Credit: Getty Images. NB. not the actual fish involved
We have talked about phishing before and warned you of the dangers of phishing emails that spread malware, ransomware and other toxic payloads. Today however we are talking fish. Actual fish.
It was never going to be long before the obsession with web-enabling everything from air conditioning to kettles, caused a bit of a problem. In this case, a web-enabled fish tank (stay with us) was hacked and using this fish tank’s connection, criminals managed to move through the network and steal data from the fish home a ‘smart tank’ in a casino…
If you consider the use web-enabled equipment, including any animal enclosures, please risk assess it thoroughly and please protect it properly from fishers, phishers and other cyber botherers. Criminals will head for the point of least resistance every time and you need to know where that is before they do.
If you want to view some free content of ours on cyber protection, head over here.
The UK Information Commissioners Office (ICO) is taking a look at lovation tracking software installed without users knowledge who log into online betting services.
The use of this software may be contravening the Data Protection Act (1998) as this Act requires data subjects to be aware if their personal information is collected and give permission for it to be used in ways they agree to and nothing more.
The timing of this investigation is crucial as GDPR will enter law next May and fines of up to 4% of global turnover will come into force for serious data protection breaches.
If you want to read more about the story click here.
If you want to learn more about Data Protection and GDPR click here.
Players are being asked to exercise caution in what they post in the TwoPlusTwo forum and some have been advised to change their passwords.
Any question of a hack should mean all users would be sensible to change their passwords and to something they do not use elsewhere, that is robust and does not contain dictionary words. If you would like some guidance on the best way to do this, try our main blog here.
If you would like to read the whole story, click here.
(US) Michigan casino Four Winds has discovered that cardholder data including all of the data stored on the mag strip, has been stolen by hackers and the casino is warning users between October 2014 and October 21, 2015 , that their information may have been compromised and/or stolen.
Cybercrime knows no geography, so it is important not to be distracted by the location of the crime. This may have happened in Michigan, but the criminals could be anywhere.
There are no details available yet on how the hackers managed to upload the code that allowed this information to be copied from the casino system. Phishing of employees is one of the most popular and successful routes into a business and ensuring employees are able to spot phishing and its more aggressive and successful big brother, spear phishing, is imperative. Employees are always going to be the Achilles heel of a security strategy and that is why businesses that handle personal information, need to ensure they place enough importance on training and re-training them with security awareness and the latest threats.
Insider threat is often a worry for many businesses too and it is the other end of the human threat; when the nefarious individual is already on the inside. Obviously, we don’t know what happened in this instance but this offers all such businesses a warning to review security training, vetting and overall strategy.
The Register has today reported the theft of 150k credit card details from an unnamed casino. Apparently, the casino was a virtual security-free zone, not even sporting a firewall. Experts say there may be six more casinos targeted by the Fin5 hacker gang.
Well done to our MD, Mike Gillespie for making into the Top 10 of the Most Influential in Security 2014.
This has been a great week at IFSEC for Mike. His presentation on UK Cyber Security Posture was very well received and we will be voicing over a version for the website and youtube soon. Getting into the top ten of this prestigious list is a great achievement.
This is a malicious program called ransomware. Most ransomware will effectively lock your computer up then demand payment to unlock it. Cryptolocker is a bit different as it basically encrypts everything on your system: images, document files, databases, but the encryption key is not stored anywhere on the system, it is held by the cybercriminal attacking your system and you cannot unlock and decrypt your files without them. Unfortunately you will not be aware that your files are being encrypted in front of your eyes, until it is already done. While it is not a self replicating virus, so it won’t spread across a network unaided, it does search for files to encrypt so your network is at risk if there is an infection.
According to the notice from the NCA, some ISPs will be contacting users if they suspect they have an infected system. Of course this does raise the issue of potential fresh exploitation by those scammers who like to phone people up claiming to be from Microsoft and telling people their machine is affected by viruses and they must pay to have it cleaned. So people are going to need to be very wary and well informed when going through this process.
This is a crime and if it happens to you report to Action Fraud Do not hand over any money or Bitcoin.
According to the NCA there is a two week (13 days from today) window in which you can rid your operating system of GoZeus (aka P2PZeus) and Cryptolocker.
What to do now:
Ensure your operating system and security software are regularly updated.
Ensure anti-virus tools and definitions are up to date. If you don’t have these tools then rectify that. These are security basics.
There are Cryptolocker prevention kits on the market, if you decide to go this route choose carefully.
Phishing and spear phishing: Don’t open attachments from unknown sources or from emails that appear to be from a legitimate source but you do not fully trust. The same applies for links it asks you to click. Examples might be bank emails that tell your account has been locked down or accessed suspiciously. Use your normal method of reaching your bank, do not click the links.
Regularly back up important data and keep it within unconnected storage. If you do get attacked you should be able to restore your data if you back up properly. Its a pain but its better than losing everything.
Businesses should check incident response and resilience protocols to monitor for infection.
Ensure staff are educated in good security practices and how to spot threats and phishing. Run regular update sessions and keep up to date on current threats and methods being used by attackers. Ensure good security hygiene across your organisation.
Use software to identify if a computer is infected. If so, disconnect it from networks immediately and seek professional advice.
If you believe you have been compromised, change online account passwords and network passwords after removing the system from the network.
Don’t share passwords, don’t reuse passwords and keep work and personal passwords distinct and separate.
Block .exe files over email, including within ZIP files. This can usually be done using an anti-spam system.