Tag Archive for: learned

Hackers for sale: what we’ve learned from China’s enormous cyber leak | Technology


A enormous data leak from a Chinese cybersecurity firm has offered a rare glimpse into the inner workings of Beijing-linked hackers.

Analysts say the leak is a treasure trove of intel into the day-to-day operations of China’s hacking programme, which the FBI says is the biggest of any country. The company, I-Soon, has yet to confirm the leak is genuine and has not responded to a request for comment. As of Friday, the leaked data was removed from the online software repository GitHub, where it had been posted.

From staff complaints about pay and office gossip to claims of hacking foreign governments, here are some of the key insights from the leaks:

Who got hacked?

Every day, workers at I-Soon were targeting big fish.

Government agencies of China’s neighbours, including Kyrgyzstan, Thailand, Cambodia, Mongolia and Vietnam, had websites or email servers compromised, the leak revealed. There are long lists of targets, from British government departments to Thai ministries. I-Soon staff also boasted in leaked chats that they secured access to telecom service providers in Pakistan, Kazakhstan, Mongolia, Thailand and Malaysia, among others. They named the government of India – a geopolitical rival of Beijing’s – as a key target for “infiltration”. And they claimed to have secured back-end access to higher education institutions in Hong Kong and self-ruled Taiwan, which China claims as part of its territory. But they also admitted to having lost access to some of their data seized from government agencies in Myanmar and South Korea.

Other targets are domestic, from China’s north-western region of Xinjiang to Tibet and from illegal pornography to gambling rings.

Who was paying I-Soon?

Judging from the leaks, most of I-Soon’s customers were provincial or local police departments – as well as province-level state security agencies responsible for protecting the Communist party from perceived threats to its rule. The firm also offered clients help protecting their devices from hacking and securing their communications – with many of their contracts listed as “non-secret”.

There were references to official corruption: in one chat, salesmen discussed selling the company’s…

Source…

Lessons Learned from Real-World Incidents


IoT Security Case Studies: Lessons Learned from Real-World Incidents

The Internet of Things (IoT) has rapidly transformed the way we live, work, and communicate, connecting billions of devices worldwide. However, this rapid expansion has also exposed numerous security vulnerabilities, leading to high-profile incidents that have had significant consequences for individuals, businesses, and governments. By examining these IoT security case studies, we can gain valuable insights into the challenges faced and lessons learned from real-world incidents, helping to improve the security of IoT devices and networks in the future.

One of the most well-known IoT security incidents occurred in 2016 when the Mirai botnet was used to launch a massive Distributed Denial of Service (DDoS) attack against the DNS provider Dyn. The attack caused widespread internet outages, affecting major websites such as Twitter, Netflix, and Reddit. The Mirai botnet primarily targeted IoT devices, such as security cameras and routers, exploiting weak default passwords to gain control over them. This incident highlighted the importance of strong, unique passwords for IoT devices and the need for manufacturers to prioritize security in their products.

Another notable IoT security case study involves the St. Jude Medical implantable cardiac devices, which were found to have vulnerabilities that could allow hackers to remotely access and control the devices. In 2017, the US Food and Drug Administration (FDA) issued a recall for these devices, affecting nearly half a million patients. This incident underscores the critical importance of securing IoT devices that directly impact human health and safety, as well as the need for rigorous testing and regulatory oversight in the medical device industry.

In 2018, a casino in North America fell victim to a cyber attack that resulted in the theft of 10 gigabytes of sensitive data. The attackers gained access to the casino’s network through an internet-connected fish tank, which was not properly secured. This incident demonstrates that even seemingly innocuous IoT devices can serve as entry points for cybercriminals, emphasizing the need for comprehensive network security…

Source…

Data Breaches in the Ransomware Era: Lessons Learned


Events
,
Fraud Management & Cybercrime
,
Ransomware

BH Consulting CEO Brian Honan on the Importance of Data Logging and Monitoring

Brian Honan, CEO, BH Consulting

The lack of proper monitoring and logging can make it difficult for companies to effectively address breaches. Many companies do not have logs turned on or do not properly configure them to track and record what is necessary. Without logs, the response to a breach can be significantly slower.

See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources

Monitoring and logging also must consider privacy concerns because personal data could be contained in the logs, said Brian Honan, CEO of BH Consulting. He also stressed the need to comply with the General Data Protection Regulation.

“GDPR has brought data protection to the fore. It also has put more focus on cybersecurity as to how we protect that personal data,” Honan said.

In this video interview with Information Security Media Group at RSA Conference 2023, Honan also discusses:

  • The rise of artificial intelligence and its implications for privacy;
  • Potential consequences of data gathering;
  • Regulations and frameworks related to cybersecurity and personal data protection in the European Union and United States.

Honan is a recognized industry expert on information security, providing consulting services to clients in various industry segments. His work also includes advising various government security agencies…

Source…

5 IoT Security Fails of Smart Devices And Lessons Learned5 IoT Security Fails Of Smart Devices And Lessons Learned


Hackers are already eyeing unprotected IoT devices every user has in their homes. These small components are a default technology that manufacturers put in all sorts of devices — from baby monitors, printers, and pacemakers to smart TVs.

With billions of Internet of Things devices that are globally connected and sharing what is often sensitive user data, we need to talk about IoT Security.

From harmless pranks to life-endangering hacking, vulnerable IoTs can cause quite a stir. What can we learn from IoT hacking incidents that happened in recent years? Why is putting the best security practices for IoT devices so challenging?

Hacking of Amazon’s Ring Cameras

In 2020, several of Amazon’s Ring security systems, which feature a camera and two-way communication, were hacked. A home security camera allowed strangers to communicate with children. Some people even received death and sexual threats, while others were blackmailed.

This security incident might ring a bell if you’re seen the reports of the class action against Amazon in the news.

What happened, exactly?

Hackers broke into the Ring account linked to the camera, exploiting Amazon’s lax security practices. As a response, Amazon urged customers to change their passwords to stronger ones and enable two-factor authentication.

The security lesson that was learned in this IoT hacking case?

Users have an inherent trust in the technology they purchase — they believe that it’s safe and that it’s not their job to secure it. Pinning the cyber incident on them and failing to improve the security measures is a poor way of handling a security problem.

Roomba Recording Woman On the Toilet

In 2020, workers from Venezuela posted a series of images shot by a robot vacuum, Roomba — raising major data privacy concerns. One of the images captured a woman sitting on a toilet.

This was possible because the data uploaded in the cloud via the IoT device was not secured enough.

Roomba confirmed that the images were, in fact, shared by the robot vacuum. Also, it claims that the images stem from the training of the robot in the development stages and that this version is not the one available on the…

Source…