news200214

FFT news digest Feb 14 2020

Mac attack

It's a long while since Mac owners could largely ignore the threat of malicious software, but new figures suggest that Mac machines are increasingly being targeted by criminals. According to antivirus company, Malwarebytes, last year saw a 400% increase in malicious activity, and the number of threat detections per Mac was nearly double the figure for Windows machines. More positively, the key threats to Macs are less serious than those targeting Windows. The two key issues highlighted by Malwarebytes are NewTab, a fake browser extension that loads advertisements rather than actually do anything useful, and dodgy programs (known as Potentially Unwanted Programs) from a less than reputable developer, PCVARK. The figures mean an antivirus program is essential for Mac users, as is making sure updates are installed when they're released.

How marketing really works

Billionaire businessman and would-be US presidential candidate, Michael Bloomberg, has been up to no-good with his campaign website. A researcher found that pop-up messages saying someone had just signed up as a volunteer was actually generated by a piece of code, rather than by reality. The feature now appears to have been removed. Why does this matter? Because studies have shown how effective this type of message (known as a 'social proof nudge') can be. So those messages on travel websites saying "2 people have just booked this hotel"? Same idea. Any doubt about the intentions behind the design of Bloomberg's website should be dispelled by the title of the code that generated the artificial messages. It was called "FOMONotifications".

Data breach mayhem

No-one really knows how many records have been exposed in data breaches, but we do know that there is a crisis that is completely out of control. Risk Based Security's latest report says the total number of leaked records reached an extraordinary 15.1 billion in 2019, a 284% increase over 2018. More worryingly, that rise came despite the number of reported incidents growing by only 1% for the same period. Four breaches accounted for 93.5% of the exposed data, with open and misconfigured databases providing the common cause. In a separate report, IBM warns that, while phishing remains popular among attackers, there was a sharp rise in exploits of known vulnerabilities (from 8% in 2018 to 30% in 2019). In the UK, analysis of reports to the data protection regulator found user error caused 90% of cyber data breaches last year. That's why we believe it's essential to make sure everyone in an organisation - and at home - understands why cybersecurity is so important.

Cybercrime

It's trivially easy to set yourself up as a cyber criminal, so it's hardly surprising that the FBI says last year saw another huge rise in complaints...and $3.5 billion in losses. The Internet Crime Complaint Center (IC3) received nearly half a billion complaints last year involving a wide variety of scams, led by phishing in various guises. People over the age of 60 lost the most as a whole, but under 20s were hit hardest individually. The amounts involved can be small - but when it comes to business email compromise the sums are much higher. The FBI warns that criminals are growing ever more sophisticated. “It is getting harder and harder for victims to spot the red flags and tell real from fake,” the IC3 said. Email remains a common tactic, but text and voice messages, and fake websites are increasingly being used. The IC3 gathers data from around the world. After the US, the UK has the highest number of victims of cybercrime, it says.

Supply chain risks

Compromising the supply chain is the holy grail for cyber attackers and the FBI has warned organisations about an ongoing effort that's targeting software vendors. Supply chain attacks are a particular risk for the media sector (where we do much of our work), but the latest warning is specifically targeted at the healthcare, energy and financial industries. ZDNet reports that the FBI's alert did not identify any specific software providers or other victims. Ensuring there is a process to identify any potential issues with the supply chain is an essential element in establishing a firm foundation for an organisation's security. The UK's National Cyber Security Centre has detailed advice on some of the steps that can be taken to secure the supply chain, with practical examples and best practice.

Spy stories

China was behind the Equifax data breach that spilt the personal data of 145 million people, according to the US Justice Department. It has charged 5 members of China's People's Liberation Army with attacking the credit reference agency. As the court documents make clear, Equifax could hardly have made the attackers' job easier. It failed to update a vulnerability in its online dispute portal, leaving the door wide-open for the attackers to wander through. Meanwhile, an extraordinary tale from the Cold War lays bare the extremes to which the US and its allies were willing to go to spy on their enemies. The Washington Post and other media outlets confirmed long-standing rumours that the CIA and its West German counterpart bought a Swiss encryption company so that they could read the content of supposedly secret messages. Switzerland says it's investigating.

In brief

Depressing news for Valentine's Day. 27% of people who used dating websites last year were targeted by fake personas, according to the UK banking industry. UK Finance

Hundreds of sites are hosting bundles of malicious software masquerading as free downloads of this year's Oscar-nominated movies. Kaspersky

63% of employees have created at least one account without their IT department's knowledge, according to a survey by 1Password. Think this isn't happening in your shop? Think again!

Preinstalled software that comes with devices has been shown repeatedly to be a security risk (our view is it should be banned). Dell is the latest offender, admitting to a serious issue with its SupportAssist product.

Elderly people are at particular risk from cyber criminals (as anyone with an aged relative will know). One third of victims who lost money (in the US) are 80 or older. Consumer Financial Protection Bureau

A really good reason to make sure your WiFi network has a strong password. The Emotet Trojan has been spotted spreading from an infected system to nearby WiFi networks by exploiting weak passwords. Binary Defence

Not a great week for Apple. First, South Korean Oscar winner, Taika Waititi, used his win to take aim at Apple's keyboards ("it makes me want to go back to PCs.") Then France fined Apple €25 million for intentionally slowing the performance of older iPhones.

Updates

Microsoft: Fixes for 99 vulnerabilities, including an Internet Explorer issue that is known to have been exploited. 12 patches are categorized as Critical.

Exchange: Microsoft is recommending administrators disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks.

Adobe: Fixes for 42 vulnerabilities across Framemaker, Acrobat and Reader, Flash Player, Digital Editions and Experience Manager.

Firefox: Firefox 73 fixes high-severity issues. Close and restart to install.

Intel: Patches for several serious vulnerabilities. Actual updates will be issued by manufacturers.

Tails: Version 4.3 addresses "many security vulnerabilities".

Thunderbird: version 68.5.0 available via email client or as direct download.

SAP: 13 new Security Notes and updates to two previously released Security Notes.

Ubuntu: Fourth maintenance update for current Ubuntu LTS (Long Term Service) release (18.04.4 aka Bionic Beaver).

WordPress Serious vulnerability found in widely used GDPR cookie consent plugin. Essential to ensure update (version 1.8.3) has been installed.

Zimbra: Patch 7 released for Zimbra 8.8.15 “James Prescott Joule” GA release.