recentpopularlog in

jerryking : malware   36

Are you mentally prepared for a cyber attack?
JULY 5, 2017 | FT | by Madhumita Murgia.

“Cyber attacks are not benign. Even when no one suffers physical harm, the opportunity to cause anxiety and stress, instil fear and disrupt everyday life is immense,”.......journalists write about how companies and governments struggle to cope with the fallout from a cyber attack, but the longer-lasting impact on the human psyche has remained largely unexplored. Clearly, the anxiety prompted by cyber attacks is different from that associated with “traditional” acts of terrorism that cause deaths and injury to civilians. .... “Our analysis suggests that the psychological harm of cyber war can affect wellbeing nonetheless.” Identity theft, online threats of personal harm and the disclosure of confidential data such as medical records can cause significant distress........
........Samir Kapuria, a senior executive at Symantec, a global cyber-security company, is at the frontline of damage control, often helping clients after a cyber crime. He admitted that the corporate world was “in a state of urgency” when it came to dealing with the scale and virality of cyber attacks.

“The early 2000s was an era of mass cyber crime, when viruses like Stuxnet were released to disrupt with criminal intent. Today, with attacks like WannaCry and Petya, we are entering the era of intelligence,” says Kapuria, “moving from locks to surveillance to early detection.”
cyber_security  hackers  cyberthreats  malware  cyberattacks  psychology  panic  viruses  security_&_intelligence  Symantec  identity_theft  left_of_the_boom  surveillance  human_psyche  stressful  disaster_preparedness 
may 2018 by jerryking
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
NOV. 12, 2017 | The New York Times | By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
adversaries  data_breaches  hacking  vulnerabilities  counterintelligence  counterespionage  moles  malware  ransomware  Fedex  Mondelez  Edward_Snowden  security_&_intelligence  Russia  Leon_Panetta  NSA  cyber_security  cyber_warfare  cyberweapons  tools  David_Sanger  SecDef  CIA 
november 2017 by jerryking
Global shipping boss charts course through troubled waters
August 14, 2017 | Financial Times | by Richard Milne.

When AP Moller-Maersk came under cyber attack this year, chief executive Soren Skou was presented with a very basic problem: how to contact anyone. The June attack was so devastating that the Danish conglomerate shut down all its IT systems. The attack hit Maersk hard. Its container ships stood still at sea and its 76 port terminals around the world ground to a halt. ...Skou had no intuitive idea on how to move forward....Skou was “at a loss”, but he decided to do three things quickly.
(1) “I got deep in.” He participated in all crisis calls and meetings. “To begin with, I was just trying to find out what was happening. It was important to be visible, and take some decisions,” he says. Maersk is a conglomerate, so IT workers needed to know whether to get a system working for its oil business or container shipping line first.
(2) He focused on internal and external communication. Maersk sent out daily updates detailing which ports were open and closed; which booking systems were running and more. It also constructed a makeshift booking service from scratch.
(3)Skou says he made sure frontline staff in the 130 countries it operates in were able to “do what you think is right to serve the customer — don’t wait for the HQ, we’ll accept the cost”.

He says that he has learnt there is no way to prevent an attack. But in future, the company must “isolate an attack quicker and restore systems quicker”. He adds that Maersk will now approach its annual risk management exercises in a different spirit. “Until you have experienced something like this — people call them ‘black swan’ events — you don’t realize just what can happen, just how serious it can be.”

Danish conglomerate AP Moller-Maersk is planning to expand into transport and logistics ...

....Mr Skou’s plan for Maersk is about shrinking the company to grow — a “counterintuitive” approach, he concedes. Maersk’s revenues have stagnated since the global financial crisis and the solution has been to jettison what has often been its main provider of profits, the oil business.

In its place, Mr Skou has already placed his bet on consolidation in the shipping industry.....His real push is in bringing together the container shipping, port terminals, and freight forwarding businesses so as to make it “as simple to send a container from one end of the world to the other as it is to send a parcel with FedEx or UPS”. That requires quite a cultural shift in a group where independence was previously prized.....Another priority is to digitalise the group. “It is pretty messy,” Mr Skou says cheerfully. Unlike most businesses selling to consumers who offer few possibilities to change much, almost everything is up for negotiation between Maersk and its business customers — from delivery time, destination, cost, speed, and so on. “It’s easy to talk about digitalising things; it’s quite difficult to do in a B2B environment. It’s hard to digitalise that complexity,”
crisis  crisis_management  malware  cyber_security  cyberattacks  conglomerates  black_swan  improbables  CEOs  Denmark  Danish  IT  information_systems  think_threes  post-deal_integration  internal_communications  counterintuitive  digitalization  shipping  ports  containers  Maersk 
august 2017 by jerryking
Businesses must quickly count the cost of cyber crime
8 July /9 July 2017 | Financial Times | Brooke Masters.

Transparency without the full facts can be dangerous....Cyber attacks are frightening and hard for investors to evaluate. Quantify, to the extent possible, the impact as quickly as you can.
computer_viruses  malware  Mondelez  cyber_security  WPP  transparency  cyberattacks  brands 
august 2017 by jerryking
Hacks Raise Fear Over N.S.A.’s Hold on Cyberweapons - The New York Times
By NICOLE PERLROTH and DAVID E. SANGER JUNE 28, 2017

The Petya ransomware attack....was built on cyberweapons (i.e. hacking tools that exploited vulnerabilities in Microsoft software) stolen from the NSA in 2016 by Shadow Brokers and made public in April 2017. Now those weapons are being deployed against various U.S. partners include the United Kingdom and Ukraine.....there is growing concern that United States intelligence agencies have rushed to create digital weapons that they cannot keep safe from adversaries or disable once they fall into the wrong hands..... the government “employs a disciplined, high-level interagency decision-making process for disclosure of known vulnerabilities” in software, “unlike any other country in the world.”....Officials fret that the potential damage from the Shadow Brokers leaks could go much further, and the agency’s own weaponry could be used to destroy critical infrastructure in allied nations or in the United States.

“Whether it’s North Korea, Russia, China, Iran or ISIS, almost all of the flash points out there now involve a cyber element,” Leon E. Panetta, the former defense secretary and Central Intelligence Agency chief.....viruses can suddenly mutate into other areas you didn’t intend, more and more,” Mr. Panetta said. “That’s the threat we’re going to face in the near future.”..... ransomware that recently gained the most attention in the Ukraine attack is believed to have been a smoke screen for a deeper assault aimed at destroying victims’ computers entirely. .....Mr. Panetta was among the officials warning years ago of a “cyber Pearl Harbor” that could bring down the American power grid. But he and others never imagined that those same enemies might use the N.S.A.’s own cyberweapons.....rogue actors actors, like North Korea and segments of the Islamic State, who have access to N.S.A. tools who don’t care about economic and other ties between nation states,”.....So long as flaws in computer code exist to create openings for digital weapons and spy tools, security experts say, the N.S.A. is not likely to stop hoarding software vulnerabilities any time soon.
adversaries  CIA  computer_viruses  cyberattacks  cyberthreats  cyberweapons  David_Sanger  exploits  hackers  Leon_Panetta  malware  NSA  North_Korea  Pentagon  power_grid  ransomware  rogue_actors  security_&_intelligence  SecDef  vulnerabilities 
june 2017 by jerryking
Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool
MAY 12, 2017 | - The New York Times | By NICOLE PERLROTH and DAVID E. SANGER.

Hackers exploiting malicious software stolen from the National Security Agency executed damaging cyberattacks on Friday that hit dozens of countries worldwide, forcing Britain’s public health system to send patients away, freezing computers at Russia’s Interior Ministry and wreaking havoc on tens of thousands of computers elsewhere.....The attacks appeared to be the largest ransomware assault on record, but the scope of the damage was hard to measure. It was not clear if victims were paying the ransom, which began at about $300 to unlock individual computers, or even if those who did pay would regain access to their data.

Security experts described the attacks as the digital equivalent of a perfect storm. They began with a simple phishing email, similar to the one Russian hackers used in the attacks on the Democratic National Committee and other targets last year. They then quickly spread through victims’ systems using a hacking method that the N.S.A. is believed to have developed as part of its arsenal of cyberweapons. And finally they encrypted the computer systems of the victims, locking them out of critical data, including patient records in Britain.
tools  cyber_security  cyberweapons  cyberattacks  vulnerabilities  malware  Microsoft  ransomware  hackers  NSA  exploits  blackmail  David_Sanger 
may 2017 by jerryking
Law firms will pay price for failure to hold off hackers | Evernote Web
31 December/1 January 2017 | Financial Times | Brooke Masters.

"This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: You are and will be targets of cyber hacking, because you have information available to would-be criminals," Bharara said in a statement....Other professional services firms should take note. This is not the first time the industry has been hit by hackers who specialise in what is becoming known as "outsider trading"....Accounting firms that provide tax advice on mergers, boutique advisory forms, and consultants who weigh in on synergies and downsizing plans are almost certainly on the criminals' hit list....Professional service firms will not be so lucky. Banks and companies pay extremely high prices for outside advice. They expect professionalism and confidentiality in return. Getting hacked by a bunch of Chinese traders is hardly a strong recommendation of either.
Big_Law  Chinese  confidentiality  cyber_security  cyberattacks  hackers  hacking  law_firms  M&A  malware  mergers_&_acquisitions  Preet_Bharara  professional_service_firms  SEC  security_consciousness  securities_fraud  traders 
january 2017 by jerryking
Software as Weaponry in a Computer-Connected World - The New York Times
JUNE 7, 2016 | NYT | By NICOLE PERLROTH.

On average, there are 15 to 50 defects per 1,000 lines of code in delivered software, according to Steve McConnell, the author of “Code Complete.” Today, most of the applications we rely on — Google Chrome, Microsoft, Firefox and Android — contain millions of lines of code. And the complexity of technology is increasing, and with it the potential for defects.

The motivation to find exploitable defects in widely used code has never been higher. Governments big and small are stockpiling vulnerabilities and exploits in hardware, software, applications, algorithms and even security defenses like firewalls and antivirus software.

They are using these holes to monitor their perceived enemies, and many governments are storing them for a rainy day, when they might just have to drop a payload that disrupts or degrades an adversary’s transportation, energy or financial system.

They are willing to pay anyone who can find and exploit these weaknesses top dollar to hand them over, and never speak a word to the companies whose programmers inadvertently wrote them into software in the first place.
adversaries  software  hackers  books  coding  vulnerabilities  exploits  software_bugs  bounties  black_markets  arms_race  cyber_warfare  cyber_security  Stuxnet  espionage  Iran  security_&_intelligence  malware  cyberweapons  weaponry  stockpiles  financial_system 
june 2016 by jerryking
In the Dark Corners of the Web, a `Spider' Intercepts Hackers
April 22, 2015 | Bloomberg Business| by Edward Robinson

Encircling enterprises with digital force fields to protect against invasion is an outdated strategy, as the intrusions at JPMorgan Chase, Sony, and Target have demonstrated, according to James Chappell, Digital Shadows’ co-founder and chief technology officer. IT systems have simply become too open and diffuse to keep the bad guys out.
“Social media, long supply chains, mobile technology. There is now so much that no longer lives within the castle walls; it lives beyond them,” he says. “You can no longer assume that you’ll never be hacked. You have to assume that you will be.”
Enter the spider, a program of the firm’s own design. Crawling through shadowy corners such as the Deep Web and the Tor network, the program searches 80 million data sources in 26 languages for signs that Digital Shadows’ clients are at risk.
cyberattacks  Digital_Shadows  cyber_security  banks  hackers  malware  United_Kingdom  London  data_breaches  dark_web  pre-emption  network_risk  cyberintrusions  left_of_the_boom 
may 2015 by jerryking
After Data Breaches, Attackers Return for More - The CIO Report - WSJ
April 22, 2015| WSJ | By RACHAEL KING.

Companies often talk about data breaches as if they were discrete events. But, the reality is that once a company is breached and the attackers have been booted off the corporate network, they keep coming back...Attackers typically know what they want from companies, whether that’s credit card data, intellectual property or something else. And if they don’t get it the first time, they come to work the next day and try again, said Mr. Alperovitch.

“They’ve got objectives and goals and they get measured on things, whether it’s a nation-state or a criminal, said Todd Inskeep, global security assessments vice president at Samsung.
CIOs  data_breaches  cyber_security  productivity  measurements  malware 
april 2015 by jerryking
Cyber-warfare: Turning worm
Dec 13th 2014 || The Economist |

Timekeeper
Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon. By Kim Zetter. Crown; 433 pages; $25 and £20
computer_viruses  cyber_warfare  Stuxnet  security_&_intelligence  books  malware  software  coding  exploits 
december 2014 by jerryking
‘The Director,’ by David Ignatius, a Novel About the C.I.A.
June 3, 2014 | NYTimes.com |By MICHIKO KAKUTANI.

Mr. Ignatius writes that “The Director” is “ultimately about American intelligence in the age of WikiLeaks, and whether it can adapt to a more open digital world and still do the hard work of espionage.” And the novel does provide a harrowing sense of the vulnerability of governments and ordinary people alike to cybercrime, surveillance and digital warfare in this day when almost anything and everything can be stolen or destroyed with some malicious pieces of code and a couple clicks of a mouse.....giving an intimate sense of American intelligence operations in a post-Sept. 11 world, and puts them in historical perspective with operations from the World War II and Cold War eras. He also provides a detailed, energetically researched account of how hackers inside and outside the government operate: how malware and back doors and worms actually work, how easily security and privacy shields can be breached, how relatively defenseless many financial networks are.
back_doors  books  book_reviews  CIA  cyber_security  cyber_warfare  David_Ignatius  espionage  exploits  fiction  hackers  hard_work  malware  security_&_intelligence  software_bugs  vulnerabilities  WikiLeaks 
june 2014 by jerryking
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance - The Washington Post
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
By Craig Timberg and Ellen Nakashima, Published: December 6
FBI  surveillance  malware 
december 2013 by jerryking
Spyware Becomes Increasingly Malicious - WSJ.com
July 12, 2004 | WSJ | By LEE GOMES.

Spyware Is Easy to Get, Difficult to Remove, Increasingly Malicious
computer_viruses  malware  software_bugs 
january 2013 by jerryking
Ottawa set to ban Chinese firm from telecommunications bid - The Globe and Mail
STEVEN CHASE

OTTAWA — The Globe and Mail

Last updated Wednesday, Oct. 10 2012

One presentation, which discusses the damage foreign adversaries can inflict on computer systems, mentions the "Farewell dossier" incident. That was a Cold War episode in which the Central Intelligence Agency was reported to have deliberately transferred faulty technology to the Soviets – including a computer virus that triggered a major pipeline explosion.
computer_viruses  cyber_security  Huawei  adversaries  malware  software_bugs  vulnerabilities 
october 2012 by jerryking
Q&A: Poisoned Pictures on the Web - NYTimes.com
June 7, 2011, 6:57 am
Q&A: Poisoned Pictures on the Web
By J.D. BIERSDORFER
computer_viruses  malware 
june 2011 by jerryking
Mortimer Zuckerman: How to Fight and Win the Cyberwar - WSJ.com
* DECEMBER 6, 2010

How to Fight and Win the Cyberwar
We should think of cyberattacks as guided missiles and respond similarly—intercept them and retaliate.
Mort_Zuckerman  cyber_warfare  malware  cyberattacks 
december 2010 by jerryking
Most Sophisticated Malware Ever Targets Iran
Sep 22 2010, - The Atlantic Alexis Madrigal . A computer worm
is drawing awed respect and fear from security researchers, even as
they wonder how and why it was created.

Four things about Stuxnet are particularly noteworthy, according to
experts consulted by ComputerWorld. One, it appears to be the most
sophisticated malware anyone has ever seen. Two, because of that,
researchers do not believe it could have been created by a private
group. They think it's the handiwork of a nation-state. Third, it could
control real world machinery, like, say, a power plant. Fourth, it
appears to have targeted Iran.
malware  Iran  cyber_warfare  computer_viruses  Stuxnet  physical_world  cyberphysical  power_grid 
september 2010 by jerryking
Dark Side Arises for Phone Apps - WSJ.com
JUNE 3, 2010 | WSJ | By SPENCER E. ANTE. Security Concerns Prompt Warnings
malware  smartphones  mobile_applications  cyber_security  dark_side 
june 2010 by jerryking

Copy this bookmark:





to read