Tag Archive for: hacking

Minnesota man charged in hacking MLB and for trying to extort the league

/in


A Minnesota man has been charged with hacking into computer systems used by Major League Baseball and trying to extort the league for $150,000, the U.S. Attorney’s Office of the Southern District of New York said Thursday.In emails with an MLB executive, Joshua Streit, 30, threatened to publicize the vulnerability that he used to access the league’s website for streaming live games before asking for $150,000 for finding the technology flaw, according to charging documents.Streit allegedly renewed his extortion attempt in September, at a time of heightened scrutiny for the MLB as it was preparing for the playoffs. The news comes ahead of Game 3 of the World Series between the Houston Astros and Atlanta Braves.A Twitter account listed in the criminal complaint as belonging to Streit did not respond to a request for comment on Friday. James Becker, an attorney listed for Streit in court records, did not respond to requests for comment.The charges against Streit, who is also known as Josh Brody, include wire fraud, illegally hacking into a computer for the purposes of fraud and “sending interstate threats with the intent to extort.” The maximum sentence for each individual charge ranges from two to 20 years in prison.Streit is accused of illegally streaming copyrighted live games from the MLB, National Basketball Association, National Football League and the National Hockey League. To do that, prosecutors allege, Streit used stolen login credentials to access the sports’ websites and stream live games to his own website for profit.One of the sports leagues lost almost $3 million because of Streit’s actions, the U.S. Attorney’s office said in a press release.A LinkedIn profile listed in the complaint as belonging to Streit describes him as a software engineer living in the Minneapolis area.During an initial court appearance Thursday in the U.S. District Court for the District of Minnesota, a judge ordered “temporary detention” for Streit pending a Nov. 1 hearing, according to court documents.A spokesperson for the MLB declined to comment. Neil Boland, the league’s chief information security officer, did not respond to requests for comment.The MLB is no stranger to…

Source…

CompoSecure releases Arculus solution to reduce fraud and online hacking

/in


US-based card manufacturer CompoSecure has launched Arculus, a business solution to protect customer data and prevent fraud.

Working with Nok Nok Labs, CompoSecure has developed this FIDO-enabled ‘internet ID and payment card’ technology as a virtual key for the authentication of a user into almost any digital service (website, mobile app, digital payment, social media, etc.).

Ecommerce is a primary use case for Arculus, as global retail sales are expected to reach USD 4.9 trillion this year, according to the press release. The Arculus multi-factor identity authentication can stem the flood of payment fraud that happens every year, which is estimated to cost merchants USD 40.62 billion in losses by 2027, according to data put forth by the company in the press release.

Arculus expects to integrate its digital security technology into a business’ legacy payment platform, providing key-based security.

Source…

Most of auto industry, including vehicles themselves, vulnerable to hacking

/in


As cyber threats increase, automakers and regulators are scrambling to safeguard an automotive industry as interconnected as the vehicles being produced.

A wave of thefts of luxury vehicles in Ontario shows that hackers are finding openings. In Ottawa, nearly one of every four stolen vehicles is a Lexus or high-end Toyota, taken by thieves who hack the vehicles and then drive those vehicles to Montreal for shipment across the world, say police. The thefts have prompted increases in security.

But while those thefts get attention, security experts warn that much of the industry’s exposure lies below the surface.

“People need to be aware that it’s possible to hack a vehicle, to hack the infrastructure, to hack manufacturers and their supply chains — that’s all possible to do right now, today,” said François Couderc, a Quebec City based cybersecurity specialist with the defence contractor Thales Group.

Companies are reluctant to say they’ve been hacked, fearing repeat attacks and customer and shareholder anxiety, Couderc said.

However, nearly one-third of suppliers responding to a survey by KPMG and the Automotive Parts Manufacturers’ Association (APMA) reported suffering a cyber breach in the past year. Phishing attacks — in which an employee clicks on an email link that spreads malware throughout a poorly secured network — are an easy way in.

“Given the move to people working remotely, given the move to working in the cloud, this didn’t surprise me,” John Heaton, a partner in KPMG’s cybersecurity practice, told Automotive News Canada.

More concerning, Heaton said, was a finding that just 32 per cent of respondents have an enterprise-wide cyber strategy. In an intertwined industry with its vast range of entry points, trouble can spread fast.

‘A LOT OF PLACES TO ATTACK’

“It’s a global market,” Heaton said. “You source globally, and you’ve got a supply chain that is quite transparent. The [automaker] shares with the Tier 1, who shares with the Tier 2 … but that sharing of data and that [vehicle] product, which is ultimately a moving computer, creates a lot of places to attack.”

A “Closing the Cybergap” plan issued in February by…

Source…

Hacking the World – Part 4: The Cost and Future of Hacking (Plus: Safety Tips)

/in


Each week in October, as part of Cybersecurity Awareness Month, we’ll publish an article packed with facts and stats, to give you an in-depth look at the state of cybersecurity in today’s world. We’ll start with the basics, then cover vulnerabilities, risks, costs – and much more.

We finish our four-part Hacking the World serie with two key questions: how much does hacking cost the world at large, and what’s coming up next? We’ll cover some of the biggest, costliest data breaches and then take a peek at what the future holds for hacking. To round out your read, we’ve also compiled a few basic cybersecurity tips, to help keep you cybersafe.

Before looking ahead, a reminder that we’ve covered the basics, what’s being hacked (with Covid updates), and the who and where of hacking. For a refresher of key hacking terms and definitions, read our helpful cybersecurity glossary from Part 1.

Jump to a section below, or read on:

The Cost of Hacking

The Future of Hacking

Safety Tips to Prevent Cyberattacks

The Bottom Line

The Cost of a Breach 

Data breaches cost time and money. Lots of it.

In addition to covering the immediate damages of a cyberattack, companies must pay out compensation and data protection fines, all while investing in cybersecurity systems. The downtime and consequently lost business of a breach add substantial costs too.

The Growing Cost of Cybercrime

The monetary damages of cybercrime are already sky-high and they’re only heading in one direction.

More and more, businesses are turning to digital solutions. Expect cyberattacks to advance in complexity and regularity as companies pursue fresh web-based systems and cybersecurity departments play catch-up.

Top 10 Costliest Breaches

It’s only right that we take a look at some of the most financially devastating breaches of all time. 

The costliest breach on this list is Equifax, though, when we dig into the numbers, data breach costs can be somewhat of a grey area.

Sometimes costs are not completely disclosed or are not entirely calculable. Experts predicted that Epilson’s data breach could reach a whopping $4 billion, for example, while the Marriott breach may have cost closer to $1 billion…

Source…