Instigate a Botnet DDoS Attack

Want to make a quick buck and don’t mind breaking a few laws in the process? You’re in luck – find the right people on the Dark Web and get ready to have botnet DDoS attack source code that can take down servers with a click of a mouse. But, when we really look at the details, just how many people are able to get their hands on these attacks, and what does this mean for the safety of your company’s vulnerable data?

A few months ago, source code for the botnet DDoS attack nicknamed “Mirai” was released online. For those that aren’t familiar, the botnet DDoS attack in question is the Mirai malware, designed to scan the Internet and infect easy-to-hack devices, with the ultimate goal of controlling them in future cyber attacks. Not impressed? Consider the following: hundreds of thousands of attackers taking control of your child’s IoT-connected toy, or even your office refrigerator, and turning them into cyber attack bots. It is an unfortunate, yet very possible, reality.

The botnet DDoS attack source code is available for anyone to use. However, according to sources at Digital Shadows, the firm that discovered the source code post, many of those interested in utilizing the source code are commonly known as “skids”, slang for those who can’t hack. This is where more experienced hackers come into play – by offering paid tutorials to less-skilled attackers, they can make a few extra bucks on the side while still utilizing the very botnet DDoS attack they’re teaching others to use.

What does this mean for individuals and companies in the IoT-connected world? At the end of the day, working with cyber security experts with management and monitoring experience is essential to ensuring the continued protection of your vulnerable data. Whether your organization is big or small, for-profit or not, utilizing cyber security protection from the experts at Neovera or other firms, will give you, your employees and customers piece of mind that new cyber attacks won’t stand a chance.

Are You The Next Medjacking Victim?

IoT-connected devices are in the news for all the wrong reasons lately – and this particular one is a doozy. “Medjacking” isn’t a term often found in the day-to-day lexicon but it should be, especially since it could become a matter of life or death.

Potentially affecting devices like pacemakers and x-ray machines, medjacking is defined as hacking into a device with the express intent to harm the patient being treated. Once a tall tale, it has become a serious concern to the point that the FBI issued a warning this past year to current and future patients, along with medical facilities utilizing these IoT-connected devices. Still not convinced? Imagine that a hacker weaseled their way into your loved ones pacemaker, an instrument essential to their livelihood. In exchange for releasing their control, they demand an exorbitant amount of money for the ransom payment. This situation could easily become a reality if proper security protocols are not taken by device companies, the hospitals that use them and the patients that rely on them every day.

After receiving a heart defibrillator, former Vice President Dick Cheney immediately had the wireless option disconnected and cited medjacking as his reasoning for doing so – keep in mind that was in 2007. Considering the leaps and bounds both hackers and cyber security protection options have taken, now is the time to consider the options organizations and patients have to protect themselves before it’s too late. On the patient side, knowing whether the device has wireless capabilities is half the battle. If that is the case, understand whether that feature can be turned off, or if it can’t, how to properly safeguard the device. For larger medical organizations dealing with IoT-connected devices within their office walls, having a managed and monitored cyber security services provider will not only allow for a fully secured environment, but lends itself toward the ideal of a firm that is able to grow and expand without the hinderance of a possible cyber attack.

DDoS Attacks Take Down the Internet

If you were unable to access Spotify, Twitter, or a number of other popular websites last Friday, it’s not a coincidence – according to various reports, a major DNS provider experienced one of the largest recorded DDoS attacks to date via IoT-connected devices. New details are constantly emerging about this attack, though while no one has come forward yet to take credit. Questions are being raised about how IoT-connected devices will impact our future security positioning, when another attack will happen, and how we can learn from this unfortunate series of incidents.

The Chief Strategy Officer at Dyn, Chris York, released a statement about the attack incidents this past Saturday – here are some key takeaways:

  • Two successful DDoS attacks occurred – 7AM and 12PM, respectively – with service being restored within 1 – 2 hours for both.
  • A third attack was attempted around 1PM but ultimately failed.
  • The first attack hit those on the East Coast, barring users from entering popular websites due to the influx experienced by Dyn’s NOC (Network Operations Center).
  • The second attack was global and not limited to just the East Coast POPs (Point of Presence); it was mitigated and Dyn restored service by 1PM EST.
  • There was never a system-wide outage – for example, West Coast users were not affected like their East Coast or European counterparts.

DDoS attacks are scary to consider, and while Dyn was absolutely taken aback by the largest DDoS attack to date, this is nothing new or surprising. Here’s why:

  • IoT-connected devices were used to deliver the Mirai botnets that ultimately staged the DDoS attacks at three different points throughout the day.
  • Mirai botnets are well-known in the cyber security community and have wreaked havoc in the past to the point that there should have been blockades in place.
  • DNS providers did not implement Network Ingress Filtering, Best Current Practice (BCP)-38, and Response Rate Limiting (RRL), all of which would have made the outcome of these events very different.

Tens of millions of IP addresses were associated with the Mirai botnet to pull off what is considered to be an historic DDoS attack. Does this bode well for the future of IoT devices? Yes and no. The IoT as we know it is ever expanding – refrigerators are connected, along with children’s toys, toothbrushes, the list goes on. However, in order to avoid these large-scale DDoS attacks, security protocols need to be implemented in future devices, and security updates need to be required for all current market models. These types of attacks will continue to happen, but only until the producer and consumer realize the grave necessity of complete cyber security protection.

Financial Services Sector: Defend Your Cyber Security

As an entity in the financial services sector, are you doing enough to protect your data and hard-earned money from cyber crime? Whichever your role may be in the financial services sector – small bank, credit union, money manager, investment adviser – the status of your cyber security protection plan is paramount to sustaining continued growth while still adhering to regulatory compliance standards. As it stands currently, the SEC is the governing body of the financial industry, but their cyber security measures are limited. Congress eventually joined the fight, passing The Cyber Security Information Sharing Act that outlines the government’s communication avenues about cyber security, and the Cyber Security National Action Plan, allocating more money toward fighting cyber crime.

So, what can be done in order to decrease the cyber attack risk for financial services firms? Below are key points from PwC’s article “Turnaround and transformation in cybersecurity: Financial services”:

  • Being aware of security protocols/standards of third-party vendors and holding them accountable: Whether they handle your HVAC or security system, connectivity to IoT and having proper cyber protocols in place is the difference between continued growth and stopping short due to a surprise hack.
  • Keeping up with the rapidly evolving, sophisticated, & complex technologies: Cyber security protection cannot just be one firewall, or anti-virus program; a multi-step, internal and external facing managed and monitored system is the answer – for now.
  • Understanding that an increase in mobile device usage means a larger, more inclusive cyber security plan: Over 30% of users have been attacked because of their mobile device usage. The assumption that cyber attacks only occur on desktops is a thing of the past.
  • Tracking, understanding and protecting from security threats outside the country: State-sponsored attacks and hackers from outside US jurisdiction use their location to their advantage. Be vigilant in your cyber security protection protocols and stop them before they even start.

This isn’t rocket science – the financial services sector has an obligation to their clients to provide every available security measure when it comes to protecting the assets that have been entrusted unto them. Now, the points above speak to ideas like employee education, pre-planned disaster recover options; it’s a lot for any company to take on in-house, especially if they don’t know where to start. Having a cyber security management and monitoring firm such as Neovera provide 24x7x365 support and protection for your vulnerable data is the difference between proactive and reactive organizations. Be proactive when it comes to cyber security protection – your clients will thank you.

Cyber Warfare: The Biggest Challenge Facing the Next President

“Well, I think cyber security, cyber warfare will be one of the biggest challenges facing the next president…” With one of the largest audiences in the history of televised presidential debates, the candidates did not shy away from pressing topics, one being cyber warfare. A significant player in this year’s election cycle, it is a necessary conversation to have – regardless of political affiliation. Cyber crime is an issue that has plagued organizations, corporations, individuals and beyond. The private sector has yet to fully embrace the severity of possible cyber warfare, and that the public sector has yet to truly catch up with the latest technology, both need to work together and separately so everything within the IoT is fully and completely secure for a more reliable experience.

Let’s look at the staggering cyber warfare facts from this year alone:

  • 1 in 5: The ratio of small businesses that fall victim to hackers every year.
  • 60: The percentage of said small businesses that go out of business within six months of the attack.
  • $551,000: The average amount spent to restore network operations after a significant data loss event.
  • 34: The percentage of security incidents caused by someone clicking on an errant link or advertisement or visiting a compromised website.
  • 36: The percentage of employees exploited via their mobile device.
  • 40: The percentage of large enterprises who are confident in their suppliers’ information security system.
  • $1 Billion: The amount of money spent freeing networks and data from the aftermath of ransomware attacks.
  • 90: The percentage of organizations that have experienced some type of external threat.
  • $942,000: The average amount enterprises spend to handle a breach in a virtual environment.

Cyber warfare, on both a large and small scale, can impact any citizen, or group of citizens, at any time. Who could forget the attack by China on the Office of Personnel Management this year that resulted in countless unencrypted pieces of data getting into the wrong hands. Cyber security protection is beyond necessary, and of the utmost importance. Given the current cyber crime landscape today, the concern is no longer IF but WHEN an organization will be attacked. Safeguard the security of your critical data by implementing a solid cyber security plan that includes monitoring and management services by cyber professionals such as Neovera. You can rest assured that we will protect your vital information from cyber threats at home and abroad.

How Will the US Govern Autonomous Vehicles?

Autonomous vehicles are trending toward becoming more of a general commodity – with Uber testing autonomous vehicles in Pittsburgh, Google continuing to deploy its faction near the California home campus, and multiple automobile companies investing in the technology for future mass production, now comes the time that the government steps in to regulate and hopefully continue to keep the roads as safe as possible. With the US Department of Transportation having just issued its own set of rules of the road for autonomous vehicles, a number of different topics must be considered when it comes to the technology used – namely, cyber security and big data.

Data collection is a major point to consider – not only will the government need to record all accidents that occur, but any malfunctions, upgrades, or general tweaks that need to occur must be logged by the manufacturer and available in accordance with their security and privacy guidelines as it relates to the company and owner of the vehicle. Furthermore, these vehicles may be able to take the data logged and continue to learn as they drive. With artificial intelligence coming further into the limelight, these vehicles should be able to, say, avoid a situation if it occurs multiple times.

Another is cyber security, something that has been a point of contention from the time that wireless came equipped in mass produced vehicles. Having covered this in past pieces on the Neovera blog, it’s safe to say that cyber security on autonomous vehicles is an entirely different animal to consider. An immediate thought is that, hypothetically, there wouldn’t be a “human override” in the car at some points, or even at all. Not only could a significant cyber attack harm the vehicle and anything its carrying, but it could even cause significant damage to whatever is around it. The Department of Transportation suggests that information be shared amongst automobile companies, and each vehicle with wireless capabilities should have robust, full-fledged mobile cyber security protection.

To be clear, everything that the US Department of Transportation released are all guidelines – they aren’t laws by any means, as those will most likely come much later. But given the grand scope of autonomous vehicles in the market already, and how this industry could continue to grow, more significant legislation is hopefully on the horizon. In the short-term, however, the argument is continually made for vehicles with wireless capabilities to have a solid cyber security protection protocol in place. When purchasing a vehicle, confirm that cyber security protection is available and working – if not, you are putting yourself, as the driver, and your passengers at risk each time you get behind the wheel.

 

A Threat to Road Safety: Hackers Target Big Rigs

Big rigs are a significant part of the shipping industry within the continental United States, hauling everything from furniture, food, gasoline and other uncontrolled substances. It would make sense that the safety of industrial vehicles within any vertical is a priority on all fronts; however, that doesn’t seem to be the case. White-hat hackers are continually coming up with innovative ways to hack everything from your refrigerator to your watch, and that doesn’t seem to be letting up as every device becomes more and more entrenched in IoT. How were these security gaps discovered, and what can be done to keep our drivers, in big rigs or any other vehicles, safe on the roads?

While the subject of industrial vehicle hacks has been broached previously, this particular discovery is unique in that the trucks themselves are being taken control of – not a third party application on which many drivers rely. Researchers from the University of Michigan were able to adjust speeds, decommission brakes, even alter the fuel gage, all through

The trucking industry operates on the J1939 standard, making it plausible that any big rig truck regardless of its age can be hacked using just one method. But this vulnerability doesn’t just stay within the industrial vehicle field – the banking industry and others all have protocols dictating that they abide by certain regulations and operate on the same network. While this is helpful for the industries in question, once a hacker is able to get into one security gap, they can exploit the rest of them fairly easily because there aren’t any other safeguards in place.

On the short-term, trucking industry standards need to be revitalized for the 21st century – sure, now hackers have to hardwire directly into a vehicle’s network, but what happens when they find a way around that and are able to access that same system remotely? In the long-term, compliance is key; obviously the entire trucking industry is compliant with the standards set for them currently, but those need to be shifted and strengthened. Until they are, these big rigs are the most vulnerable vehicles on the road.

Convention Hoopla and the Politics of Cyber Security

If you haven’t noticed, this year is an election year – the Republican National Convention wrapped up this past week, and the Democratic National Convention in Philadelphia is in full swing. Both require a great deal of cyber security management and monitoring, and while the Republican National Convention seems to have gotten off scot-free, the Democratic National Convention is still sorting through a mess of slick Russian tradecraft and a lot of finger pointing.

The DNC is dealing with a slew of leaked emails stemming from an APT attack over a year ago. Cozy Bear and Fancy Bear, the two hacker groups that initiated the attack, implemented a fairly simple spearphishing campaign that allowed them access to the network. Rooting around in the documents for over a year allowed them to leak damaging email communication that pointed to the supposedly unbiased group taking sides and supporting one candidate over the other. The findings ultimately resulted in the resignation of the chairwoman and an overall sense of embarrassment and confusing for the party and convention members.

The Republican National Convention was in the spotlight for everything beside cyber security-related gaffes. Those stories aside, the approach to creating a secured network for the RNC was pretty straightforward. One resource is monitoring the network for suspicious devices, which were booted if deemed harmful, and another conducted overall sweeps of the network and tracked the domain and IP address contact points. A potential headache that couldn’t be avoided – lest the user experience evolves into a negative one – was an open Internet connection. This is the easiest way for a hacker to gain access, but to create any security checks that impede the ease of accessibility would be convention suicide.

Large events like the Republican and Democratic National Conventions approach cyber security on a significantly different scale than most brick and mortar businesses but the core points are still covered. Managing and monitoring your network in order to keep secure data, well, secure, is a big job; Neovera has over 15 years of experience in an industry that is changing by the second. With our company behind the scenes, your company can excel and grow without being burdened by cumbersome IT issues.

Someone Is Using Your Social Security Number

Applications are created every day that assist with financial and social intricacies of everyday life; however, there is a unique program called Civic that sends notifications when a particular social security number is used online. At its core, the service is akin to Credit Karma or even the opt-in notifications from brick and mortar banks. However, third party vendors are involved, as well as a lot of additional sensitive information required by the service. Is signing up for a service such as Civic helpful enough in the long run that it outweighs the potentially significant cyber security gaps that could threaten your sensitive data even more?

An identity protection network, Civic, on a very simple level, sends notifications to the registered user if and when their social security number is used. And as an added bonus, you receive $1 Million worth of identity theft insurance in exchange for signing up. The payoff to companies is that, hypothetically, fewer fraudulent purchases will occur if people are able to monitor when their social security number is used. Essentially all parties involved lose money when a social security number is used fraudulently – the store has to cover the merchandise “bought” since it was basically stolen and they’ll never recoup those potential earnings, and the owner of the social security number has to jump through hoops to recreate their identity.

Before you run off to sign up for a Civic account, there are a few things to keep in mind. The identity protection network is working with three organizations that hold social security numbers: Onfido and GoodHire (background check companies) and TransUnion. And while these three companies are trusted in their fields they still hold the distinction of being third party vendors; basically, look before you leap. Also there’s the devil’s advocate argument – even if you’re taking steps to protect a valued asset such as your social security number on the Internet, your passwords, usernames, and other pertinent information are worth as much or more when it comes to your identity online.

Civic is in its infancy but brings another reminder of how sensitive and vulnerable our data is online and what needs to be done to protect it. Just as individual users ensure the safety of their home networks and the data within, Neovera knows that companies are equally pressed to provide top-tier coverage to the users visiting their sites and inputting their data on a daily basis. Providing exceptional managing and monitoring cyber security services for over fifteen years allows clients to rest assured when they have Neovera on their side.

Tesla: Technology – and Car – Company

Carmakers are quickly working toward full IoT integration with newer vehicle models, essentially creating rolling, horn-honking WiFi signals. It’s great in theory – many have touted the ease at which they can find a song to listen to or the best directions to get to their chosen destination. But, with the ever-expanding IoT comes a lot of overlooked security abnormalities; ones that, if continuously overlooked, can be taken advantage of and put lives in danger on the road at any time. Tesla, however, is considered to be one of the least hackable cars on the road today. What’s their secret, and how will other manufacturers follow suit, if they even can?

The title of this piece, “Tesla: Technology – and Car – Company”, speaks volumes to the operating procedures as cars continue to churn out under Elon Musk’s watchful eyes. Since Tesla got into the car manufacturing world after establishing its technological dominance, it has a unique standing in comparison to the rest of the proven veterans. For example, take two separate application issues experienced by Nissan and Tesla. Both companies had applications where, via touchscreen on a mobile device, the car could be commanded to unlock, start, or any other number of actions. Once a major security flaw was discovered on both – again, separate but fairly equal instances – Nissan’s immediate reaction was to halt the application and shut it down entirely. Tesla used their security team to not only fix the flaw but to create better protections against internal and external threats. This situation alone truly paints the picture of Tesla being a “Technology – and Car – Company”, and puts them in a league of their own when competing against car-making veterans.

Having a team of security professionals at the ready is putting Tesla at the front of the pack when it comes to embracing IoT as a car manufacturer. But this type of resource pays out similar benefits across industry lines. More and more companies are embracing IoT while not investing nearly as much as they need to protect their vital assets. That’s where a team of security professionals, like Neovera, comes in. Not only can we manage and monitor all internal and external threats, our team of experienced security and IT professionals consistently stay alert to new trends and threats facing any and all businesses across the country and around the world.