Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Government, IT Security, Security, Technology

Cyber Gang Linked to Theft of $17M From Banks, Retailers: Research

According to the report, the group – known as ‘Anunak’ – focuses their frauds on the corporate network, targeting internal payment gateways and internal banking systems. In this way, they steal money from the banks and payment systems themselves and not from the banks’ customers.

In addition to this activity, the gang has also compromised media groups and other organizations for the purpose of industrial espionage and possibly to obtain a trading advantage on the stock market. In cases where the group got access to government agency networks, their aim is believed to be espionage-related, the researchers report.

All totaled, the group is known to have hit more than 50 Russian banks, five payment systems and 16 retail companies. Most of the retail companies are outside of Russia, but no U.S./EU banks are known to have been attacked.

“We have seen criminals branching out for years, for example with POS malware,” said Andy Chandler, Fox-IT’s SVP and general manager, in a statement. “Anunak has capabilities which pose threats across multiple continents and industries. It shows there’s a grey area between APT and botnets. The criminal’s pragmatic approach once more starts a new chapter in the cybercrime ecosystem.”

Read More

Cyber Security, cyber security legislation, Defense, IT Security, Security, Technology

Sony Hacking Attack Swiftly Grew Into a Firestorm, First a Nuisance,

According to the New York Times, three days before Thanksgiving, Sony Pictures employees in Culver City, Calif., arriving at work, turned on their computers to find macabre images of the severed head of the studio’s chief executive. Sony shut down all computer systems shortly thereafter,Michael Cieply and Brooks Barnes report, including those in overseas offices, leaving the company in the digital dark ages: no voice mail, no corporate email, no production systems.

A handful of old BlackBerrys, located in a basement storage room, were given to executives. Staff members began to trade text messages using hastily arranged phone trees. Sony’s already lean technical staff began working around the clock, with some people sleeping in company offices that became littered with stale pizza. Administrators hauled out old machines that allowed them to cut physical payroll checks in lieu of electronic direct deposit.

Read More

Cyber Security, cyber security legislation, Cybersecurity, Government, IT Security, Security, Technology

Cyberattack on German Iron Plant Caused ‘Widespread Damage’

According to The Wall Street Journal, a German federal agency has acknowledged in a report Wednesday that a cyberattack caused physical damage to an iron plant in the country. It was a rare admission by a government tying a cyber action to actual physical destruction.

The attackers gained access to an unnamed plant’s office network through a targeted malicious email and were ultimately able to cross over into the production network. The plant’s control systems were breached which “resulted in an incident where a furnace could not be shut down in the regular way and the furnace was in an undefined condition which resulted in massive damage to the whole system,” according to the report, called the IT Security Situation in Germany in 2014.

The report is created annually by Germany’s Federal Office for Information Security. The agency, known as Bundesamt für Sicherheit in der Informationstechnik or BSI, is in charge of managing computer and communication security for the German government including critical infrastructure. The agency did not respond to a request for additional information about the company’s name or the extent of the damage.

Read More