Issue 33 - Week of Oct 5th

1.       Suspected cyberespionage - Uber checks connections between hacker and Lyft:  Uber and Lyft are fierce competitors with hugely different valuations. Uber is valued at $51 billion while Lyft is at $2.5 billion. Uber was hacked 8 months ago and 50,000 records of drivers' names and license numbers was stolen, now uber is focusing its legal efforts on identifying the hacker, which according to sources can be traced to the CTO of Lyft.

2.       Suspected Iran-based hacker group creates network of fake LinkedIn profiles: Researchers uncovered a network of fake LinkedIn profiles, these convincing profiles form a self-referenced network of seemingly established LinkedIn users. Researchers believe the purpose of this network is to target potential victims through social engineering. Most of the legitimate LinkedIn accounts associated with the fake accounts belong to individuals in the Middle East, who could have been the potential victims. The level of detail in the profiles suggests that the threat actors invested substantial time and effort into creating and maintaining these personas. The photos used in the fake accounts are likely of innocent individuals who have no connection with the hacker group.

3.       Scottrade suffers hack; 4.6M customers notified of breach: The brokerage firm confirmed the attack, but said the focus of the attack was client contact details rather than financial information. Although Social Security numbers, email addresses and other sensitive data were contained in the system that were accessed, it appears that contact information was the focus of the incident -  the company statement read.

4.       HTC says monthly Android security updates are unrealistic: The recent Stagefright vulnerability that could affect every Android device may have been a blessing in disguise for Android users. Responding to the situation, Google announced monthly security update availability for its Nexus phones. Samsung also committed to ‘near monthly’ updates and LG has followed suit. However HTC, has not. The company said it will push for them, but unrealistic for anyone to say guaranteed updates every month. The Android eco-system (Google, Hardware maker and Telcos) will have to sooner or later put together regular updates to keep pace with modern day security.

5.       Cost of cybercrimes climbs to $6.8m per firm in Japan, $3.4m in Australia: The average cost of cybercrime per organization a year across seven countries (Japan, Australia, Germany, Brazil, US, UK, and Russian) has increased to $7.7 million in 2015, with companies taking 46 days to resolve a cyber-attack. According to a study, the average annualized cost of cybercrimes in Japan - climbed 14 percent to an estimated $6.81 million. In Australia, this figure increased 13 percent to $3.47 million, revealed the annual study. As organizations increasingly invest in new technologies like mobile, cloud, and the Internet of Things, the attack surface for more sophisticated adversaries continues to expand.

6.       Report finds many nuclear power plant systems 'insecure by design': A study of the information security measures at civilian nuclear energy facilities around the world found a wide range of problems at many facilities that could leave them vulnerable to attacks on industrial control systems-potentially causing interruptions in electrical power or even damage to the reactors themselves. The study found that many nuclear power plants' systems were "insecure by design" and vulnerable to attacks that could have wide-ranging impacts in the physical world-including the disruption of the electrical power grid and the release of "significant quantities of ionizing radiation.

7.       Samsung says customer payment data not affected by hack attack: LoopPay (a mobile-payments technology startup), which Samsung acquired in February to set up its payment system, was hit by a hacking incident. Samsung has said that customers who use the payments system weren't hurt by the hack attack. A government-affiliated Chinese hacker group known as the Codoso Group or Sunshock Group was responsible for the attack, The New York Times said. LoopPay believes the hackers were trying to steal the company's magnetic strip technology -- the primary reason Samsung bought the company.

8.       Who is responsible for a driverless car accident? Tech firm Google, Mercedes & Volvo say they will accept full liability for accidents involving its driverless cars as in this case the manufacturer of the technology is the driver. However, they would only accept liability for an accident if it was the result of a flaw in the car's design. If the customer used the technology in an inappropriate way then the user will be liable and if a third party vehicle causes the crash, then it would be liable. The critical question would be who would be responsible when a crash is due to a cyber-attack?

9.     Cybersecurity skills gap continues to grow: Frenzied activity in the Indian internet space, especially the mushrooming of start-ups, has brought the shortage of ethical hackers once again to the fore. The industry estimates the availability of ethical hackers at a meagre 15,000-17,000, much in contrast against the 50,000-70,000 cyber security professionals needed per year. An ethical hacker is a computer expert who hacks into a network to test or evaluate the vulnerabilities, but without malicious intentions. Industry estimates that by 2020 the annual requirement would shoot to about 1 million cyber security professionals.

10.   Chinese hackers have been tracked to use the seven stage kill chain: They 'Recon' their victims by using the Watering Hole Attacks - wherein they track their victims online activity and the websites the victims visit. Once a list of often-visited websites has been collected, the cyber-attacker will place  a code (like adware) in these trusted websites and redirect the users to malicious sites from where the visitors are served an exploit kit in order to achieve the true goal -- compromising a victim's system. Once inside a targeted network, the hackers tended to go for the domain controller in order to steal various credentials and gain access to other network areas which may store sensitive data.