Tag Archives: online security

Cyberattacks at Universities are on the Rise

Cyberattacks are becoming a common problem on college campuses. America’s research universities are often the targets. These universities are at the hub of information exchanges through out the world. Most of the attacks are thought to come from China. NY Times is reporting that millions of hacking attempts happen weekly.

The campuses targeted are being forced to tighten security which is preventing them from their normal open exchange of information and causing them to take time to find out what information was stolen. Officials have stated that some of the hacking attempts have succeeded and those that have succeeded are often not known about until well after the breach occurred. The universities are remaining silent on the specific nature of the breaches except for those that have involved the theft of personal data. Personal data includes social security numbers, email addresses, home addresses, phone numbers, etc.

Related content:  Going Back to School: Don’t get Scammed

Rodney J. Petersen, head of the cybersecurity program at Educause, a nonprofit alliance of school and tech companies, told NY Times, “The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond. So everyone’s investing a lot more resources in detecting this, so we learn of even more incidents we wouldn’t have know about before.”

The problem that the universities are facing with cyber attacks is that it puts the research work at critical risk. Patents for prescription drugs, computer chips, fuel cells, medical devices and many other products and services that could be stolen for commercial, political or national security value.

The numbers of cyberattacks are doubling every few years putting universities on edge trying to figure out the source of the attacks and what has been stolen. The schools are also on edge because it appears that every time they fix a breach, a new hack occurs with more sophisticated technology.

Related content: 7 Tips to Protect College Students from Identity Theft

Bill Mellon, associate dean for research policy at University of Wisconsin, said of the increased cyberattacks, “We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system. There are also a lot from Russia, and recently a lot from Vietnam, but it’s primarily China.”

The schools that have noticed the most attempts coming from China have not figured out whether the hackers are private or governmental.

FBI warns OS X Mac Users about Ransomware Purporting to be from FBI

A new version of ransomware is targeting OS X Mac users can claiming that it is coming from the Federal Bureau of Investigation (FBI). It is not malware and it appears as a webpage that uses JavaScript to load numerous windows. It requires that each frame be closed, but for that to happen a fee is requested thus the name ransomware has stuck.

A similar ransomware scam took place in May of 2012 also using the name of the FBI to lure in victims. The latest inception of ransomware uses “FBI.gov” within the URL in attempt to make the warning appear legitimate.

The scam is complicated. The warning that appears accuses victims of violating various U.S. laws, then locks up the victims computer. It claims that to unlock the computer and avoid legal issues, a fee of $300 needs to be paid via a prepaid Visa card. But the scam doesn’t end there. If a victim realizes that there is a scam taking place and attempts to close the windows, more windows (iframes) pop up with the warning.

The actual FBI website reports the simplest way to remove the ransomware’s iframes is to “click n the Safari menu, choose the “Reset Safari” option, making sure all check boxes are selected.” It also suggests holding down the Shift key while relaunching Safari to prevent reopening windows and tabs from the previous session.

“Ransomware messages are an attempt to extort money. If you have received a ransomware message, do not follow payment instructions. Be sure to file a complaint at www.IC3.gov,” says the FBI’s warning report.

All email and internet users should be warned of ransomware scams although the current version is only targeting OS X Mac users. The FBI encourages anyone who has been a victim of ransomware, e-scams, and phishing to contact the Federal Trade Commission at spam@uce.gov.

 

N.S.A. Discussed on House Floor, Won’t be Stopped

A divided House had its first Congressional showdown over the National Security Agency’s surveillance activities on Wednesday, July 24. The 205-to-2017 vote defeated legislation that would have blocked the N.S.A. from collecting vast amounts of phone records.

The classified intelligence program has never been discussed openly on the House floor. Debates ensued and some unusual coalitions took shape. Conservative Republicans teamed up with liberal Democrats to oppose the practices of the N.S.A. and push for legislation that would rein in the intrusive intelligence programs. On the flip side, the Obama administration, not normally friends of the House Republican leadership, joined with them in order to block the legislation.

Representatives Justin Amash, a liberatarian Republican, and John Conyers Jr., a liberal Democrat, can be held responsible for pitting Democrat against Democrat and Republican against Republican on the House floor by writing the legislation that would have limited the N.S.A.’s access of phone records to specific targets of law enforcement investigations. Not the broad dragnets couched as “metadata” collection currently being practiced by the N.S.A.

Although the legislation pitted normal allies against each other, it did create a bipartisan vote on the House floor. Advocates for the legislation have claimed that this is just the first proposal against the N.S.A.’s practices and that many more will follow. Defenders of the N.S.A.’s practices claim that putting the brakes on the agency will cause the nation to be a risk.

Representative F. James Sensenbrenner Jr. (R-WI), one of the principal authors of the Patriot Act which  has given the N.S.A. its power to collect phone records and other data on American citizens, says that the Patriot Act was never meant to create a program that demands the phone records of every American. “The time has come to stop it,” he said.

An open letter in support of the recently disclosed N.S.A. Programs was circulated to undecided members of the House. It attempted the use of scare tactics to urge lawmakers to allow the program to continue.

It read: “Denying the NSA such access to data will leave the Nation at risk. If the relevance standard of section 215 [Patriot Act] does not permit the government to acquire large data collections where necessary to preserve the data and to be able to conduct focused queries based on reasonable suspicion, our counter terrorism capabilities will be severely constrained.”

There is no telling if the open letter had an effect on the undecided members of the House. As it stands right now, the N.S.A. can continue with its dragnet programs.

What do you think?  How secure do you feel as your data is collected under the guise of “national security?”

EFF Files New Lawsuit Against NSA

The Electronic Frontier Foundation (EFF) has filed a lawsuit on behalf of First Unitarian Church and multiple other organizations against the National Security Agency (NSA) opposing the illegal mass surveillance programs of the NSA. EFF represents will be representing the coalition of American organizations including political associations, churches, and regular people.

First Unitarian Church of Los Angeles v. NSA is a lawsuit that will address whether the NSA violated the First Amendment right of association by illegally collecting call records. EFF has had years of experience fighting illegal government surveillance in court, but this will be a pivotal case for the Electronic Frontier Foundation.

“The First Amendment protects the freedom to associate and express political views as a group, but the NSA’s mass, untargeted collection of Americans’ phone records violates that right by giving the government a dramatically detailed picture into our associational ties,” said EFF Legal Director Cindy Cohn. “Who we call, how often we call them, and how long we speak shows the government what groups we belong to or associate with, which political issues concern us, and our religious affiliation. Exposing this information –especially in a massive, untargeted way over a long period of time– violates the Constitution and the basic First Amendment tests that have been in place for over 50 years.”

The bulk telephone records collection program was Continue reading EFF Files New Lawsuit Against NSA

The Fifth Estate Reveals Quest to Expose Deceptions and Corruptions of Power

the fifth estateBeing a watchdog and exposing the privileged and powerful was the idea behind WikiLeaks. The website which allowed whistle blowers to anonymously leak covert data shined a light on government secrets and corporate crimes. DreamWorks Pictures’ The Fifth Estate is a dramatic thriller based upon WikiLeaks’ founder Julian Assange and his colleague Daniel Domscheit-Berg’s quest to become underground watchdogs of the privileged and powerful.

The Fifth Estate highlights one of the most fiercely debated organizations –WikiLeaks– and focuses on the story of Assange and Berg gaining access to the biggest trove of confidential intelligence documents in U.S. history. The Fifth Estate asks “what are the costs of keeping secrets in a free society –and what are the costs of exposing them?”

The WikiLeaks platform rocked the media and journalism community. It began reporting and breaking more hard news than the world’s most legendary media organizations combined. The website exposed over 76,000 documents about the war in Afghanistan, a set of almost 400,000 documents called the “Iraq War Logs,” mapped over 109,000 deaths in significant attacks by insurgents in Iraq, and published files related to the prisoners detained at the Guantanamo Bay detention camp. And that was just the start.

The film “The Fifth Estate” presented by DreamWorks Pictures and Reliance Entertainment is based on Continue reading The Fifth Estate Reveals Quest to Expose Deceptions and Corruptions of Power

How to avoid cyber impersonation of your kids

Recently a huge story broke about a young girl named Katie that had her picture stolen to get Facebook “likes” and make money. What made this story even more notable was the fact that young Katie suffers from Down syndrome. These horrible crooks stole the picture, changed the girl’s name to Mallory and then used a sob story to gain nearly 3.5 million likes from unsuspecting folks looking to make the girl feel good.

Needless to say Katie’s family was infuriated as this latest cyber stealing crime has stooped to new lows. What is particularly scary is that it is remarkably easy for crooks to do this. All it really takes is a picture online to create a similar scam and dupe people based on their heart strings. The crooks put up a story about how “Mallory” was thinking she was not beautiful and that the likes would help her to feel otherwise.

What makes this particularly ridiculous is that Katie is indeed, beautiful. I feel rather certain that she knows this and that she needs no “likes” to discover this about herself.

Cyber impersonation is hardly something new. Continue reading How to avoid cyber impersonation of your kids

Data Breach Report Shows That Password Attacks Are Not Being Forced To Adapt

Everyone that spends time on the Internet is familiar with the ideas of usernames and passwords. A recent investigation by the Verizon Data Breach Investigations team revealed that our passwords are not doing the job. In 2012, authentication-based attacks were the number one method used by a mile in breaches online. In fact, four of five breaches were accomplished in this manner. What does this mean to us as surfers? Actually, it means quite a bit.

It means we are giving our permission without being aware of it

Most people realize that they should not give out their personal information, but they keep on doing it anyway. In fact, the criminals are counting on it. If we give our authorization to breach our information, what could be easier for an online, anonymous criminal? Phishing emails, asking for your information directly, false websites and countless other methods are out there. Once the password or username is secured, you would be shocked at the damage they can do.

Why change what is not broken?

That is almost certainly what the criminals are thinking. For the last several years the data has not changed hardly at all. By far, the easiest way for criminals to get your information is to ask for it…..and they do. Because we are not forcing a change, they simply keep on doing the same thing.

How do we force change?

The best way is to educate ourselves. You have to understand that any company that asks for password or username in an unsolicited email is fake. No company is going to do this in our modern online world without them having an ulterior motive. Never click a link you are uncertain about. Never visit a website with a bad reputation. You can see this by checking it with your anti-virus and other online tools. Most of all, we need to change how we pick our passwords.

How can we get a great password?

The easiest way to do this is to use a system like Roboform to store your passwords after you create them.  A website like strongpassword generator can help you create a great one if you have problems making something that will be hard to crack. This is a very easy way to come up with one that won’t be discovered. Of course, many will want to do it themselves and that is fine. Just don’t use anything that is obvious like a pet name or variation of your name. The criminals are very good at discovering your information. Use a letter, number and capitalization mixture for the best results.

Crime Network Shows Sophistication According to Study

It appears that our online criminal element has become a bit more sophisticated than one might expect. Certainly there have always been smart criminals out there, but this latest finding really boggles the mind. Thomas Holt, a criminologist from Michigan State University, has discovered that some criminals are using an online marketplace to market stolen credit card information.  This group would use an online forum to ask for criminal help such as money laundering or even data. They would then send and receive money electronically.

These criminals were clearly advanced according to Holt, as it showed the capabilities of advanced criminal thinking. This was not a bunch of kids trying to hack sites.

Have you ever gotten emails from someone asking about email, username or password information? This is called phishing and it is what criminals like this depend on. These criminals will steal information from major retailers, banks or other sources. Once they have this information, they will then send out these emails posing as your bank or website retailer.

These criminals are very good at looking realistic Continue reading Crime Network Shows Sophistication According to Study

Justice Roberts Highlights Need for Online Shopping Smarts

Chief Justice of the United States Supreme Court John Roberts made big news recently by admitting he recently had his credit card information stolen. There was already a renewed interest in identity theft due to huge increases in victimization. Justice Roberts simply showed that it can happen to anyone. Although the details were unclear about Justice Robert’s case, a large number of these credit card problems are traced back to online shopping.

Knowing how to recognize and identify the warning signs is important. Here are some important tips to help determine when a website is safe or not:

Understand that being well-known is good but not fool proof

Certainly it is a good sign when you are dealing with a large market retailer, but you can’t automatically assume it is safe. If you were a criminal, which names would you pick for your fake website? Criminals like using the big name sites and then building fake sites to get your information. Don’t assume it is safe just because it is a big name.

Make sure your phone call will go somewhere

Shoot for sites that have physical addresses and contact information that leads you to humans. Phone numbers that are disconnected and addresses that lead to nowhere are bad news. Take the time to actually go and check out the information.

Look for the S in “https” Continue reading Justice Roberts Highlights Need for Online Shopping Smarts

List of celebrities and political victims of hackers grows

It seems somewhat ironic, Angelina Jolie who starred as “Kate” aka Acid Burn in the movie “Hackers” has now joined the almost dozen celebrities who have had their financial information hacked into and released for the Internet to share.

TMZ reports that both Lady Gaga and Angelina Jolie are the latest in a line of online hack jobs which pulled financial information including social security numbers, credit card information, car loans, banking information and even mortgage amounts and released them online. Among the others hurt by the hackers were Jay-Z, Beyonce, Kim Kardashian, Paris Hilton, Mel Gibson, Ashton Kutcher, Robert Mueller, Tiger Woods, Kanye West, Eric Holder,  Robert De Niro, Dennis Rodman, Michael Vick,  NRA advocate Wayne LaPierre and LAPD Chief Charlie Beck.  There are also reports of Britney Spears, Donald Trump and even the first lady Michelle Obama being victims of these same hacksters. In the First Ladies case, it appears the problem is really with the president as they stated “”Blame your husband, we still love you, Michelle.”

Other political figures include Sarah Palin, Hilary Clinton, Joe Biden and Al Gore.   However, either there is little to be learned online about these particular political figures or they are protected better online than the other victims, there was little information revealed about them.

Credit agencies are making their own inquiries, and as reported by Forbes Magazine, “We learned about this late this afternoon [and] immediately launched an investigation,” a TransUnion spokesperson said by email.

The hackers appeared to be based out of Russia and performed a dump of the information on a website which now appears to be based on an island off the coast of Madagascar  in a technique known as “doxxing.”   But here’s the really interesting part, doxxing is the act of obtaining and posting private information about a person by scouring the Internet and is not necessarily illegal.

“You can post it as long as there is nothing nefarious about it,”  says LAPD cyber crimes detective Andrew Kleinick. “They are public figures and that kind of thing happens. It’s not right, [but] I know of no crime. He continues Continue reading List of celebrities and political victims of hackers grows