UPDATED 18:41 EDT / JULY 14 2012

NEWS

Cyberthreat Weekly: A $75 Million Cyber Bank Job, Anonymous Mars Japanese Websites, and Spammers Aim for London Olympics 2012

Looking at the cybersecurity goings-on last week, it’s safe to assume that hacking is taken to new heights. Cybersecurity is not just an issue of stealing personal information and defacing websites, it can cause very serious financial and political damage as well.

Cyber Bank Job Compromises $75 Million

Perhaps the most alarming known cyber security nose-dive recently, Sky News reported a cyber fraud scheme that affected high-balance accounts from 60 banking institutions worldwide. The casualty amounted to an estimate of 75 million dollars. Investigators strongly believe that the crime was carried out with “an insider level of understanding,” therefore marking the biggest cyber bank robbery to date.

McAfeee and Guardian Analytics said that a good deal of source servers used for the attacks are from Russia. They are targeting corporate bank accounts, starting in Italy and then spreading throughout Europe.

Spammers Leverage with London Olympics

As responsible people who stroll around the cyberspace, we have to be vigilant about the things that we read, and links and folders that we click. Now that the London Olympics 2012 is a hot topic right now, we have to put our guards up against spams masking themselves as deals that are too good to be true in exchange for personal information, prize notification that are actually malware, and the like.

Check out http://www.london2012.com/stay-safe-online/ on how to stay safe online.

Anonymous Takes the Website Spoiling to Japan

Japan’s Finance Ministry, Supreme Court and political parties DPJ and LDP were the latest targets of Anonymous. They were taken offline for a while by the hacktivist collective in protest to the country’s new anti-piracy bill that will incarcerate copyright violators. Anonymous has always been against anti-piracy efforts that impede unregimented flow of information.

“We are aware of the Anonymous statement referring to the new copyright law, but we don’t know at this point if the cyber-attacks are linked to the group,” said Ministry official Takanari Horino.


RSA SecurID 800 Can Be Breached in Less Than 13 Minutes, Claims Ars Technica

At CRYPTO 2012 conference, a PDF written by Dan Goodwin of Ars Technica revealed fatal flaws in RSA products. One such flaw allows hackers to extract secret symmetric secret keys from RSA’s SecurID 800 in less than 13 minutes. SecurID 800 is supposed to secure companies’ physical and remote access to sign emails and validate authentication using formidable cryptographic keys.

The attack uses a programming protocol called PKCS#11 interface to leg up the cryptographic wrapper and allow access to the keys.

RSA responded to Ars Technica with the write-up “Don’t Believe Everything You Read…Your RSA SecurID Token is Not Cracked.” They said their token cannot be cracked directly but they admitted that the keys can somehow be accessed using the said method.

“While RSA would agree that the research paper demonstrates an improvement of the padding oracle attack, the attack is better characterized as against the PKCS #1 V1.5 standard rather than any particular device,” writes RS.


Splunk Uses Big Data to Predict Failures

With an array of powerful in-house security and security-as-a-service offerings, Splunk leverage with big data to predict failures and distinguish a real threat from a false alarm. The water pump fail in Illinois for instance instigated panic over cyberterrorism. The FBI used Splunk to analyze the logs to know what actually happened there and it turned out that it was just a contractor logging in from Russia.

One of the many offerings by Splunk include a behavior analysis. Queries are answered with much better accuracy the more data it is fed. It allows users to search language, monitor real-time data streams, and mine logs and big data for patterns.

Kaspersky Lab Detects New MacOS X Backdoor Variant

A new APT campaign using MacOS X backdoor variant was intercepted by Kaspersky Lab. It is targeting Uyghur activists. Contained in a zip file and attached in emails, it’s a new, undetected version of MaControl backdoor on both i386 and PowerPC Macs. It will install itself in the system when opened and immediately connects to its Command and Control server for instructions.

No more Internet for 58 Fortune 500 Companies in a Week

After the DNSChanger incident, Fortune 500 companies were given a 2-month safety net deadline to set up replacement DNS servers that resolved DNS queries from infected machines. However, 12 percent of the companies still have at least one infected machine. The extended safety net ends on July 9 so that means companies who fail to act by then will be unable to use the internet. Without a DNS server, sending emails and surfing the web will not be possible.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU