30 Million Users Do Not Like Facebook Being Hacked

Cyber Attack, Hacking, security, Security, Security Threats, , , ,
30
Oct 2018

Facebook has started to reveal more details regarding the hack they experienced in September 2018 which has put 30 million users’ data at risk.

One of the most popular websites on the planet, Facebook has managed to amass a mammoth user base which totals around 2.23 billion. As a result, Facebook is an organization which retains a near unparalleled amount of data on its servers. To say that it’s a target for hackers would be an understatement, it’s more like the holy grail for any hacker who’s ever picked up a keyboard. And now it’s been hacked.

Facebook may be a massive organization making billions of dollars in revenue every year, but this doesn’t mean they’re immune from security lapses. It’s a fact which highlights the importance of good cyber security for any organization operating in the digital sphere. Let’s take a look at what happened.

How Facebook Got Hacked

The techniques behind the Facebook hack are complex, but for a talented hacker the methods employed are relatively simple. Targeting in on three bugs in the Facebook code for the ‘View As’ section – which allows users to view their own profile as if they’re a different user – the hackers were able to obtain important ‘access tokens’. These access tokens are the pieces of code which ensure that users remain logged into Facebook without prompting for login information every time they try to access Facebook.

The hackers were able to build an initial pool of 400,000 accounts that they controlled with these access tokens. From here, the hackers began to harvest data from all these accounts and, when complete, used an automated process to hack into the accounts of friends listed on the initially compromised account. Moving from account to account in such a way ensured that the number of hacked accounts grew exponentially with the final figure totaling around 30 million hacked accounts. Sensitive and personal data, of course, is what hackers thrive on and within these 30 million accounts they found plenty.

15 million Facebook users found that the hackers were able to access their name and contact information, while another 14 million users had details compromised such as gender, current address, birth date and the last 10 places they checked in at. The remaining one million hacked accounts ‘merely’ had their access tokens compromised with no personal data being on offer to the hackers. Unfortunately, for Facebook users, it took nearly two weeks to bring the hack to a close. Unusual activity was first recorded on 14th September, but it wasn’t until 11 days later that Facebook was able to confirm an attack was taking place. Two days later the attack was shut down and new access tokens issued.

If Facebook Can Get Hacked

Facebook use their own code so, naturally, the exact hack that blighted their systems is unlikely to affect your organization. However, the vulnerability of software is a universal concern for any organization that faces the public digitally. As ever, the basics of good cyber security should be adhered to at all times such as:

  • Installing all updates at the point of issue
  • Regularly updating passwords to protect user accounts
  • Training your staff on the methods used to execute an attack

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Scottish Brewery Hit by the Dharma Ransomware

Dharma, email security, Phishing, Phishing Email, Ransomware, Security, , , ,
23
Oct 2018

Ransomware continues to cause chaos for organizations with the latest story to hit the news concerning a Scottish brewery infected by the Dharma ransomware.

While it has been reported that ransomware attacks have fallen by 30% in the last 12 months, the fact remains that they’re still capable of causing significant disruption. In the case of the Arran Brewery on the Isle of Arran, Scotland, the organization had to accept that they would lose around three months’ worth of sales data due to the effects of the attack. This, of course, is the last thing that any business wants and acts as a fine reminder that we need to be on guard against ransomware.

To help provide a little background and demonstrate how the attack unfolded, we’re going to take a closer look at what happened.

Attacking the Brewery

What’s most interesting about the attack on the Arran Brewery is that it would appear the attackers deliberately targeted the brewery. Instead of a scattershot approach which targeted multiple organizations, the hackers focus was clearly on the Arran Brewery. Just before the attack, multiple adverts for a job at the Arran Brewery (which had already been filled) appeared on recruitment sites all over the globe. Naturally, the brewery received a sharp increase in the number of CVs being emailed in but, unfortunately, one of the emails contained a malicious payload.

The payload was contained with a PDF attachment which, when opened, initiated the attack and infected the entire network. Following the encryption of the Arran Brewery’s files, a ransom demand was issued which advised that the encryption keys would only be released in exchange for 2 bitcoin (roughly $14,000). Thankfully, an IT consultant was able to retrieve a significant amount of the encrypted data from backups and rid the system of the infection. However, certain files couldn’t be restored and, due to it not being economically viable to pay the ransom, the Arran Brewery decided to write off three months’ worth of sales data.

What is Dharma?

Dharma is a strain of ransomware which was first released in 2016 and has regularly been updated ever since due to the emergence of Dharma decryptors. In September 2018, for example, three new variants emerged which are resistant to previous decryptors. When files are encrypted by Dharma they will automatically append a new file extension onto the existing file and these extensions can include:

  • .dharma
  • .cesar
  • .onion
  • .wallet
  • .zzzzz

Final Thoughts

If anything acts as a reminder that organizations need to be vigilant against ransomware then it’s a current and contemporary threat. Dharma could easily hit your organization next, so you need to ask yourself whether you can afford to lose three months’ worth of data. I’ll let you into a little secret: no one wants to lose three months’ worth of data. Therefore, it’s crucial that you reiterate the importance of email security to your employees in order to maintain access to all your data at all times.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How Do You Reduce the Risk of Phishing Attacks?

email links, Password Security, Phishing, Phishing Email, Security, Security Threats, , ,
16
Oct 2018

Thanks to the power of social engineering, phishing remains a powerful method of hacking organizations. Reducing this risk, therefore, is crucial.

Phishing has been active since the early days of the internet and, unfortunately, it doesn’t appear to be going anywhere soon. Thankfully, you don’t have to fall victim to these deceptive attacks as there is plenty that any organization can do to protect its data. And, don’t worry, it doesn’t involve investing millions in state of the art technology. All it takes is a little bit of common sense and an understanding of how phishing attacks work.

To get you started we’re going to show you how to reduce the risk of phishing attacks.

Antivirus Software is Key

One of the best ways to reduce phishing emails is by working with antivirus software. Capable of scanning attachments and analyzing links contained within emails, a good antivirus software can easily target the two main ways that phishing attacks unleash their payload. However, as with all software, it’s important that you update it regularly and install updates immediately. Phishing attacks can spread round the world very quickly, so you need to stay one step ahead of them.

Keep Up to Date with Phishing Attacks

Hackers are constantly developing their techniques and tweaking their methods, so it’s vital that you keep an eye on what’s happening in the world of phishing. New attack methods can be launched very quickly and be in your inbox within a day, so make sure that you’re regularly monitoring IT news sources to prepare yourself for any incoming threats.

Educate Your Employees

The main targets of any phishing attack against your organization will be your employees, so they have to be educated in order to prevent any data breaches. The basics of phishing are relatively simple, so the training doesn’t need to be too in-depth. All you have to do is ensure that these basics are hammered home so that employees know how to spot a phishing email and how to deal with it.

Practice Phishing Attacks

A popular method for reducing the risk of phishing attacks is by running regular exercises to test your employees. For example, fake phishing emails can be randomly emailed to your employees that test whether they are susceptible to phishing scams or not. Usually, these emails will contain a fake link that urges them to complete something on behalf of the company – such as IT training – but the actual URL contained will be a ‘malicious’ one. Those employees that fail to spot the ‘malicious’ link can then be asked to take a refresher training course.

Combine All Your Preventative Methods

The key to reducing the risk of phishing attacks is by combining all of the above into one multi-faceted security approach. An amazing antivirus software solution, for example, isn’t effective enough on its own. Instead, you need a firm knowledge of the phishing landscape, amazing employee training and regular tests to guarantee that you can tackle phishing on all fronts.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Basics of How Phishing Works

email links, Phishing, Phishing Email, Security, Security Threats, , ,
09
Oct 2018

You’ve read the headlines and you may even have been a victim of phishing, but what is it and how does it work?

Phishing is a highly dangerous form of hacking which can compromise sensitive data and cause significant disruption to the running of a business. One of the main reasons that phishing has become such a successful method of wreaking digital havoc is down to a lack of knowledge on the behalf of PC users. While phishing is far from the most complex hacking technique, the average PC user is unlikely to know the ins and outs of phishing.

As we know that time and productivity is a valuable asset for your organization, we’re going to take a look at the basics of how phishing works.

What is Phishing?

Let’s get one thing straight, phishing is nothing like sitting by a lake and peacefully fishing. In fact, it’s far from enjoyable, but there is one element that remains the same. And that’s the use of bait. You see, phishing thrives upon the use of bait to obtain information out of an innocent party. The most common way to phish, in the digital landscape, is through an email. And, within this email, will be a piece of bait with which the hackers plan to land a prize catch.

Leaving the world of fishing behind, a phishing email is one which uses a number of deceptive techniques to extract sensitive data such as login details, bank details or even secure data such as customer database spreadsheets etc. Essentially, phishing is one big con and, as with all cons, gaining the trust of the victim is crucial to success. That’s why hackers are so keen to appear genuine when they send their phishing emails.

The classic example of a phishing email is one that claims to have been sent from a bank to verify your login details. A scare tactic will usually be employed, such as a report of unusual activity on the account, in order to encourage a swift response which foregoes any rational thought. A link will be included in the email which the user is advised to click in order to go through a series of security checks. However, clicking this link will take you to a malicious website – even if it looks genuine – where your data will be harvested to help fuel identity theft or, in extreme cases, a loss of funds.

Why Does Phishing Work?

You may be wondering why people fall for phishing scams and the simple truth is that it’s down to a lack of concentration and analysis. Phishing takes advantage of these weaknesses on both individuals and security software. By planting a seed of trust, such as promising to safeguard your personal data, the hacker can, in fact, do the complete opposite and use this trust to harm you.

Key to successful phishing emails is the use of social engineering to convince recipients that the emails are genuine. Phishing emails will be packed full of official company logos and it’s even possible for hackers to spoof official email addresses in the From: section of an email. And, for people busy at work, it’s easy for them to take their eye off the ball for just a fraction of a second. As a result, links are clicked that shouldn’t be clicked and hackers land their prize catch.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

High Profile Organizations that Have Been Phished

Cyber Attack, Hacking, malware, Phishing, Phishing Email, Ransomware, Security, Security Threats, , , , , ,
02
Oct 2018

Phishing is now so prevalent and sophisticated that even the biggest organizations on the planet are likely to be duped by phishing scams.

Immunity from such attacks is a difficult privilege to secure, so any organization that wants to remain productive needs to understand the threats out there. While you would expect most phishing attacks to target smaller, less secure organizations, this couldn’t be further from the truth. Instead, many hackers are taking on high profile organizations due to the challenge on offer and the publicity that such attacks bring.

Understanding how these businesses have been phished is crucial as it helps you to understand exactly why you need good security. To provide you with a foundation of knowledge, we’re going to look at some high profile organizations that have been phished.

Facebook and Google

Two of the biggest names in business on the planet, Facebook and Google found themselves at the center of the same phishing scam a couple of years ago.

Evaldas Rimasauskas, from Lithuania, used a simple phishing campaign whereby he posed as the head of a Taiwanese parts manufacturer called Quanta. Key to this scam was that Facebook and Google both used the genuine Quanta company to conduct business with. Through a combination of compromised emails, forged invoices and a lack of suspicion on the two tech giants’ behalf, around $100 million was paid out to Rimasauskas between 2013 – 2015.

Anthem

Anthem is one of the largest health insurance companies in the US and, as you can imagine, they hold a substantial amount of private and confidential data. However, in 2014 they lost nearly 78.8 million consumer records due to a phishing attack.

It’s believed that a foreign government was behind the attack, but the method employed was still ridiculously straightforward. An employee at an Anthem subsidiary opened a phishing email which allowed malicious content to be downloaded to the employee’s PC. Once these files were executed, hackers were able to take control of the PC by remote access and start making their way deep into the Anthem network. One of the sections that were of most interest was Anthem’s data warehouse where the hackers had access to customers’ medical histories, social security numbers and address details.

Snapchat

The popular social media app Snapchat found one of its employees being targeted by a spear phishing scam in 2016 which compromised confidential data.

A seemingly innocuous email was sent to Snapchat’s payroll department in February 2016 which claimed to have been written by the company’s CEO. The email requested that employee payroll information was forwarded on for internal reference. Unfortunately, one of the payroll employees did not realize this was a less than genuine request. A significant amount of personal information about former and current employees was then emailed to an external party. Due to the nature of the data obtained, hackers then had the potential to use it to engineer identity theft.

RSA Security

Even IT security companies aren’t safe from the threat of phishing emails as RSA security discovered back in 2011.

Hackers designed two separate emails which were sent to four employees at RSA’s parent company EMC. The emails, which appeared to be from a recruitment website, contained an attachment referred to as ‘2011 Recruitment plan.xls” in the email’s subject line. However, this was a malicious attachment and, upon clicking it, a zero-day vulnerability in Adobe Flash would be exploited and lead to the download of a backdoor virus onto the user’s PC. The hackers were then able to access RSA’s network where they had access to 44 million employee records.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More