Category: Cyber Security

With hackers unleashing new cyberattacks on a daily basis, the likelihood of your company being affected is no longer a matter of if, but when. We’ve compiled a list of five major data breaches and hacks from this year – so far – to show you how to avoid becoming a cybercrime victim.

Equifax Data Breach

Equifax – one of the largest consumer credit reporting agencies in the United States – announced a colossal data breach in September which has affected 145.5 million consumers. Not only were the personal details – including names, social security numbers and credit numbers – of these unknowing people accessed, but the company failed to report the cyberattack when they first discovered its existence in July.

That means the public was unaware of the breach for nearly two months and were therefore unable to take action to protect their information.

Lesson: Report cybercrime immediately. This is especially true when dealing with the personal details of customers. Equifax not only tarnished their reputation by waiting 2 months to report the breach, but also magnified the potential damage to affected consumers due to their lack of communication.

WannaCry

Touted as the biggest ransomware attack in history – infecting more than 300,000 computers in 150 countries over four days – WannaCry demonstrates the speed and efficiency at which modern malware can act. The attack succeeded in showing the world how a simple vulnerability or hole in a program (in this case Windows) can lead to devastating results on a global level – including affecting major organizations like the NHS, FedEx and Renault — within a very short time.

WannaCry represents a major increase in global ransomware attacks where a user is forced to decide if they want to pay a ransom fee or lose their files. It also represents the need for companies, regardless of size, to keep their software current. For more information on WannaCry and ransomware, check out our WannaCry blog post.

Lesson: Always auto-update the latest version of software. WannaCry took advantage of a vulnerability in older versions of Windows. When Microsoft learned of this issue, they immediately released a patch to fix it. However, companies that did not update their software or were using a version of Windows that Microsoft no longer supports, were left wanting to cry as they were left exposed for WannaCry infection.

By auto-updating your software, you never have to worry about missing the latest patch or security upgrade – and therefore will hopefully remain safe from ransomware attacks.

Petya/NotPetya

Released shortly after WannaCry, Petya was a more dangerous variant of its cousin. Whereas WannaCry was actual ransomware – holding files and data hostage until payment was made to retrieve them – Petya was actually a wiper made to look like ransomware. This means that even if payment was made to retrieve your data, the malware was designed to still wipe your system clean.

Here we see a shift from cyberattacks aimed at financial gain, to cyberattacks with a malicious agenda.

Petya had major negative effects on leading corporations around the world, including companies like Maersk, WPP, Saint-Gobain and more!

Lesson: Don’t pay the ransom. Police and security experts warn users against paying the requested fee associated with retrieving hostage data. Not only does giving in to the demands of hackers encourage them to continue extorting end users, but in the case of something like Petya there are times when even paying the fee will not guarantee your data is restored. Those companies that did pay the ransom for Petya were met with disappointment as their systems were wiped and they lost their money.

Instead of paying the ransom, experts recommend disconnecting the infected computer and downloading a ransomware removal tool. If no tool is available, then contact a cybersecurity firm for further assistance.

Instagram

With over 700 million active users, Instagram is one of the world’s most popular social media applications – making it a prime target for hackers. In September, more than 6 million IG accounts were compromised and personal information was put up for sale on a website called ‘Doxagram.’ Included in leaked user profiles were everyone from average Instagram accounts to superstars like Harry Styles, David Beckham and Leonardo DiCaprio.

While this hack did not have the same crippling effects as those felt by WannaCry or Petya, it shows that no one is truly safe from cybercriminals. Exploits can be found everywhere – in this case a flaw in IG’s security – and leveraged for cash.

Lesson: No one is safe from cybercrime. This means it’s the responsibility of corporations – especially mega-organizations with millions upon millions of users – to continuously check that their security measures are up to date. Seek out a third-party consultancy to analyze your system and provide another pair of eyes to catch even the smallest of flaws. That’s all a hacker needs – one small opening – and they have an in to exploit the unsuspecting userbase. Download FlexiSPY and take advantage of our Instagram monitoring app.

Payment System Data Breaches: Chipotle, Sonic, Intercontinental Hotels Group

Three major food and hospitality brands experienced customer data breaches through hacks to their point-of-sale payment systems. Guest credit card numbers, addresses, pins and security codes were among the data stolen and made available for sale to dark web patrons. Millions of customers were affected by the Sonic hack, while credit card information from guests at more than 1,100 hotels from the Intercontinental Hotels Group and ‘most’ Chipotle restaurants was stolen – not to mention the other millions affected in similar cyberattacks across this industry over the last couple years.

While these attacks are non-related, we can see a clear trend: hackers are targeting US point-of-sale systems, because there are easy-to-exploit security flaws. Sounds like businesses are in desperate need of an upgrade!

Lesson: Upgrade to Chip and PIN card systems. The US is one of the slowest countries in making the shift from magnetic stripe card systems to those of the more secure Chip and PIN cards. Traditional magnetic stripe cards need the user’s signature for proof of identification. A chip card has an extra layer of protection by encrypting transaction information through the embedded microchip.

If you have any business transactions conducted on a point-of-purchase or credit card system, be sure to upgrade to a Chip and PIN system to increase security and avoid breaches like those described above.

How to Avoid a Cyberattack

Last year saw the most cyberattacks, hacks and data breaches in history – with nearly 4,000 ransomware attacks on average per day alone. As these numbers continue to grow, hackers are finding new ways to wreak havoc across industries – crippling many organizations and exposing the personal data of millions of people around the world.

Industries and companies that have been affected or compromised in some way include the global energy sector, Sweden’s military, Zomato, HBO, Molina Healthcare, Deloitte, almost 2 million registered voters in the US, FAFSA, Verizon and so many more!

By acknowledging that cyberattacks are a real threat to companies, governments, families, schools – anyone really – we can start delegating more resources to implementing defense strategies and protecting our data and personal information from getting into the wrong hands. Here are some ways you can start combatting cybercrime today and prevent yourself or your business from becoming just another cyber-statistic:

• Hire a dedicated team of skilled cybersecurity personnel
• Install monitoring software – like FlexiSPY – for notifications at the first sign of danger on your network
• Keep all software updated to the latest version
• Use different passwords for different applications – and change them often
• Provide cybersecurity training for all employees to increase awareness of threats

Are you part of the 38 percent of organizations who believe they are prepared to handle ‘sophisticated cybercrime’ or will you be one of the 62 percent who lets the hackers continue to win. With cyberattacks projected to cost businesses over $2 trillion by 2019, the time to make that decision is now.

[hoops name=”optin”]

It seemed like a legitimate email. At least until the dreaded pop-up appeared telling you that your files had been encrypted. Ok, take a deep breath, you have an anti-virus program to get rid of malware. But this is different. This is asking for money to get your files back. And there’s a time limit? It’s like something out of a hostage movie. And unless you’ve been backing up your files – or are secretly Liam Neeson in Taken – you may have to pay the ransom. Wait, there’s another option? That’s right, you can also choose to infect two of your friends with this software in exchange for a free key to decrypt your files. To pay or to infect? That is the question.

Ladies and gentlemen, welcome to the new era of ransomware.

A Modern-Day Sophie’s Choice

Ransomware attacks are skyrocketing as cybercriminals continue to find new ways to infect individual and corporate computers in an effort to get their piece of this $1 billion dollar industry. While most ransomware has a pay-to-retrieve format – like last month’s WannaCry, the biggest cyber-attack in history, infecting more than 230,000 computers in four days – there’s a new variation on the scene. It’s called Popcorn Time and it’s the ultimate test of your moral compass – pitting you against your friends, family or coworkers as you decide whose data is more valuable. Sophie, eat your heart out.

It’s like there is an industrial cybercriminal kitchen that continuously churns out new recipes with new ingredients and we are the taste testers. If the software can be improved – in other words, it’s easy to bypass the ransomware – these cyberchefs head back to their pantry and search for that secret something that will perfect the dish. Think of ransomware as movie theater popcorn with layers of butter and Popcorn Time like it’s artisanal truffle butter big brother – both delicious, but one has that extra something. Unfortunately, in this case, ransomware attackers aren’t testing our flavor preferences, but rather our morality and pocketbooks. And they still haven’t found the perfect combination of ingredients, so it is likely we will be seeing new menu items in the near feature.

What is ransomware?

Ransomware is malicious software that either disables access to a target device (locker ransomware) or encrypts files (crypto ransomware) with the intent of holding them hostage until the user agrees to pay a specified ransom to regain access. While the first iteration appeared as far back as 1989, ransomware began garnering public attention with the Trojan.GPcoder in 2005. This multi-layer malware has quickly evolved into one of the most popular methods for cybercriminals to hijack your computer – and make some quick cash.

How does ransomware work?

While there are many ways for ransomware to infect computers, the most common is through email. Hackers send phishing campaigns – infected messages – that when opened will download the malware to a device. Sometimes these emails are obvious (Did you really think a Nigerian prince would ask you for money?), while some are disguised as invoices or pay slips and others are sent directly from a hacked account from your contacts list.

Other means for spreading ransomware include infected USBs, downloading files from untrusted websites and malvertisements (infected online advertisements).

How common are ransomware attacks?

According to Symantec, global ransomware attacks rose 36% in the last year with “100 new malware families released into the wild.” Kaspersky further supports these findings showing businesses went from being attacked once every 2 minutes to once every 40 seconds. And as the number of affected companies and individuals grows, so does the ransom. Last year, you could expect to pay an average of $1,077 to get your data back (up from $294 in 2015), while only time will tell how much that rate will continue to rise.

Do I have to pay?

Technically, no you don’t have to pay – and cybercrime authorities discourage giving in to this extortion. However, each case depends on the individual or company involved and it’s important to assess the situation before making any decisions. Consider the following:

• How much data was compromised? Some attacks only affect one computer, while others creep into the entire network. Evaluate what exactly was infected and whether you can continue operations without this information.
• Did you back up your server? We can’t stress enough how important it is to regularly back up your data, especially with ransomware on the rise. With your files protected on a separate hard drive, cloud or server, you will be able to start from where you left off without having to pay.
• How long will it take to return to normal operations? 72% of employees with infected computers were locked out of their files for two days, while 17% were blocked for ten. This could cripple the productivity and operations of businesses running on a smaller scale, while others – like hospitals – simply can’t afford to have prolonged down periods due to the nature of their work.

Only 34% of people worldwide do not pay when they encounter ransomware. And while this number is higher in the US (64%), it’s important to recognize that payment is not required. Weigh your options carefully and determine what will work best for your specific case. Also, keep in mind that you are dealing with criminals, so there is no guarantee they will follow through after you pay. In fact, 20% of those who paid the ransom did not receive their decryption key.

How can I prevent ransomware?

The best way to avoid ransomware is to keep it from infecting your computer in the first place. It may seem like common sense, but as hackers continue to innovate, it’s up to individuals and companies to be proactive and implement precautionary measures:

1. Back up your system. Always, always, always back up your files on an external system. If you have a great deal of important data, consider setting up two backups: an external hard drive and a cloud-based system. Note: if you only have a physical hard drive as a backup, be sure to disconnect it from the network when back up is completed to prevent it from attacks.
2. Install monitoring software. Computer monitoring software, like FlexiSPY, gives you an added layer of protection. Know immediately if anyone is visiting risky websites, downloading pirated files or using external storage devices that could compromise the security of your network.
3. Use a strong anti-virus. Regularly update your anti-virus program and consider paying for a more powerful version, especially if you need to protect important company information.
4. Be aware. Educate yourself on the dangers and signs of ransomware. Taking time to know what to look for and how to avoid it will decrease your likelihood of being attacked – and hopefully save you some money and stress. When in doubt, don’t click about!

What if I do get infected?

If you do find yourself hit by WannaCry, Popcorn Time or another variation of ransomware, there are steps to take for rectifying the situation:

1. Disconnect the infected computer. Taking your machine offline will keep it from spreading any malware to other machines on the network.
2. Download ransomware removal tools. See which software would work best for your case, but keep in mind that with so many types of malware, no product is 100% guaranteed.
3. Visit www.nomoreransom.org. This international initiative is made up of some of the world’s leading cybersecurity and cybercrime players who “have joined forces to disrupt cybercriminal businesses with ransomware connections.” They have a number of decryption keys available that may be the answer to regaining control of your computer.

Its not every day that our blog team get’s to write about television. Luckily for us though, a series has come out with some surprisingly realistic hackery going on, here are our thoughts on it.

In the episode “Eps1.2d3bug.mkv”  of the hacking themed tv series Mr Robot, the central character was seen installing onto a phone, software that looks way too similar to FlexiSPY to NOT be FlexiSPY.

While we appreciate the show researching and using real spy software, FlexiSPY was being implemented in a cloak and dagger way. Because of this, we feel that now is a good time to say again that you should always check with your local laws before installing FlexiSPY onto any phone. We also recommend that you have a read of our legal disclaimer to ensure the use of our software for your intended purpose is legal.

Nevertheless, it is cool to see television shows putting a more realistic spin on what spy technology can do, and we hope that this trend continues!

If you are interested in this sort of thing, you can read more about our software through our website by clicking here.

Over 650,000 ADSL routers that are extremely vulnerable to hacking have been ousted to the public by ISP’s worldwide.

Of the numerous exposed flaws, one of the largest appears to be a directory traversal vulnerability which exists under a component under the name of webproc.cgi. This vulnerability allows hackers to gain access to admin credentials, potentially letting them steal data that’s important to the victim.

Perhaps the most astounding part of this story though, is that that researchers first discovered, and exposed this flaw back in 2011 but in only a select few models.

More recently though, a lone security researcher, Kyle Lovett, while analyzing some ADSL routers, uncovered this vulnerability in a huge amount of routers. After further investigation he ended up uncovering hundreds of thousands of susceptible devices located around the world.

Just taking a wild guess, this happened on such a large scale, and the problem was swept aside so long because of the ISP’s.

Most ISP’s provide customers (force them into using) their own ADSL modems, even if you want to use your perfectly good one. Maybe they have a deal with the NSA, some custom spy software installed maybe?

So it’s no wonder that by pushing these modems, there would be a mass risk for vulnerabilities to be exploited.

There’s actually more than just the webproc.cgi flaw though, there’s several other massive flaws.

Around 60 percent of the modems have a hidden account, supposedly for “support purposes” with a laughably easy to guess, hard coded password. These 60% of devices all share the same password.

For a quarter of the routers, hackers are able to take a snapshot of the modems active memory. Of course this is a big issue, because this memory can contain credentials for past visited website, in plain text.

Worst yet, Lovett was able to track down the IP addresses of hackers exploiting these vulnerabilities, and most of the addresses were coming from China.

An expected fix for these vulnerabilities has yet to be rolled out, but for the time being you can check to see if your modem is effected by looking at the list – here