Newsletter
IT and Cyber Security News Update from
Centre for Research and Prevention of Computer
Crimes,
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)
Since June 2005 December
24, 2014 Issue no 1522
Tenth year of
uninterrupted publication
Todays edition
MONITOR : Intelligence
agencies to monitor Twitter and Facebook's revenue
models
RISK : The
Sony Hack - A Question of When for Other Companies
HACKED : South Korea Nuclear Plant
Operator's Computers Hacked
PREDICTION : What does 2015 hold in store
for cyber crime?
(Click on heading above to jump to related item. Click on Top to be back here)
MONITOR : Intelligence agencies to
monitor Twitter and Facebook's revenue models
Aman
Sharma
ET
Bureau
Dec
23, 2014
NEW
DELHI: Central intelligence agencies are planning to look at the revenue model
of prominent social networking websites like Twitter, Facebook
and YouTube to see how the government could ensure that these sites act on its
call for action against terror content and efforts to target India. The move
follows activity on Twitter and Facebook where
content has been floated with a concerted effort to show that Indian agencies
were behind last week's bloody terrorist attack on a school in Pakistan.
"We
expect these social networking websites to be more responsible in blocking such
content and one way to enforce that could to be study their revenue model in
India," a senior intelligence official told ET. He added that since
servers of the websites are located abroad, the government needs to study
"other avenues" to get the online networks to act. A Twitter
representative declined comment.
A
source at one of the social networking websites said their revenue model was no
different in India than abroad and that there was some sort of disconnect
between the technology and the government's understanding of it. In fact, the
social networking websites had been in touch with India's security
establishment and had even held workshops for their officials, the source said.
Twitter has meanwhile taken some steps, such as blocking the account of India's
most wanted terrorist, Mohammad Hafiz Saeed.
Government
steps on cyber security were exposed earlier this month when it was revealed
that the country's intelligence agencies were unaware of the activities of a Bengaluru man who was tweeting ISIS propaganda. Home
Minister Rajnath Singh, in consultation with National
Security Advisor Ajit Doval,
subsequently set up a committee of intelligence officials, including private
experts, to help the National Technical Research Organisation and the Intelligence
Bureau to draw up a mechanism for effective monitoring of social media for
terror content.
RISK : The Sony Hack - A Question
of When for Other Companies
Pinar Yildirim and Andrea Matwyshyn discuss the Sony hack.
Wharton
University
Dec
22, 2014
http://knowledge.wharton.upenn.edu/article/lessons-from-the-sony-hack/
The cyberattacks on Sony Pictures in response to a movie that
depicts a plot to kill North Korean leader Kim Jong-un
should serve as a wake-up call in the digital age for companies that have
hitherto been lax on information security.
That
is the major takeaway for companies who are watching this train wreck and breathing
a sigh of relief that it wasnt them, according to Andrea Matwyshyn,
a law professor at Princeton University. The hacking has been a public
relations nightmare, for Sony, adds Wharton marketing professor Pinar Yildirim, as leaks of internal communications have
fractured relationships and cast major Hollywood players in an unflattering
light.
The
two experts discussed the likely fallout on the Knowledge@Wharton
show on Wharton Business Radio on SiriusXM channel
111. Listen to the podcast at
http://businessradio.wharton.upenn.edu/
Sonys
latest troubles began as it prepared for a Christmas release of The Interview,
a satirical comedy about the attempted assassination of the North Korean
leader. An angry North Korea wanted Sony to can the movie, and its state news
agency threatened to target all the citadels of U.S. imperialists if the
movie was released. In recent weeks, hackers broke into Sonys systems and
leaked troves of company files and emails. The hackers warned of 9/11-style
attacks, which led major movie theater chains and cable broadcasters to decline
to screen the movie.
Hands
tied, Sony last week canceled the Christmas release of The Interview. The
Federal Bureau of Investigation blamed North Korea for the hacking, but the
dictatorship denied it and called for a joint investigation with the U.S. The
situation escalated with President Barack Obama stating that the U.S. will
respond at a time and place and manner that we choose, and North Korea warning
of grave consequences if the U.S. were to do so.
For
Sony, the fallout goes far beyond battling accusations from freedom-of-expression
activists that it caved to demands from hackers. The 38 million files hackers
stole and distributed on file-sharing sites include screening versions of five
forthcoming films and the script of a new James Bond movie, in addition to Sony
executives emails, and salary and other personal information. [The
consequences] may go beyond the movie
. [Sony] may face lawsuits for not
protecting employee information, said Yildirim. So
it is a much worse nightmare for Sony.
A
Multi-Faceted Threat
Its
been an enterprise-wide, multi-technology faceted attack, Matwyshyn
said of the hacking. I hope [companies] will go back to their chief security
officers to see what they can do to ensure this doesnt happen to them. She
added that companies must create processes to ensure on an ongoing basis that
they are vigilant and prepared not only to prevent such cyber attacks, but also
to contain the damage once it is underway. It can only happen proactively with
the cooperation of not only the IT staff [at companies]; it has to come from
the top.
Companies
across the entertainment industry must be scurrying today making sure all
their processes are squared away and up-to-date, said Matwyshyn.
Yildirim agreed that many of the movie studios must
be thinking of protecting themselves.
Across
a broader spectrum, Matwyshyn said companies must
have a board member in charge of strengthening their IT security systems.
Particularly for more traditional companies, this is a real challenge it is
a cultural shift that needs to happen, she noted. It cant happen overnight
and it is a somewhat painful process. But the reality of the digital age is
that intangible assets matter at a whole new level now. Twitter
Many
companies in the entertainment industry may already be in the sights of
hackers, warned Matwyshyn. Chances are you are
already on the radar of many different people who may already be setting up
malware in your networks and just hanging out and waiting for the right time to
spring their desired attack, she said. If you dont have [security controls]
in place, you are a sitting duck. It is only a question of when and how severe
it will be.
A
loss of trust is another casualty companies could face if their security
systems are weak. Yildirim cited the damage-control
moves by Sony Pictures co-chair Amy Pascal after the hackers released her
emails on James Bond candidates and other sensitive information. It could have
long term impact on trust with [Pascal], she said. The message to the broader
movie community is to avoid making [such potentially controversial] comments,
especially on the Internet.
Matwyshyn
said the impact would have been devastating if the leaks had involved a
companys sensitive research and development information, and that it should be
a call for action. If the basics of due care arent visible in your enterprise
from the top down in terms of security, you will have a really hard time
explaining why the losses are so devastating to your shareholders, to your
board, to the outside public, she said. A hacking incident similar to Sonys
may also put off future business partners who may perceive your business to be
run sloppily, and may not want to do business with you in the future and trust
their sensitive information [with you], she added.
An
Unsophisticated Attack
According
to Matwyshyn, the Sony breach was not actually a
very sophisticated attack because many pieces of the malware and the ways they
compromised the systems are well known in the information security industry,
she said. She speculated that the perpetrator of the attacks could have been
some IT criminal enterprise or a bunch of disgruntled IT administrators that
were fired and want to do reputational and financial harm to the company.
The
only plus of the Sony hacking from the companys perspective could be a
heightened interest among moviegoers to go see The Interview. Studies show
that if movies are pirated closer to the release date and if they are in file
sharing environments, it might increase demand for the movie, said Yildirim. She predicted that after some time has passed,
Sony may screen the movie, or parts of it, or that a bootlegged version will
surface.
Also
see
HACKED : South Korea Nuclear Plant
Operator's Computers Hacked
But
Officials Say No Risk To Safety Of Reactors
By Meeyoung
Cho
Reuters
22/12/2014
SEOUL (Reuters) - Computer
systems at South Koreas nuclear plant operator have been hacked, but only
non-critical data has been lost and there is no risk to the safety of nuclear
installations including the country's 23 atomic reactors, the company and the
government said on Monday.
The attacks come amid
concerns that North Korea may mount cyberattacks
against industrial and social targets after accusations by the United States
that Pyongyang was responsible for a devastating hacking assault on Sony Pictures.
South Korea is still
technically at war with the North.
South Korea's energy ministry
said it was confident that its nuclear plants could block any infiltration by
cyber attackers that could compromise the safety of the reactors.
"It's our judgment that
the control system itself is designed in such a way and there is no risk
whatsoever," Chung Yang-ho, deputy energy minister, told Reuters by phone.
An official at Korea Hydro
and Nuclear Power Co Ltd (KHNP), the nuclear plant operator that is part of
state-run Korea Electric Power Corp, told Reuters that the hacking appeared to
be the handiwork of "elements who want to cause social unrest".
"It is 100 percent
impossible that a hacker can stop nuclear power plants by attacking them
because the control monitoring system is totally independent and closed,"
the official said.
Neither Chung nor the KHNP
official made any mention of North Korea.
They also said they could not
verify messages posted by a Twitter user claiming responsibility for the attacks
and demanding the shutdown of three aging nuclear reactors by Thursday.
The user who was described in
the posting as chairman of an anti-nuclear group based in Hawaii said more
documents from the nuclear operator will be posted if the reactors are not
closed.
Seoul prosecutors are
conducting a criminal probe into the leak of data from KHNP, including
blueprints of some nuclear reactors, electricity flow charges and radiation
exposure estimates.
They have traced the IP used
for a blog carrying the stolen documents to an online user in a southern city
who has denied knowledge about the postings and claimed his user ID has been
stolen.
PREDICTION : What does 2015 hold in
store for cyber crime?
BAE releases five predictions for the year ahead
by
Catherine Neilan
23
December 2014
This
year has had more than a few digital crimes committed, ranging from the North
Korea Sony hack, which is still playing out, to the iCloud
hack known as iBrute, resulting in nude photos of
celebrities being published online.
But
what does 2015 hold in store for digital crime, and how can we protect
ourselves against the next wave of cyber criminals? BAE Systems Applied Intelligence
has five predictions for the what we should be looking
out for:
1.
Fragmentation of cyber criminal activities
The
past five years have seen an increasing industrialisation
of the cyber criminal marketplace, BAE says. Specialists working across
malware, counter-AV testing, spamming, hosting, card cloning and money-muling, among others, have developed markets of their own.
According to the defence group this means crime as a
service is a reality, lowering the barrier to entry for budding criminals and
fuelling the growing threat, year after year.
BAE
says this fragmentation will become increasingly challenging for those working
in security to counter, arguing for greater law enforcement to be deployed.
This should enable them to ramp up the number of simultaneous investigations
and make disruption a business as usual activity, says BAE's managing
director of cyber security Scott McVicar.
2.
Hyper regulation
Knowing
that they could be fined millions of dollars, financial institutions are no
longer happy to simply comply with regulations: they want to actively search
out money launderers and other criminals.
We
believe more organisations will hire more big hitters from the law enforcement
and national security world to show they are serious about stopping the
criminals, McVicar says.
There
will be better integration working across departments as they attempt to detect
and tackle the problem.
3.
The next industrial revolution
The
Internet of Things is going to bring us the next industrial revolution,
resulting in the automation of many tasks and massive productivity gains. But
security professionals are already warning about what that could mean for
security, particularly with machines such as cars and medical equipment
becoming part of the connected world.
That
will change the way we approach security, McVicar
believes. We anticipate that 2015 will see increased focus on building in
security-from-the-start for the next industrial revolution, he says. Rather
than being an impediment, we expect that good security can actually speed up
the realisation of this next industrial revolution.
4.
Hiding hackers
BAE
expects that next year cyber attackers will go to greater lengths to hide
their identity and improve their own security, which could seriously hamper the
emerging methods used to locate hackers, which risks casting a shadow over the
field of threat intelligence. McVicar says:
Researchers will need to adopt practices from the professional intelligence
community and tread more carefully when drawing conclusions about who is
ultimately behind cyber attacks.
5.
Crunch time for Big Data
Big
Data is going to mature next year, with competing platforms, support services
and a strong market for developers, data scientists and so on. As a result,
business leaders want to see real results from their technology teams.
McVicar
believes this will focus minds, shifting their approach from thinking about
getting more data in to getting more out of existing data.
There
will be a shift from technologies which enable storage and basic reporting to
those which enable meaningful intelligence to be extracted. Use-cases such as
network monitoring, fraud-detection, and security analytics will be popular
driven by the increasing overlap between cyber threats and other risks and more
focused board-level attention on managing cyber security across the business,
he adds.
DLL
Stands for "Dynamic
Link Library." A DLL (.dll) file contains a library of functions and other
information that can be accessed by a Windows program. When a program is
launched, links to the necessary .dll files are
created. If a static link is created, the .dll files
will be in use as long as the program is active. If a dynamic link is created,
the .dll files will only be used when needed. Dynamic
links help programs use resources, such as memory and hard drive space, more
efficiently.
DLL files can also be used by more than one program. In
fact, they can even be used by multiple programs at the same time. Some DLLs
come with the Windows operating system while others are added when new programs
are installed. You typically don't want to open a .dll
file directly, since the program that uses it will automatically load it if
needed. Though DLL filenames usally end in ".dll," they can also end in .exe, .drv,
and .fon, just to make things more confusing.
Few Men desire Liberty; most
Men only wish for a just master.
Sallust
Note -