Symantec’s 2017 Internet Security Threat Report (ISTR) lists the Services Industry at the top of its 2016 list of most hacked industries followed by Finance, Insurance, & Real Estate. These two industries were at the top of the list for 2015 showing that their popularity with cyber-criminals has not waned.

Drilling down to a more granular level we see that specifically, Business Services and Health Services top the charts. Given the strict reporting requirements in the healthcare segment it is really no surprise to see this niche at the top of the list. Business Services, a still rather broad sub-niche, tops the list accounting for nearly a quarter of all incidents.

Some Historical Perspective

According to Symantec’s data, by the end of 2016 over 7 billion identities have been stolen over the last 8 years! That is nearly 1 identity for every single living person on the planet.

Looking at just the past 3 years, the trend in breach and data loss looks like this:

At first glance 2015’s Identities Stolen figure might seem like a misprint with approximately half the identities stolen as compared to 2014 and 2016. But as the chart below shows, major breaches just on either side of 2015 led to the spikes in its neighboring years.

2014 of course reflects both the Home Depot and Target breaches while 2016 includes the mega breach of Friend Finder Networks.

You have a friend in Konsultek

No matter what your industry or your business size, Konsultek can help you secure your business network and data. Our custom solutions are both robust and cost effective and our suite of managed services give even the smallest organizations access to world class security solutions with little to no capital expense. Gives us a call and learn more about our free vulnerability assessments.

Symantec’s 2017 Internet Security Threat Report (ISTR) lists the Services Industry at the top of its 2016 list of most hacked industries followed by Finance, Insurance, & Real Estate. These two industries were at the top of the list for 2015 showing that their popularity with cybercriminals has not waned.

 

Drilling down to a more granular level we see that specifically, Business Services and Health Services top the charts. Given the strict reporting requirements in the healthcare segment it is really no surprise to see this niche at the top of the list. Business Services, a still rather broad sub-niche, tops the list accounting for nearly a quarter of all incidents.

Some Historical Perspective

According to Symantec’s data, by the end of 2016 over 7 billion identities have been stolen over the last 8 years! That is nearly 1 identity for every single living person on the planet.

Looking at just the past 3 years, the trend in breach and data loss looks like this:

At first glance 2015’s Identities Stolen figure might seem like a misprint with approximately half the identities stolen as compared to 2014 and 2016. But as the chart below shows, major breaches just on either side of 2015 led to the spikes in its neighboring years.

2014 of course reflects both the Home Depot and Target breaches while 2016 includes the mega breach of Friend Finder Networks.

You have a friend in Konsultek

No matter what your industry or your business size, Konsultek can help you secure your business network and data. Our custom solutions are both robust and cost effective and our suite of managed services give even the smallest organizations access to world class security solutions with little to no capital expense. Gives us a call and learn more about our free vulnerability assessments.

read more

There has been a major shift in the type of breach incident happening in the education services sector according to the Verizon 2017 Data Breach Investigations Report.

Can you spot the shift in the graphic below?

Source: Verizon 2017 DBIR

Cyber-Espionage has exploded since mid-2012! That’s right, because of the cutting-edge research that happens at many colleges and universities they have become a target for state-sponsored hacking.

As Verizon puts it…

“So college isn’t just pizza and tailgates—research studies across myriad disciplines conducted at universities put them in the sights of state-affiliated groups.”

So while of course the personal information of students and faculty were commonly extracted during breaches (a little more than half of all breaches) intellectual property losses were tied to a little more than a quarter of all breaches.

Targeted or Random Acts of Unkindness?

The evidence is clear that state-sponsored hacking and some criminal, profit based hacking is specifically targeting the hallowed halls of our academic institutions.

How do They do it?

Good question. Here is the answer in a graphic from the Verizon report.

Phishing email was the predominant threat vector in the social category while the use of stolen credentials was the dominant hacking technique. One interesting thing to note is the number of incidents involving Social and one or more other vector.

How Would You Like to Get a Threat Vulnerabilty Education for FREE?

At Konsultek we believe an educated client is the best client. That’s why we offer a variety of free vulnerability assessments to help you determine both your risk exposure and the likelihood of that exposure in regards to the veracity of your current security measures. Who would you rather educate you, the good guys at Konsultek or the bad guys out in the wild? Well, what are you waiting for? Pick up the phone and give us a call today so we can get your vulnerability assessment scheduled ASAP!

 

read more

The 2017 Verizon Data Breach Investigations Report (DBIR) has been released and as always, it is chock full of fascinating facts about the current state of the hacking and cyber threat world. You can get the full report from Verizon for free here.

Who are the Perps?

According to this year’s DBIR the breakdown of who’s been doing the most hacking looks like this:

  • 75% Perpetrated by outsiders
  • 51% Linked to organized criminal groups
  • 25% Involved internal actors
  • 18% Starred state affiliated actors
  • 3% Featured multiple parties
  • 2% Involved partners

How Did They Do it?

  • 62% Of breaches featured hacking
  • 51% Involved Malware
  • 81% Leveraged stolen or weak passwords
  • 43% Were social attacks
  • 14% Were linked to errors or privilege misuse
  • 8% Involve physical actions

The above information is just a sneak peek at a portion of the summary data contained in the 2017 DBIR. Next week we’ll take a deeper dive into what industries were hardest hit and by whom as well as get into specifics of how these industries were attacked.

 

 

 

read more

So what does motivate the latest generation of hackers? “Idealism and impressing their mates.” This according to a study by the British National Crime Agency.

The purpose of the study was to ascertain why teens, who ordinarily be involved in traditional crime, would be drawn into the world of cybercrime.

What the agency found through debriefs of the study participants is that financial reward is not a prime motivator for this younger generation of hackers. The recognition gained and the challenge of accomplishing the hack are far larger motivators.

“During his debrief, Subject 7, who was jailed for Computer Misuse Act and fraud offences, told officers, “…it made me popular, I enjoyed the feeling… I looked up to those users with the best reputations”.”

Easy Access to Tools a Contributing Factor

As noted many times on this blog, malware, DDOS-for-hire services and other hacking tools are easy to come by if you are looking for them and this easy access to tools was found to be a contributing factor to young people slipping over to the dark side.

No Socio-economic Bias

Unlike other crimes such as selling drugs, the study found no socio-economic bias. Essentially kids from all walks of life and privilege are equally likely to end up being attracted to cyber-crime and at a much younger age.  The data collected during the study indicates that the average age of a cybercriminal was just 17 as compared to 37 in drug cases and 39 in economic crime cases.

Konsultek has You Covered

Whatever their motivation, hacking an cybercriminals pose a significant threat to organizations of all sizes and all types. That’s why you need to be certain that your network is not vulnerable to penetration, not matter what type of technique is used. That’s why our Vulnerability Assessment service has become so popular.  During a Vulnerability Assessment our team of skilled engineers identifies all the potential vulnerabilities BEFORE they are found by hackers and cybercriminals.

Interested? Give us a call and see when we can get your assessment scheduled.

 

read more

Today is the last day to file your federal income taxes. And the looming 12:00 a.m deadline has thousands, if not millions of citizens stressing out and more susceptible to phishing scams than usual.


Every good cybercriminal knows this and they are working overtime churning out fake emails from the IRS and other taxing authorities in the hopes of snagging victims, stealing valuable information and ultimately,  making some money.

IRS Phishing PSA

For those of you who stumble across this blog post hoping to find a quick answer to the question “How do I know if this email from the IRS is real?” here is the quick answer.
The IRS will NEVER ask you to send along personally identifiable information such as your social security number or bank account details. So, if you are looking at an email that purports to be from the IRS and it is asking for this information it is a fake, phishing email and you should discard it ASAP!

IRS Issues Scam Warning

The prevalence of phishing scams this tax season prompted the IRS to issue a warning on March 17, 2017.
In the warning the IRS urged both tax professionals and taxpayers to be on guard against suspicious activity.Two scams were highlighted in the warning. In the first, which targets tax preparers, a fake email is sent to the preparer, (ostensibly from the client) asking the preparer to change the refund destination, often to a pre-paid debit card.The second scam targets users of tax preparation software or similar services. Users receive emails from these entities asking them to update their online accounts.Of course, those nostalgic for the good old days should be happy to know that telephone scams are still plentiful with the “IRS” robo-calling with urgent messages that require immediate action.

From Phishing to Malware

The purpose of these phishing emails is often not to directly collect account information but rather to install malware that can then access all the information stored on the infected device and even hijack the camera. That, according to www.zscaler.com.

The Zscaler ThreatLabZ team has detected a rise in Java-based remote access Trojan variants — jRATs — which give attackers a backdoor into a victim’s system and can be capable of remotely taking control of the system once it’s infected. Malware authors are using numerous tactics to entice unsuspecting users to open infected attachments, which arrive as malicious JAR files. Most recently, we’ve seen filenames such as “IRS Updates.jar” and “Important_PDF.jar,” claiming to contain important tax deadline information from the IRS.

Security is a 24X7X365 Job

Today it’s tax filing, tomorrow the scam will focus on something else. It appears that cybercriminals never sleep and never take a day off. Somewhere in the world there is always someone or some bot attempting to fleece unsuspecting individuals and organizations. I think we have finally “progressed” as a society to the point when we can confidently say that the only things certain in life are death, taxes and cybercrime!

read more

The sirens started at 11:42 p.m. Friday 4/7/17 and weren’t silenced until 1:20 a.m. Saturday 4/8/17. During that time millions of Dallas residents repeatedly had their dreams interrupted by no fewer than 156 tornado emergency sirens.

The alarms have a duration of 90 seconds per cycle and were activated 15 times during the cyberattack.

Hackers Were Local

What was at first described as a “malfunction” by officials was later deemed to be a hack of the emergency system. According to the Washington Post

“Officials have ruled out a remote hack — telling reporters someone gained physical access to a hub connecting all the sirens, which may not be turned on again until Monday as the city tries to figure out who, how and why.”

Critical Infrastructure Attacks Remain a Global Concern

Last January we reported that critical infrastructure vulnerability was a hot topic at the annual Davos conference and 15 months later the Dallas incident has literally and figuratively sounded the critical infrastructure alarm.

According to federal data, critical infrastructure attacks are on the rise. In 2012 less than 200 attacks were documented. By 2015 that number had risen to nearly 300.

Regardless of the intent of the hackers and regardless of the fact that the “hack” appears to have required physical access it serves as another example of how critical infrastructure can be compromised with apparent ease.

As Texas and federal officials continue their investigation it will be interesting to learn the motives, the details surrounding the vulnerabilities that were exploited and exactly how the hack was orchestrated.

Konsultek Knows Security

Our customized security solutions don’t stop with technology. A comprehensive Konsultek security assessment looks at all aspects of information and network security including human factors and physical security procedures. Is your information vulnerable? Let us help you find out. Call today to learn more about our comprehensive security assessments.

 

read more

Mega Spammer Leaks 1.37 Billion Emails

On March 7th, 2017, posted in: Hackers, Spammers by konweb

Monday morning, March 6, 2017 started off with a teaser announcement from data breach storm chaser Chris Vickery over at MacOS security software specialists MacKeeper. The announcement stated that later in the morning the identity of a breach victim with 1.37 BILLION records compromised would be identified.

Wow 1.37 Billion is a LOT of records! For perspective, there are only about 300 Million people in the whole United States. A breach of that size can only happen to an organization that either has a lot of individual users/customers, a large government agency or perhaps a large scale data aggregator.

The Internet was immediately on fire with speculation as to who might have been breached… Facebook? Salesforce? Apple? Alibaba?

Well, a few hours later the mystery was solved when Chris Vickery revealed on the MacOS blog that the “victim” was one of the largest email spammers in the world! Wow, no one had that on their radar.

SPAM SPAM SPAM

The spammers, who position themselves as legitimate marketers under the name River City Media, use automation and hacking techniques to send out an estimated 1 Billion emails a day with a team that numbers around a dozen. While everyone despises spam email, at some level you have to admire the sheer spamming scale that Alvin Slocombe and Matt Ferris, the River City Media principles, were able to operate at.

 

Another Dark Day for Privacy

In addition to emails, the database contains real names, IP addresses and frequently physical addresses. It would appear that these details may be headed over to law enforcement authorities so “big brother” just got a huge windfall.

Kudos to the Spam Assassins

You can bet that this is only the beginning of the story and that much more will come to light in the months ahead. Certainly all the investigators involved, MacKeeper Security Research Center, CSOOnline, and Spamhaus deserve a huge helping of kudos for clearing up, at least a little bit, the inboxes of over a billion spam victims in one fell swoop.

How Secure is Your Network?

You would think that a group of professional spammers would have appreciated and deployed the best security measures possible. It just goes to show that any operation, illegal or otherwise can be brought to a screeching halt when a data breach occurs.

Don’t let something like this happen to your organization!

Get proactive on challenging your own network security before it is too late.  From executive assessments to vulnerability discovery and breach simulation Konsultek can help. Give us a call to find out how we can help you identify and quantify your network security risks in a proactive manner.

 

read more

An Interview with a Hacker

On January 17th, 2017, posted in: Hackers, Information Security by konweb

TechRepublic.com published an interesting interview last week with the hacker Kapustkiy, part of the hacking group New World Hackers.

It’s a quick and interesting interview that covers his life from the early days of hacking as a teen to where he stands today, a member of New World Hacking (NWH) which he considers to be the most elite hacking group at the moment.

 

 

 

 

Here are some of the highlights:

He Makes Money as  Pen Tester, Not as a Hacker

Kapustkiy refers to himself as “penetration tester”. “I wanted to make money [with my skills], so I do bug bounties.”

“I’ll try to find vulnerabilities (most of the time XSS) in websites of my country and I help the administrators to fix them or I’ll report the vulnerable so they could do it on their own. PS: I only spend time on finding vulns in big websites like banks or universities.”

Pen Tester or Hacker? Which is it?

“A lot people are asking me these kind of questions and the reason that I describe myself as a Security Pentester instead of a hacker is, because I like to help websites to improve their security so they are secured. I have always put my focus on Web/Network Security instead of other stuff. A ”hacker” is in my opinion someone who has knowledge with everything.”

Database Bug Exploitation is His Specialty

He considers what he does “not hard at all” and “easy to learn. His inspiration came during his teen years when he read an article about LulzSec (one of his favorite hacking teams) and how they used simple attacks such as SQL injection.

Impressed by NWH Talent

After claiming to be behind the hacking of some high-profile embassies he reached out to NWH hoping to apply to their team. As he puts it “Other groups are good, he said, “but not as skilled as [New World Hackers].” NWH claimed responsibility for the crippling botnet attack that utilized IoT devices to bring a swath of the East Coast Internet providers late last year.

Is What He Does Legal?

“In my opinion, it is legal when you only leak a little bit database to make them aware of it. Also report the vulnerable always and let them know that you try to help them.”

Happy Customers

Kapustkiy offered up screenshots of ostensibly happy clients to TechRepublic who conducted the interview via encrypted applications that allowed the hacker to remain anonymous.

“The thing that motivates me a lot is that administrators appreciate that I try to improve their security better. I got a ”thank you” of the Indian Embassy and the Italian Government and I was very proud of myself that they have fixed the vulnerable.

Hacker or Pen Tester, Konsultek Has You Covered

By identifying weaknesses in your network security before they are discovered by external actors, Konsultek can build a custom security solution to close the gaps and prevent future breaches. If your organization is unclear as to how best protect your valuable information assets please give us a call. We’re here to help.

 

 

read more

Through the years we’ve discussed all sorts of digital identity verifications from passwords to fingerprints to retinal scans. Until today however, we’ve never discussed the almighty hand-written signature since it has remained (thankfully) beyond the reach of cyberhackers and criminals.

Well, apparently even your signature might soon be “hackable” thanks to a new handwriting forgery program developed at the University College London.

What separates this new algorithm from past is its ability to flawlessly replicate the most human, individual aspects of a person’s signature.

Flawless Replication of the Details

When a handwriting expert examines a signature he focuses on a number of subtle nuances in order to verify that the signature is authentic.  For example, the expert might look at:

1. How letters are joined together. Every person has a unique, well, “signature” when it comes to how letters are spaced and joined.

2. How the letters and characters are slanted and how they relate to one another spatially.

3. How thick the letters and characters are. This varies by not only what characters are being scribed but also by the ink flow from the pen.

The new algorithm, after analyzing as little as 1 paragraph of cursive writing, can apparently flawlessly reproduce the volunteer’s (or victim’s) signature.


 

Let’s hope that this technology doesn’t become too commonplace too soon or offline identity hacks might just become more problematic than their electronic counterparts.

How can Konsultek Help You?

When it comes to digital information security, including scanned signatures, Konsultek stands between your most valuable assets and the nefarious elements who are constantly trying to steal them. No matter what your industry and no matter how large or small your organization your security is OUR business. If you are looking for a partner you can trust in your secure future then stop looking and simply give us a call!

read more

Top 10 Hacks of 2016

On November 17th, 2016, posted in: Hackers, Targeted Attacks by konweb

In the first of the “Top Hacks of 2016” lists I’ve seen this year (they seem to start earlier each year, similar to holiday shopping!) Tech.co has published their top 10 list.

Let’s take a look at the list and take a stroll down 2016’s memory lane of hacks.

1. World Anti-Doping Agency
2. SnapChat
3. Verizon
4. Democratic Party
5. LinkedIn
6. BitCoin
7. DropBox
8. Yahoo!
9. Cisco
10. AdultFriendFinder

The post on Tech.co doesn’t explicitly state whether or not the hacks are listed in order of decreasing severity. Personally, I would re-order the list and put the DNC (because of the potential ramifications it had on the election) or Yahoo (because of the sheer scope) at the top of the list.

Nonetheless,  a solid list in a year when pairing such a list down to just 10 is a challenge!

What do you think? Any egregious omissions? How would you order the list?

Sound Security Solutions for Organizations of all Sizes

At Konsultek we specialize in customized security solutions and managed security solutions for organizations of all types. Education, finance and healthcare are just a few of the dozens of different niches our security experts work in every week. If you are ready to learn more about your secure future, please give us a call.

 

read more