. The video shows him approaching an unattended car which belongs to his friend who gave him permission to use it and using the small handheld device with an antenna to unlock the driver’s side door of the car and start the engine, dailymail.co.uk reported on Friday.
In the video, he admits there is no guarantee as to how his customers might use the device. He said in an interview that his device works on all luxury cars except for those that use frequencies between 22 and 40 khz, such as Mercedes, Audi, Porsche, Bentley and Rolls Royce models released after 2014. Additionally, he also mentioned about the upgraded version of the same for $12,000 which can unlock any car that uses a wireless fob system.
“Honestly I can tell you that I have not stolen a car with technology, it is very easy to do, but the way I see it, why would I get my hands dirty when I can make money just selling the tools to other people,” he said. Samy Kamkar, a security expert Vice after reviewing EvanConnect’s footage, said the keyless repeater technology is commonly known in the field. “I ca not validate that the video is legitimate but I can say that it is 100 per cent reasonable (I have personally performed the same attack on more than a dozen vehicles with hardware I’ve built and very easy to demonstrate),” the report quoted Kamkar.
Usernames, passwords and IP addresses of several devices were published hackers on a popular hacking forum on the dark web.
Updated:January 20, 2020, 3:18 PM IST
Amazon owned Ring security cameras
A hacker has leaked usernames and passwords of over five lakh servers, routers and Internet of Things (IoT) devices on the Dark Web which can be used to install malware on Internet-connected devices at home or at work. Attackers could use those credentials to gain remote access to the affected devices, like we have seen recently in some home cameras and devices, including Amazon-owned Ring security cameras.
According to reports, the list of Telnet credentials has been published on a popular hacking forum that includes each device’s IP address, along with a username and password for the Telnet service. Telnet is one of the earliest remote login protocols on the Internet. It is a client-server protocol that provides the user with a terminal session to the remote host from the telnet client application.
“Hackers scan the internet to build bot lists, and then use them to connect to the devices and install malware,” said the report. The list has been published online by the maintainer of a Direct Denial of Service (DDoS) botnet operator. However, some of these devices might now run on a different IP address or use different login credentials.
“Some devices were located on the networks of known Internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major Cloud service providers,” the report mentioned. The five lakh devices still remain at hacking risk as a hacker can use the IP addresses included in the lists and then re-scan the internet service provider’s network to update the list with the latest IP addresses.
Amazon’s Ring subsidiary came in news for all the wrong reasons where customers’ in-house cameras were broken into and the hackers tried to intimate the residents, including children. In the US, parents of an eight-year-old girl were left stunned when a hacker accessed a camera installed in their daughter’s room and taunted her.
Get the best of News18 delivered to your inbox – subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what’s happening in the world around you – in real time.