Sunday, November 25, 2012

1 million dolar hacked in 60 seconds from CitiBank

Posted by Mohit Kumar on 10/31/2012 03:38:00 AM | Save as PDF
FBI have arrested 14 people over the theft of $1 million from Citibank using cash advance kiosks at casinos located in Southern California and Nevada.

Authorities say the suspects would open accounts at Citibank, then go to casinos in California and Nevada and withdraw the money from cash-advance kiosks as many times as they could in a 60-second span. Someone had figured out that a glitch prevented Citibank from recording the extra withdrawals.

1+Million+dollar+hacked+in+60+Seconds+from+Citibank
FBI agents assisted by the Glendale Police Department and the Los Angeles Police Department arrested 13 of the defendants in the Los Angeles area Wednesday and Thursday.

The suspects used the money to gamble and were given comped hotel rooms because of the amount they were spending, according to the FBI. Withdrawals were kept under $10,000 to avoid federal transaction reporting requirements, the FBI release read.

FBI Special Agent in Charge Daphne Hearn commented, “While advancements in technology have created a world of accessibility to users and a convenience for consumers, they have also left room for criminals to exploit even the smallest of loopholes. For over 100 years the FBI has kept pace with technological and communication changes in the business world where these types of electronic transactions are the standard and we will continue to do so in order to help protect commercial enterprise and our nation’s economy.

Prosecutors said the suspects allegedly withdrew about $1 million during an eight-month period. FBI agents said the loophole in the Citibank system has now been closed.

5500 ABN-klanten slachtoffer fraude internetbankieren

Bron: www.security.nl 25 november 2012

In de eerste elf maanden dit jaar zijn 5500 klanten van de ABN AMRO het slachtoffer van fraude met internetbankieren geworden, zo laat de bank in een uitzending van het televisieprogramma Zembla weten. Het gaat dan zowel om phishing als malware, zoals banking Trojans. Vorig jaar werden 8.000 Nederlanders volgens de banken slachtoffer van fraude met internetbankieren.

Aangezien alleen ABN AMRO dit jaar al op 5500 slachtoffers zit is de kans dan ook groot dat met de nog onbekende cijfers van ING en Rabobank dit aantal gepasseerd wordt.

In 2011 werden er door phishing en banking Trojans 35 miljoen euro buitgemaakt. Zembla stelt dat banking Trojans dit jaar voor mogelijk 50 miljoen euro schade kunnen zorgen. In de eerste helft van dit jaar bedroeg de schade als 27,3 miljoen euro, aldus de Nederlandse Vereniging van Banken.

Ransomware
Naast banking Trojans gaf Zembla ook aandacht aan ransomware. De malware die computers voor losgeld vergrendelt en sinds 2005 steeds meer gebruikt wordt. Eén van de slachtoffers beweert dat ze ransomware heeft opgelopen bij het bezoek van de website van de Belastingdienst.

Pim Takkenberg, teamleider High Tech Crime Unit (HTCU), laat weten dat van de 250 aangiftes bij de politie, er 50 slachtoffers ook daadwerkelijk het losgeld betaalden. Aangezien de meeste ransomware in Nederland 100 euro vraagt, zou dat op zo'n 5.000 euro neerkomen.

Oplossing
Opmerkelijk genoeg wordt geen enkele keer in de uitzending genoemd op wat voor eenvoudige wijze consumenten zich tegen dit soort ransomware en banking Trojans kunnen beschermen zodat ze toch veilig kunnen internetbankieren. Eén van de slachtoffers weet nog steeds niet hoe het kon dat ze besmet raakte en is tijdens het internetten continu bang dat het weer gebeurt.

De meeste banking Trojans en ransomware weten nog steeds computers te infecteren omdat eindgebruikers hun software niet updaten of bijlagen en bestanden openen die ze niet zouden moeten openen.

Friday, November 23, 2012

Tech Journal: How to Protect Your Emails

By Amit Agarwal
Scott Eells/Bloomberg News
The odds that someone is snooping on your emails could be low, but even so, the communication may not be as private as you might like, says Amit Agarwal
When you send an email, it goes through your Internet Service Provider and a series of mail servers before reaching the recipient’s computer.
Can someone else – such as your network administrator, your ISP, or law-enforcement agencies – intercept and read that confidential message without you knowing?
The odds that someone is snooping on your emails could be low, but even so, the communication may not be as private as you might like. Here are some basic steps you can take to secure your emails:
First, turn on HTTPS Everywhere. When you access your email accounts over a secure HTTP connection (or https), all the traffic flowing between your computer and the mail server will be encrypted, so the bytes, if intercepted, appear as gibberish to any potential snooper.
Second, if you are accessing your email accounts on a public Wi-Fi network – like in a hotel lobby – it might be a good idea to use a VPN service to access the web. Unlike HTTPS, which works only for select websites, a VPN service will encrypt all traffic between your computer and the Internet, protecting your data from the Wi-Fi eavesdroppers. TunnelBear is free VPN software available for PCs and Macs. It doesn’t require configuration – all you have to do is turn the knob to “ON” and you are protected.
Next, if you are sending confidential messages via email, you should encrypt them before they leave the computer. Encryption may sound like a complex word to most users, but the concept is easy to understand and implement.
It works something like this: Write an email message in plain text and an encryption program will scramble your words into something incomprehensible. When you send this encrypted email, the intended recipient can apply a secret key to reveal your original message. If the message is intercepted, the text won’t make any sense without that secret key.
There are different algorithms to encrypt messages but the most popular and secure of them all is PGP, or Pretty Good Privacy.
To get started, you need to enter your email address and a secret passphrase, which the PGP program will use to generate a unique public key and a private key for you. Share this public key among friends with whom you wish to exchange encrypted messages. They can also generate their own public and private keys using their email addresses (and secret passphrases) and then pass on the public key to you. This is a one-time process.
You can now compose an email message as before, but before hitting the send button, let the PGP program scramble your message using the public key of your friend. When this scrambled message reaches their mailbox, they can easily decrypt it using their private key. If they want to send a reply to you, the process will be similar except they will now use your public key to encrypt the reply message.
That’s broadly how PGP works. Implementing it is simple with Mailvelope, a Chrome add-on that integrates encryption and decryption capabilities into your web email program. The add-on will generate your secret keys, store the keys of your friends and, best of all, it will automatically detect incoming messages that contain encrypted text, allowing you to decrypt them with a click.
Amit Agarwal writes a tech blog and is also on Twitter, YouTube and Facebook
You can follow India Real Time on Twitter @indiarealtime

Friday, November 16, 2012

NASA Encrypting Laptops After Breach

Stolen Device Contained Sensitive Information

By , November 15, 2012.
NASA Encrypting Laptops After Breach
The National Aeronautics and Space Administration is ramping up efforts to encrypt all laptops following the recent theft of an unencrypted device containing sensitive personal information.
Commenting on the Oct. 31 breach, NASA spokesman Michael Braukus tells Information Security Media Group: "Currently, it is estimated that 10,000 people have been affected, but the final number could be higher. Affected individuals identified to date include people who have applied for access to NASA information or facilities. The effort to identify all those who were affected is ongoing."

 

Related Whitepapers

Braukus would not reveal details about the personal information that may have been exposed in the breach.

Details of Theft

In an e-mail to employees, Richard Keegan Jr., NASA's associate deputy administrator, reveals that the laptop was stolen from an employee's locked vehicle. The device contained personally identifiable information on "a large number of NASA employees, contractors, and others," according to the e-mail, obtained by the news site SpaceRef.
Braukus offers further details. "The computer was password-protected, but some of the specific files were not encrypted as required by NASA policy," he says. "The hard drive also had not yet received the whole-disk encryption software as part of the ongoing agency-wide effort."
NASA is assessing whether the data breach resulted from any violations of the agency's security policy and procedures, Braukus adds."Effective immediately, no NASA-issued laptops containing sensitive information can be removed from a NASA facility unless whole disk encryption software is enabled or the sensitive files are individually encrypted," the e-mail announcement from Keegan states.
"Center CIOs have been directed to complete the whole disk encryption of the maximum possible number of laptops by Nov. 21," the announcement notes. NASA plans to complete its stepped-up laptop encryption effort by Dec. 21, "after which time no NASA-issued laptops without whole disk encryption software, whether or not they contain sensitive information, shall be removed from NASA facilities," according to the e-mail.

Credit Monitoring Offered

NASA is offering those affected by the breach free credit monitoring and related services from ID Experts, the e-mail from Keegan states. "Because of the amount of information that must be reviewed and validated electronically and manually, it may take up to 60 days for all individuals impacted by this breach to be identified and contacted."
The e-mail reminds employees that they must not store sensitive data on smart phones or other mobile devices. And it states that sensitive files that are no longer required for immediate work needs should be purged from laptops but maintained on a shared drive if necessary for records retention purposes.
This is the second incident of a stolen unencrypted laptop at NASA this year. Braukus confirms that a human resources staffer at NASA's Kennedy Space Center reported on March 5 that an agency laptop was stolen the previous night from the employee's personal vehicle parked outside her private residence in Florida. The laptop, which contained personally identifiable information, was not recovered, he adds.

NASA Statement

The following is the official statement on the incident that NASA provided to Information Security Media Group:"NASA takes the issue of information technology security very seriously, and the administrator has ordered a complete review of this incident and a report on the agency's progress to better protect its information technology systems, including laptop computers. NASA's inspector general is investigating the theft of the laptop in cooperation with local authorities. NASA regrets this incident and the inconvenience it has caused for those whose personal information may have been exposed.
"The agency is in the process of assessing the loss of the computer, reviewing procedures, and alerting individuals who may be affected. NASA is taking immediate steps to prevent future occurrences of personally identifiable information data loss. The administrator and the chief information officer have directed that, effective immediately, no NASA-issued laptops containing sensitive information can be removed from a NASA facility unless whole disk encryption software is enabled or the sensitive files are individually encrypted. In the meantime, employees who are teleworking or travelling will need to use loaner laptops if their NASA-issued laptops contain unencrypted sensitive information."

Thursday, November 8, 2012

Protecting against cyberterrorism

Protecting against cyberterrorism

November 1, 2012, 7:24 pm
) - The gravest threat to businesses and governments these days may not be recessions, hurricanes or wars - it may be cyberterrorism.

The latest example comes from Aramco, the Saudi Arabian oil company, which was hit by a sophisticated virus a few months ago, making it one of the most destructive attacks ever on a single company.

Three-quarters of their hard drives were erased, and replaced with a burning American flag.

The virus was believed to be the work of Iran.

What's more it that it was, according to the New York Times, retaliation for viruses the U.S. and Israel have aimed at Iranian computer systems in the past few years.

Aramco may have been more vulnerable because of the way it handled its administrative and privileged computer accounts and passwords.

Joining NECN to take a closer look at this threat and what you can do to better protect your company is Udi Mokady, president and CEO of the Newton, Mass.-based cyber security company, Cyber Ark Software.

Watch the attached video for the complete interview.

Tags: businesses , cyberterrorism, governments, Aramco, Udi Mokady, Cyber Ark Software, computer viruses

Wednesday, November 7, 2012

A White House order on cyber security would be a step in the right direction for safeguarding networks.

FOR

Richard C. LaMagna, president, LaMagna and Associates

State-sponsored cyber attacks require a state-led response. President Obama's planned executive order (E.O.) in response to the defeated U.S. Cybersecurity Act of 2012 (CSA) will allow federal agencies to propose new security standards for critical infrastructure industries. It will also create a council of federal agencies, led by the Department of Homeland Security, to report on cyber threats, many state-sponsored by China.

The [failed cyber security] bill called for voluntary standardized security practices, liability protection, priority assistance and access to classified information for companies that control the nation's critical infrastructure.

Critics argue the provisions are hallmarks of an intrusive government, that liability protection is inadequate, that non-participating companies would be penalized and that voluntary standards will stifle innovation.

Such ideological myopia is both wrong and dangerous. The federal government must play a lead role in protecting the country and its institutions.


AGAINST

Liz Wright, principal systems engineer, Lockheed Martin

The business of government is government, not private sector. Government safeguarding government assets is appropriate; however, declaring private sector part of the government “critical infrastructure” is a nebulous definition at best.
Collaboration among partners is laudable given an equal footing, but when one partner holds authority or provides direction to other partners, the collaborative facade evaporates. Information sharing is desirable among teammates; dialogue is bi-directional. Open communication is key.
Cyber security needs responsible, accountable, technically savvy individuals to drive vision and create the way forward, not politicians who drive meaningless mandates. In the ever-changing landscape where cyber space meets business, private sector in America still means businesses are accountable to shareholders, employees, and customers.
Who knows business best? Who protects our assets? He who owns a thing, controls the thing. That's how democracy works.