While analyzing the data trail of the recent, highly-publicized Adobe security breach and data theft, researchers also discovered data that appears to have been stolen from a prominent online broker of limousine and towncar services. Among the some 850,000 customer records discovered were such illustrious names as Donald Trump, LeBron James and Tom Hanks as well numerous other wealthy and/or famous individuals. The data also included credit card information, pickup times and locations and even ID numbers of private airplanes used by this company’s customers. The records also included notes on customer behaviors and activities including a number of tidbits that could prove embarrassing or even potentially incriminating. Even if the data were to somehow avoid falling into the hands of police or tabloids, it’s highly likely that cybercriminals will have already cherry-picked many of the customer records for their potential use to fuel spear-phishing attacks and other focused cyber-espionage attempts on corporate and government targets.
What this means for you:
You may have enforced rigor and discipline in your own technology, to the point where you feel fairly confident that you can avoid most attempts to compromise your technology security, but the above points out an uncomfortable reality: you cannot control what information is being gathered about you whenever you interact with the rest of the world. You have two choices here: acceptance and vigilance – be watchful and cautious, and come to grips with the fact that 100% security is impossible, or move to a bunker in the wilderness, off the grid and completely isolated from society. However distasteful and infuriating the former may feel some days, the latter is just not a practical choice (or even possible) for most people.
As predicted, the zero-day flaw in multiple versions of Microsoft’s web browser, Internet Explorer, is now being actively exploited by multiple APT (Advanced Persistent Threat) groups in attacks that are targeting large numbers of people. The most publicized and successful of these attacks have been focused on government websites. Their primary purpose: to install rootkits on government worker machines to facilitate access to confidential government documents. On top of the growing number of attacks leveraging this weakness, the Metasploit framework (an open source hacking tool used by security researchers and white-hat hackers) just released a module to the public that demonstrates how this security flaw can be used to hack IE, theoretically making it even easier for malicious agents to understand and develop their own exploits. Microsoft has yet to say when a patch will be released to fix this weakness, which affects just about every version of IE from 6 through 10.
What this means for you:
If you are using Internet Explorer, whether by corporate mandate or by choice, make sure you’ve applied Microsoft’s temporary fix, or ask your IT guy if they’ve distributed the fix throughout the company. If you work for the government, either as an employee or contractor, be extra wary of strange behavior on your computer, and ensure that your antimalware software is fully functional and up to date.
If you are using some other browser, you don’t have to worry about this particular exploit, but as always, remain ever vigilant and make sure your OS, software and antimalware are fully patched!
Though it’s no secret to the security world, the US government has specifically avoided naming Chinese state agencies as the source of a tremendous surge in cyberattacks on corporate and government institutions over the course of the past 2 years. On Monday, the gloves finally came off as Obama’s security advisor, Tom Donilon pointed the finger of blame right at China’s military in a speech given to the Asia Society in New York, NY, as evidence gathered by multiple security firms continues to build an unavoidable confrontation on this issue. The Chinese government has of course denied these allegations, but has also said that it is willing to meet with the US and other nations to discuss cybersecurity.
What this means for you:
It’s still very early in the ballgame to decide if this is going to make things better or worse for the average business. At the moment, unless you are on the short list of companies that have information worthy of corporate or state-sponsor cyber-espionage, nothing will change for you, as your threats are likely still coming from the “traditional” vectors: either organized criminal elements seeking to steal from you, or random mischief and mayhem generated by malware controlled by those with less focus and malice. Today, as before, constant vigilance remains the most effective tool in your defense.
Targets of state-sponsored cyberattacks will continue to have a great deal to worry about. Where a “garden variety” attacker encountering strong defenses would normally move on to easier marks, cyber espionage targets will typically suffer through a dedicated, prolong campaign of multiple types of attacks (brute force, trojan horse, spear phishing, social engineering, etc.) because of the valuable data or services protected within and the deep pockets of the government powering their efforts.
It’s not immediately clear what either government hopes to accomplish around meeting on cyber warfare, other than to set up guidelines that will only be used for political leverage when violated by the other party, and probably ignored when it suits either country. As you can imagine, rules like the Geneva War Conventions only work when both sides are willing to abide by them.