Tag Archive for: face

Gateway Casinos in Ontario face long road to recovery after ransomware attack, expert says

/in



Several casinos in Ontario remain closed nearly two weeks after a cyberattack, with no official reopening date.


The ransomware attack that knocked the servers out to Gateway Casinos facilities was first detected on April 16.


Technology analyst Carmi Levy said the situation is the digital equivalent of recovering from a major fire or similar disaster.


“It’s as bad as it gets. And unfortunately, the damage is going to take years to undo, even if they are able to undo it,” the London, Ont.-based digital expert said. “You don’t just flip a switch and come back on.”


On Thursday, Gateway posted online it hopes to reopen using a phased approach “later this week; however, the reopening timeline depends on the pace of restoration and approval by regulatory bodies.”


The cybersecurity incident impacted operations to 14 casinos, including Casino Rama in Orillia, Georgian Downs in Innisfil, and Playtime Casinos Wasaga Beach.


According to Levy, the recovery procedure is a “multi-faceted, multi-staged process” involving highly-trained people.


“We call these ‘business killer events’ for a reason. Many companies that are targeted successfully by ransomware never fully recover. The direct costs will be into the millions if not the tens of millions or beyond,” the tech analyst said.


While the company has said there is no evidence to believe customer’s data was breached, Levy believes it’s possible.


“There is a very strong likelihood that it has been – that it is either being bought and sold on the dark web or will be at some point in time because all of these ransomware events tend to play out in the same way. There’s no coming back from that. ,” he noted.


While Casino Rama’s gaming floor remains closed to gamblers, the Orillia facility welcomed back concertgoers Thursday night in an attempt at getting some operations back to normal.


“The concert was very well attended, and people seemed very excited to be there,” said Rob Mitchell, director of communications at Gateway Casinos and Entertainment Limited.


A Scotty McCreery concert is scheduled to go ahead on Saturday.


Still, the digital analyst believes Gateway will have a long road…

Source…

Browser Makers and EU Face Off Over QWACs

/in


EU Set to Approve Revised ID Framework to Digitize Public Service Access by 2030

Akshaya Asokan (asokan_akshaya) ,
David Perera (@daveperera) •
April 25, 2023    

Browser Makers and EU Face Off Over QWACs
Quack! (Image: Shutterstock)

A European effort to wrest greater control over the infrastructure underpinning internet encryption has some security experts warning about degraded website security.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

The European Union is on the cusp of approving a revised identity framework intended to digitize access to key public services for the majority of Europeans by the start of the next decade (see: European Digital Identity Bill Heads to Final Negotiations).

A section of the nearly complete update to the electronic identification and trust services regulations – better known as eIDAS – imposes a different kind of identity requirement onto web browsers. The goal, say proponents, is to increase online trust by requiring web browsers to display the identity of the organization that owns the site. That would be done by having browsers accept web certificates issued by entities designated by European governments as qualified trust service providers.

The certificates themselves are known as qualified website authentication certificates, or more commonly, QWACs, pronounced the way a duck would say it.

Underneath the arguments of proponents and critics lies ultimately a clashing set of assumptions about the function of web certificates. Proponents say they should be able to guarantee a website is trustworthy. For critics, the icon only means the connection is encrypted.

Quack! There’s a QWAC in the Root Store

Ordinary web users rarely pause to consider web certificates, but they’re a cornerstone of online security. They’re responsible for encrypting traffic as it lurches across the internet, making it safe for e-commerce sites to…

Source…

Novel face swaps emerge as a major threat to biometric security

/in


Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility for everything, from creating a bank account to applying for government services, according to iProov.

face swaps

To support this transformation, many organizations have adopted biometric face verification, as it is widely recognized as offering the most user-friendly, secure, and inclusive authentication technology solution.

Yet, as biometric face verification gains traction and becomes more widely adopted, threat actors are targeting all systems with sophisticated online attacks. To achieve both user friendliness and security, organizations need to evaluate their biometric solutions for resilience in the face of these complex attacks.

Digital injection attacks are evolving

Digital injection attacks – where a malicious actor bypasses a camera feed to trick a system with synthetic imagery and video recordings – occurred five times more frequently than persistent presentation attacks (i.e., showing a photo or mask to a system) on web in 2022.

This is due to both the ease with which they can be automated and the rise in access to malware tools. More than three-quarters of malware available on the dark web is available for under $10 USD, and with the rise of malware-as-a-service and plug-and-play kits, just 2-3% of threat actors today are advanced coders.

Mobile platforms were also identified as increasingly vulnerable, with attacks now using software called emulators, which mimic the behavior of mobile devices. The report warns organizations against relying on device data for security, with a massive 149% increase in threat actors targeting mobile platforms in the second half of the year compared to the first.

“Our analysis shows that the online threat landscape is always rapidly evolving,” said Andrew Newell, Chief Scientific Officer at iProov. “The 149% increase in attacks using emulators posing as mobile devices is a good example of how attack vectors arrive and scale very quickly. We have seen a rapid proliferation of low-cost, easy-to-use tools that has allowed threat actors to…

Source…

Consumers Face Greater Risks From Malware But Many are Unprepared and Vulnerable

/in


Consumers experience the same malware threats as do businesses, but are often victimized by inadequate cybersecurity protections, ReasonLabs reports.

Credit: Getty Images

by D. Howard Kass • Jan 23, 2023

Many consumers face the same malware threats as do businesses, yet they are often victimized by inadequate security to protect themselves from cyberattacks. In many cases, the resources to defend their home networks and devices, ReasonLabs said in a new report.

A good deal of individuals and home users also are saddled with using legacy anti-virus products with antiquated engines that need to be replaced, the New York-based, consumer-centric security provider said:

“One commonality that unites most individuals or home users, no matter where they are in the world or what their socioeconomic status might be, is a lack of adequate cybersecurity with the capabilities of protecting their devices and home networks from next-generation threats.”

Key Findings From the Report

Here are the study’s findings:

  • The emergence of the metaverse and increased adoption of IoT devices carry new cyber risks, such as the metaverse attack vector identified by ReasonLabs researchers in 2022.
  • Malicious web extensions are becoming more and more prevalent; 15% of all malicious extensions detected throughout 2022 came from users in the United States.
  • Trojanized software, such as coin miners, backdoors, infostealers, remote access trojans (RATs), and spyware, continues to be a top threat to home users and remote employees, as they accounted for 31% of all detections.
  • The rise in HackUtilities detections from 4% in 2021 to 20% in 2022 demonstrates that online piracy — the use of pirated or cracked software and applications — is either at or near an all-time high.
  • Cyber warfare is increasingly impacting average citizens around the world, with the most notable examples in 2022 coming from Russia’s war in Ukraine. The study found a large increase in detections in Ukraine throughout February compared to January, signaling that Russia’s invasion was also paired with cyberattacks.
  • The…

Source…