Cyber Security News Update
– A lot has happened in the Cyber Security world recently, so without further a do let’s dive right in!
The white hat hacker behind the WannaCrypt fix has been arrested for his connection to the Kronos malware that was used in attacks against financial institutions in 2014. Marcus Hutchins was arrested in McCarran International Airport before he could board a return flight to his home in the United Kingdom. He has been charged with conspiracy to commit computer fraud and abuse, distributing and advertising an electronic communication interception device, endeavoring to intercept electronic communications, attempting to access a computer without authorization by Attorney Gregory Haansted. These charges stem from the allegations that Mr. Hutchins is the creator of the Kronos malware, which was sold on AlphaBay to anonymous buyers. Kronos is still active, and was seen in use in 2016. Hutchin’s involvement came about as part of those caught up by AlphaBay being shut down by the authorities. Arrests are still ongoing from the users of AlphaBay and other similar services.
Source: WannaCry Hero Arrested on Kronos Malware Charges
Russia‘s cyber activities have been under serious observation since the 2016 election, and now it seems that they are increasing. APT28, Apartment 28 or Sofacy is the prime suspect for a string of attacks against hotels in Europe and the Middle East. These attacks use the NSA hacktool EternalBlue, which was released into the wild by hacktivists. The attacks goals was to steal the personal information of travelers, and they seem to have been effective in achieving their goal. An infected router would collect, crack and transmit the data of anyone logging onto the hotel WiFi. From there the user’s device is infected as well, and the network of infected devices as travelers leave to return home. Their home, and business, networks are infected by EternalBlue when they go home or return to work. This allows access to the other users on the same networks, causing the attack to spread even further. Remember while traveling, your hotel’s WiFi is not secure. No WiFI should be treated as secure while traveling, and if you must access a sensitive file use a VPN.
Source: APT28 USING ETERNALBLUE TO ATTACK HOTELS IN EUROPE, MIDDLE EAST
The Internet of Things (IoT), is the next Big Thing in the technology world. The idea of your devices being interconnected, seamlessly communicating your preferences with each other. Refrigerators that know when you need to go grocery shopping, thermostats that know when you’ve left your house and doorbells that connect to your phone. All of these technologies rely on constant communication between the devices, which means they’re a huge target for hackers. If an attack can break through into your IoT then a massive amount of data is exposed to them, and diagnosing the attack could be extremely difficult. How would you tell that you’re toaster oven is now the hub for an invasive attack that’s stealing your keystrokes from your desktop upstairs? The Devil’s Ivy vulnerability, initially found in security cameras, is actually due to a weakness in their underlying programming. This vulnerability is found in a large amount of IoT devices, but a patch was released by the developer (Genivia) within 24 hours of being notified of the issue by Sernio, a cyber research firm. The issue raised by this opening is that many modern devices use similar, or the same, base programming as each other. A security flaw at the base level means many products could become vulnerable at once.
Source: Open Source Flaw ‘Devil’s Ivy’ Puts Millions of IoT Devices at Risk