Telecommunications giant AT&T disclosed on June 13 that three employees of one of its vendors used their privileged access to hack a server containing sensitive customer data, including Social Security Numbers, birth dates and cellular phone numbers. Thus far, AT&T hasn’t revealed how many are affected by this breach, and for the moment it appears that the hackers gained unauthorized access for the purposes of unlocking older generation AT&T phones for use on other carrier networks. The breaches happened in April, but AT&T is only just now notifying affected customers.
What this means for you:
Unlike previous data breaches, the exposed customer data hasn’t appeared for sale (yet!) on the internet black market, but AT&T is offerring a free year of credit monitoring as a mea culpa to its affected customers. If you were affected by this breach, you should have already received a notice from AT&T of the potential exposure. This latest breach demonstrates an important point about security: no matter how much you invest in protecting your perimeter, serious threats may already be behind your “firewall”. As an individual, there is very little you can do to help AT&T be more secure, but you can take your credit history and activity seriously, and always keep your eyes peeled for unusual activity on any online account, regardless of whether they are financial services or not.
If you’ve spent any time at all on the internet, you are probably painfully aware of how people can do and say dumb things on online. For most, it’s probably fortunate that their antics were merely foolish, as the American justice system has begun to take a rather dim view of online threats by throwing internet loudmouths behind bars. Among those made an example of is Anthony Elonis, a Pennsylvanian man who served nearly 3 years in prison for making a variety of threats on his Facebook page against his ex-wife, co-workers and law enforcement. All the alleged threats were, according to him, merely expressions of creativity, “rapping to his Facebook friends.” Surprisingly, the US Supreme Court has decided to hear Anthony Elonis’ appeal of his conviction on the basis that he never intended to carry out these threats, and there may be legal precedents that support this position.
What this means for you:
I’m no Supreme Court Justice, but I do know that things published on the internet, particularly social media sites like Facebook, rarely stay private, and I think it’s a safe bet that publishing something on Facebook means that you want people to notice what you posted. However, things like Facebook and the Internet also cloud the determination of whether the poster actually intended for offended or threatened parties to view that content at all. The cynical among us will say, “Of course they wanted this to be read by everyone, including their target. This is the Internet. Nothing is private.” But, Facebook promises us that our posts will only be as public as we allow them to be, right? Only our small circle of Facebook friends can see this, right? A US court has already ruled in favor of one internet loudmouth who, in a drunken stupor, threatened to shoot the President on a Yahoo discussion forum.
Were these online bozos behaving poorly and exhibiting terrible judgement? Absolutely. Did they commit an actual crime? It’s still up for debate, says the Supreme Court. For the time being, my advice on this subject remains the same: Never say anything online (email, Facebook, Twitter, whatever) that you wouldn’t want plastered all over the CNN website front page the next morning.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
As if having your Windows computer files and iPhone being held for ransom wasn’t bad enough, Android-based devices can now “enjoy” that ignominious fate as well. Security researchers are reporting that hundreds of Android devices, primarily in Russia and the Ukraine are being infected by a Trojan called “Pletor” which can do just like it’s Windows based counterparts: the victims were tricked into installing the trojan by fake websites, apps and games, and once the victim’s content is encrypted, the trojan demands a ransom of approximately $30-35 USD to unlock the data.
What this means for you:
Though it has happened before, it’s still extremely rare for a Trojan like the above to make it through the screening process that Google performs on all the apps that are available through the Google Play store, and even if one does, it’s pulled quickly. Google can even reach out retroactively to affected phones to remove the harmful app. That being said, it’s not hard to “side-load” apps on Android devices, which is primarily the way Android malware spreads. The easiest way to keep your Android devices safe: don’t side-load apps. Only install apps published through Google’s Play Store. Keep in mind, for everything not a Kindle Fire, installing apps from Amazon’s App Store is considered side-loading, and should only be done if you really know what you are doing. And if you just can’t live without side-loading apps, make sure you don’t store any important information on your device, and keep it well away from sensitive business data. The more risky your activities are on the device, the more likely it is that device will get compromised.
In case you were wondering where that whole “Network Neutrality” debate ended up, legislation/regulation is still being ruminated upon by the policy wonks at the FCC, Congress critters are still confused about “tubes”, but the knives have come out between content providers and ISPs. Netflix and Verizon are currently spatting over a particularly accusatory “error message” Netflix has been “testing” that shows a warning to its subscribers that Verizon’s network is too congested for them to enjoy Netflix content in HD. This, not just weeks after Google started its own page that shows you how well your ISP does when transmitting YouTube videos to you. In case you were wondering, most consumers weren’t pleased that Google & Netflix confirmed their worst suspicions: their ISP sucked when it came to watching videos, and it’s a safe bet that video watching wasn’t the only thing suffering from poor performance.
What this means for you:
Nothing as of this moment. Google and other content providers have been very vocal in the Network Neutrality debate, but when it comes to dealing with the government, “vocal” means writing a very stern letter and rounding up lobbyists to start scratching backs and/or eyes. But over here in the real world, the ringside bell just signaled another round of sparring and Netflix came out swinging. Verizon immediately lawyered up and sent its own sternly worded demand to Netflix to cease and desist, who just shrugged and said, “Hey, it was just a test. But we might be doing that again in the future. And oh, by the way, this is really your fault to begin with.” We’re fairly certain that it got a ton of attention from (allegedly) poorly served Verizon customers, who, like millions of other Americans, are basically stuck with zero choice when it comes to internet broadband. Get settled in, this is going to be a long fight, and those of us on the sidelines will probably get bloodied just as much as the titans, because, in case you hadn’t noticed, we’re all players on their gigantic chessboard.
Image courtesy of jasadaphorn / FreeDigitalPhotos.net
Coming hard on the heels of the international sting two weeks ago that resulted in the arrest of nearly 100 “RATters”, law enforcement agencies in several countries again acted together to take down two very large botnets that together number well over 1.2 million compromised Windows computers, arresting a Russian hacker who allegedly managed the powerful zombie networks. Botnets are essentially large collections of “zombified” computers that can be controlled remotely and are a favored tool of cybercriminals and hackers that can execute a variety of activities including widespread phishing campaigns to steal sensitive personal data and focused DOS attacks used to cripple websites and servers.
What this means for you:
The UK Crime Agency believes that though they have control over the botnets for the moment, that control won’t last long – maybe 2 weeks – before the zombified computers are drafted into another botnet. In those 2 weeks, the various involved law enforcement agencies are hoping to take advantage of the temporary reprieve to notified the owners of the infected machines that they need to clean up their computers ASAP. If you receive a conspicuously official looking notice from some form of local law enforcement, it might be legitimate and not just another scareware scam. Some obvious signs that your computer might be infected (and possibly part of the one of the 2 busted botnets) include:
- Websites loading in your browser that are clearly not where you intended to go, or what the search results said they would be
- Computer performing unusually slowly or erraticly, unexpected crashing or other unusual behavior
- Files suddenly becoming corrupt or unusable
The last one is of special concern – it could mean your computer is infected with Cryptolocker, a nasty bit of malware that locks your files up and holds them for ransom. This might also mean that even if you were inclined to pay the ransom to get your data back, you may not be able to, as the take down of the botnet may also result in no one, criminal or lawful, being able to unlock your files. Sadly, if you hit this point and don’t have a recent backup of your data, it is gone forever.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
A new scam to extort money out of Apple mobile device users has surfaced in Australia, with scattered reports in other countries as well. Affected devices are locked out via Apple’s own “Find my iPhone” platform with a message that demands a ransom payment of $100 USD to unlock the phone. Security analysts are unsure at this point as to how the perpetrators are gaining access to victim’s AppleID accounts, and so far Apple is refusing to comment on this issue. According to posts on Apple’s Support Forums, the only reliable way to unlock the device is to reset it back to factory settings and restore your data from a backup, if one was actually created and maintained for that device.
What this means for you:
So far, there is a tenuous link between some of the victims and the recent eBay hack that exposed user accounts and encrypted passwords, where the victims admitted to using the same password for both eBay and iCloud. However, several other victims of this new ransom scam did not use the same password as their eBay account, so eBay’s exposed data may not be the only source. Bottom line, you should use strong, unique passwords for online accounts, especially for the ones that are tied to important services like online banking, email and any account that has access to confidential data, either yours or your clients/customers.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
It’s a beautiful day on the internet when I can report good news instead of bad. In what appears to be a new and very positive trend in modern law enforcement, several agencies around the world came together in a global sting that bagged nearly 100 cybercriminals selling and using the Remote Access Tool (RAT) “Blackshades”, a very popular hacking tool used to spy on and even extort thousands of victims through their compromised computers. Lest you think this is a new trend in cybercrime, “Ratting” has been around for years, but perhaps its profile was elevated through the unfortunate victimization of Miss Teen USA 2013, Cassidy Wolf, high enough to galvanize authorities to do something other than attempting to squash Ratters one at a time.
What this means for you:
According to analyst estimates, Blackshades was being used to compromise hundreds of thousands of computers world-wide at the time of the sting. It was readily available and cheap, and did not require sophisticated technical skills to use. In the case of Ms. Wolf, the software was installed by a former acquaintance, but typically users are infected and “ratted” through a link on Facebook or via email, often sent by other infected machines. As with any malware incursion, a healthy level of caution and up-to-date antimalware could have prevented the infection, and in the case of Miss Teen USA, a great deal of heartache and trauma. If you are one of the many who refuse to lock their unattended computers with a strong password, consider the victimization of Cassidy Wolf as a cautionary tale and take immediate steps to secure your privacy and safety.











