Author: Eric Schnell

Cybercrime by the Numbers

by at

https://www.fbi.gov/image-repository/cyber-crime.jpg/@@images/image/high

We read and hear a lot about cyber attacks and the latest threats in the news, seemingly daily. When one takes a look at the numbers the real costs to associated with cybercrime become a real eye opener.

Sources:

McAfee CSIS Report: Economic Impact of Cybercrime— No Slowing Down 

McAfee Labs Quarterly Threat Report June 2017

Accenture Cost of Cyber Crime Study

FBI Cyber Crime

Identity Theft Resource Center: 2017 Data Breach Year-End Review

 

 

 

Reboot Your Internet Router? Yes! Do This Too

by at

The FBI recently issued an alert about a malware threat that has infected home and small business routers.The threat, called VPNFilter, is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic. The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer. They include, but not limited to:

Linksys: E1200, E2500, WRVS4400N
Mikrotik: 1016, 1036, 1072
Netgear: DGN2200, R6400, R7000, R8000, WNR1000, WNR2000
QNAP: TS251, S439 Pro, other QNAP NAS devices running QTS software
TP-Link: R600VPN

ALSO: Update the Firmware!

The FBI alter recommended people reboot their Internet routers to help stop spreading the malware. That’s a great start and does’t hurt and takes no time to power cycle.  However, to really protect devices one should update the devices’ firmware since few routers update it automatically. Firmware is the router’s operating system.

Updating the firmware is not as difficult as one may think though people may be intimidated or worried they may break it. There are step-by-step guides available which can help one to update the firmware on specific routers.

Resources:

The FBI says you should reboot your router. Should you? CNET May 31, 2018.

 

 

 

 

 

 

 

What is this GDPR Thing and Why Should I Care?

by at

You may have seen a flood of updated privacy policies from your online service providers flooding your in-box over the past couple months. These are the direct result of new data privacy laws, the General Data Protection Regulation (GDPR) taking  effect across the European Union (EU) today. These laws provide consumers with more control over their personal data.

What Is It?

GDPR was ratified in April 2016 and establishes a single set of personal data protection rules across Europe.  Companies and online service providers outside the EU are subject to this regulation when they collect data concerning any EU citizen. Personal data is defined as any information relating to a person who can be identified directly or indirectly including information that can be linked back to an individual. There is no distinction between personal data about an individual in their private, public or work lives.

Companies will be required to implement appropriate technical and organizational measures in how they handle and process personal data. Data protection safeguards must be appropriate to the degree of risk associated with the data being collected and held. If there is a data beach and any of the laws were not properly applied fines could be as high as 20 million Euro or 4% of annual revenue, whichever amount is higher.

Since US companies with EU citizens as customers must follow DGPR laws US citizens may benefit from the laws.

Why Should I Care?

The theft or accidental disclosure of an individual’s data by an online service provide exposes that individual to any number of potential issues. The intent of the law is to provide individuals with more control over which data on them is being collected and places significant restrictions on how companies manage data to reduce of eliminate that exposure.

Under GDPR companies obtaining data from individuals must detail the purpose of data and how it will be used, if the data will be transferred internationally , how long it will stored. Individuals retain the right to access, lodge a complaint, or withdraw consent at any time. They also have the right to be forgotten. The data must be erased if it is no longer needed for the reason it was collected.

If any company experiences a data breach, they must notify the individuals whose data was stolen must be informed with 72 hours. This is in contrast to many more recent security breaches which come out in the news months later.

Another part of the regulation requires that consent for the company to collect data must be given by the individual by a clear affirmative action. This consent does not need to be explicitly given and can be implied by the person’s relationship with the company. Any data being collected and retained must be for specific, explicit and legitimate purposes.

Resources

Russell and Fuller. GDPR For Dummies. 2017. Wiley & Sons.

 

Want to Delete Your Facebook Account? Not So Fast ….

by at

Many people that decided to quit Facebook after the revelations over the data sharing practices of some of their partners. What some have learned when trying to delete their account is that it is not as simple as hitting the delete button.

To permanently delete Facebook account:

  1.  Select Quick Help in the top-right corner, then Search.
  2.  In the Search field enter delete account.
  3. Select How do I permanently delete my account? from the search results.
  4. You will be given you instructions to “log into your account and let us know.” Select the let us know link.
  5. Then follow the steps: Enter your password and solve the security captcha.

The thing to remember is one just  makes a request to delete an account.  Facebook delays the process and will automatically cancel a request if the account is log into during that time period.  Make sure to delete the app from all devices since if one of them access an account will cancel the request.

Deactivation

The alternative to deleting an account is to deactivate it. After one deactivates their account everything goes back to normal the next log in, as if nothing has happened. Deactivating is not the same as deleting. Deactivating one’s Facebook account simply hides information from searches and Facebook friends. Although nothing is visible, the account remains intact on Facebook’s servers.

  1. Go to settings and click General.
  2. Select Manage your Account.
  3. Select Deactivate your Account and type in your password.
  4. You will be shown  photos of “friends” you’ll miss (“Eric will miss you”) followed by a survey to detail reasons for leaving.
  5. After all that, select Deactivate.

 

Resources:

https://www.wired.com/story/how-to-delete-your-facebook-instagram-twitter-snapchat/?mbid=social_twitter&mbid=social_twitter

Email: The Cybercrime Gateway

by at

Billions of email messages are sent each day.  The ease of use, speed of transmission, and relative anonymity of email has made it a tool for cyber criminals. One survey indicates that 91% of all cyber crime starts with an email.

Using email to commit cybercrime is almost as old as email itself. While there are many ways email can be expoited, here are the more common ones:

Phishing

The term Phishing is a generic term used to describe the very broad category of email techniques used by cybercriminals. Future posts will go to Phishing techniques in greater detail.

Scamming

Based on the centuries old Spanish Prisoner, the infamous Nigerian 419  email scam of the 1990’s is still alive and well in one form or another and is a classic phishing scam. It involves promising the potential victim share of a large sum of money, in return for an up-front payment. If someone actually makes the payment, the scammer either invents a series of further fees for the victim to pay or simply disappears.

Spoofing

A spoofed email is one that appears to originate from one source but is actually sent by another. Like Neighbor Spoofing, falsifying the name and / or email address of someone the receiver is likely to know increases the odds the person will respond or take requested action (check out funny joke in the attachment!) It is actually not too difficult to spoof an email adddress using relatively simple tools.

Spreading Trojans, Viruses and Worms

Emails are perhaps the fastest and easiest way to spread malicious code. For example, the Love Bug reached millions of computers within 36 hours back in 2000,  all thanks to email. Cybercriminals will bind the malicious code in e-greeting cards, fake virus patches, et and email them in messages which are written in a way to make the reader feel like immediate action is required.

Attachments

Attachments are a very common way to spread malicious code. The rule of thumb is to open only those attachments that you are expecting – even if coming from someone you know (remember: email address spoofing!). File names can been spoofed as well so that an attached file that is actually a computer program can look as though it is a simple word processing file. If you are unsure, contact the person and ask if they sent it.

Links

Don’t immediately click on the link(s) in emails. Keep in mind email spoofing since a message may look like it is coming from someone you know! Hover your curser over any links to double check if the destination URL is what it’s claiming to be. To be extra careful, type out URLs manually instead of clicking links.

Getting SPAM Texts? Forward them to 7726

by at

The use of text messaging is a growing tool for marketers. Many texts are legitimate and originate from service providers you may have given your number to.  However, the number of SPAM text messages appears to be growing rapidly. According to the Federal Trade Commission, “It’s illegal to send unsolicited commercial messages to wireless devices, including cell phones and pagers, unless the sender gets your permission first.” The same would hold true for text messages that are sent from robo-callers.

If you’re receiving random messages from unknown numbers or entities it is probably illegal SPAM from someone phishing for information and trying to scam you. So, what can one do?

Report to your carrier

A little known service provided by most cell carriers is SPAM reporting. On an iPhone, select the spam message by holding it down with your finger. A menu will pop up. In the lower right, select More and then the arrow icon. This will create a new message that can be forwarded. On almost all carriers forward the message to 7726. Make sure to copy the phone number that send the message since an auto-reply may ask for it as well.  Why 7726? It spells SPAM.

Block numbers

On an iPhone, go to the offending text and press the “i” in the upper right-hand corner. That is where you will find the option to Block the number. There is no way for the robs-callers to know you’ve blocked them so they can send all the messages messages they want. There is one caveat. The blocked number can still leave a voicemail but you won’t receive a notification. You may notice voicemails piling up on you.

Resist the urge

You may feel the urge to reply to a SPAM text. Maybe you want to tell them how you feel. Maybe you love practical jokes and you want to mess around. Don’t.  Don’t even responding to their request that you reply “NO” to stop their messages. Engaging the sender in any way will make the problem worse.

*Don’t Press 1* : Neighbor Spoofing

by at

Odds are this HAS happened to you.

A call comes through on your phone. The caller ID  shows it is coming from the same area code AND the same

https://www.flickr.com/photos/mag3737/5982743771

https://www.flickr.com/photos/mag3737/5982743771

first three digitals as your phone number. Your first though is that it has to be a neighbor or someone in the community calling. Sometimes it is YOUR number calling you!

However, when you pick up it isn’t a neighbor. Far from it. It turns out top be someone selling an exclusive vacation deal – just “Press 1” and you will get a fantastic price! This technique, called neighbor spoofing, uses an automated robocaller that generate a fake caller ID number that will almost match your number.  It is an illegal activity to trick you into picking up and respond to their questions in an attempt to giving out or confirm personal information.

A robocall is a pre-recorded automated call, usually for telemarketing purposes.  While some robocalls are legitimate (emergency weather alerts), many calls can be predatory or deceptive.  In August 2017, the FTC issued a warning to Hurricane Harvey victims about a flood insurance scam in which homeowners were advised that their flood premium was past due. According to the Robocall Index, maintained by YouMail, 2.6 billion robocalls were placed in July 2017 alone! The FTC reports that robocalls are the top complaint received by the agency.

On the Do Not Call list? It doesn’t matter. The scammers are engaging in illegal activity so why would they obey the registry? What can you do? Unfortunately, the scammers will keep calling. But following the first two suggestions below are important in trying to reduce the number of calls.   

Don’t Answer

When one sees a number they think is a neighbor the first reaction / behavior is to answer since there may be a problem! However, by simply answering such a call thinking it is a neighbor may subject you to even more calls.  There is an underground market for phone numbers for individuals that pick up or respond to questions. Numbers on such lists on are used by robocallers with increased frequency.

Don’t Respond or Confirm

If you do pick up and you can tell it is a robocall, hang up right away. Do not engage the caller and certainly do not respond to any requests to press additional numbers. DON’T PRESS 1. Pressing any number, even if it is responding to their suggestion that doing so will take you off their list, only confirms your number is active and that they reached a live person.

Some people love to engage telemarketers for entertainment, but doing so may actually put you an their “call frequently” list.

Do Block

There is a reason it is called “spoofing.” It prevents you from knowing where the call is really coming from. It may be coming from out of the country! One approach is an block a particular numbers. However, by the time you do that the same scammers have probably moved on to a different number.  While it do takes a bit of work and is annoying, you could systematically block callers, even though it will seem like a finger in the dike approach.

 

What Information Are You Sharing with Facebook Apps ?

by at

The vast majority of Facebook users do it. We install apps built into Facebook and just click through all the questions without reading. We go to a website which are prompter to create a new account or “log in” with Facebook. Logging in with Facebook is easier since who needs yet another account to remember? How many times have you done this? You might be surprised. No. Shocked.

In both of these situations you are not granting access Facenbook itself to any new data, Instead you are granting access to your information by a third party.  According to Facebook, each app that you log in with you automatially agree to share at the very least your gender, the networks you belong to, your username and user ID, and your full name and profile picture. You also grant access to your full friends list and any other public information that you have included on your Facebook profile.

This issue is at the center of the Cambridge Analytica data scandal. The political research firm was able to access data on more than 50 million Facebook users through a third-party personality quiz application call “thisisyourdigitallife”, without the knowledge or consent of any of those users.

To see what apps have your data:

  • Select the drop-down menu on the top-right side of Facebook on the website or mobile appand select “Settings.”
  • Select the “Apps” option (on the left side of the page on the website. Scroll down the to the settings page on the mobile app).

This will display all the apps that you have granted access to and to which data:

If you wish to delete an app on the website hover over it and then the “X” button to remove. You may wish to do a little housecleaning on a regular basis and delete any apps you no longer use. Any data that was previously shared will still be in the possession of the app developer, however. They just won’t get any new data.

You can also manage the data sharing settings for apps you still want to use. If you select the pencil “edit” icon while hovering over the app you will see all the data options you are sharing with that app. Deselect data options any that you wish not to share with them.

The important takeaway is that you need to stay diligent and anytime you access a new Facebook app or use “log in with facebook” to immediately edit these options

Why Do Hackers Hack?

by at
ID Theft

Photo: https://www.flickr.com/photos/cafecredit/27549356392

The reasons and motivations of hackers engaged in cyberattacks continue to grow. Long gone are the days one could simply say hackers do it for the fun, thrill, or challenge. The new reality is that hackers hack for a variety of financial, political, and ideological reasons. Many people may think they are not an appealing target for a hacker. In fact, hackers can use access to anyone’s accounts or devices as a launching pad with the goal of gaining access to larger networks to discover valuable assets.

Hacking as hobby

Back in the 80’s and 90’s the phrase “hacker” seemed to apply to only one person: Kevin Mitnick. Mitnick first gained notoriety after he gain unauthorized access to Digital Equipment Corporation (DEC) computer network at the age of 16. to copy their software. He was one of the first hackers to be prosecuted under the 1986 Computer Fraud and Abuse Act. While hackers these days generally have other motives some still hack simply to prove they can outsmart government and corporate IT and security by infiltrating their systems.

Hacking to steal or blackmail

Odds are that anyone reading this post has received a letter at some time containing a notification of free credit monitoring due to some sort of security breech. Some hackers will focus on breaking into those systems or devices to infiltrate bank and financial accounts. Others break into systems to install ransomware software that locks a computer or mobile device by encrypting electronic files. Access can generally be reclaimed by paying the ransom.

Hacking to crash a service

The goal of some hackers is to simply crash a system or web site.This goal of such hackers is often not only knock a company’s website out of service for a while, but to cripple the online presence of what is seen as competition. One common technique used is known as a Denial-of-Service attack where the system is flooded with superfluous requests in an attempt to overload it.

Hacking to steal and leak information

The theft and posting of emails on WikiLeaks during the 2016 election will forever leave as a classic example of this type of hack. The goal for these hackers is to steal, publishing, and possibly sell trade secrets as well as exposing activities of governments, organizations, or individuals.

Hacking to expose security flaws 

There are some hackers that will actively work to break into systems with the express goal of exposing security holes.  The justification for this kind of hacking is to prevent harmful attacks by showing the world how vulnerable our a system, service, or device is to hacking. An example of this type of hack resulted in the discovery and communication of serious security flaws in the software used to register voting tallies in Germany.

Hacktivism

Sometimes, hackers are vigalentes trying to raise awareness about a political issue or wishing to create chaos.  These hackers may use any of the above reasons for hacking.  An example of hacktivism is the hacking done by Anonymous during the Occupy Wall Street movement.

 

The Human Operating System

by at

When people think about cybersecurity the first things that come to mind are hardware breaches and software bugs. After all, those are the topics which make the highly news and social media streams. However, for the most part there are limitations that an individual can do to prevent those from happening.

Photo: https://www.flickr.com/photos/143601516@N03

An organization can spend all the money it can on trying to secure themselves using the the latest and greatest cybersecurity technology in an effort to block a cyberattack. However, there is one security risk that can’t be solved by a consultant or easily secured: YOU.

All devices have an operating system. Those operating systems need to be continuously updated and patched to prevent a cyberattack. Similarly, humans have an operating system. Unlike a device, however, each human runs their own operating system. The challenge is that no two human operating systems are alike. Each consists of a complex set of behaviors built on life experience, belief systems, education, and any number of skills.

Yet, there are specific behaviors which any number of human operating systems do engage. It is those behaviors which hackers identify and exploit.

The purpose of this blog is to discuss ways in which human operating systems are being exploited and what individuals can do to patch themselves to minimize future hacker exploits.