Friday, May 13, 2016

Some things never change on cybersecurity

Program failures, malware and data thefts occupy, week after week, the main cybersecurity news. This week isn't an exception, proving although the complexity of the hardware and software security and how we implement them increase, the struggle is still focused on the malicious code, closing holes and seeing how the bad guys steal all they can, being passwords or financial information. And we think we are moving forward very fast, but sometimes it's only a quantum illusion.

This week our  Microsoft Security Intelligence Report sum has got a great success among our readers. Between another interesting information, it explains Asia is more and more on the cybernetic world, with its benefits and evils, being among these last ones that Asia is the main victim and root of malware cyberattacks. And by far: 49% of all the attacks came from Asia according to Microsoft.

As we said, the data theft has dominated also the informative scene this week, attracting specially our attention the bank robberies, the continuation of a increasingly predominant trend we pointed the past week. On one side, a Turkey criminal group would have stolen data client, employees emails and other information on 5 banks from South Asia. This group would be the same which assaulted the Qatar National Bank and the InvestBank.

On the other side, the FireEye investigation of the Bangladesh Central Bank attack continues, with a new information which makes it even more incredible. After knowing the defense tools used by the banks were insufficient and the thieves executed an intelligent attack to the SWIFT system, now we know they actually had 3 different cybercriminal groups acting on the bank networks when it was attacked. Which one won? It isn't clear yet.

But not only banks have juicy financial information and the cybercriminals who have robbed on the famous north American chain Wendy's know it. According to the company's confirmation, 300 of their 5.500 franchises were affected by a malware which infected an unspecific amount of pay cards systems, among them gas or telecommunications companies, because a hole on SAP known since 2010. It has been the first time the governmental US-CERT has issued a SAP alert.

We finish our weekly sum recommending the interview of the past Monday with the co-founder of the Solidarity Hacking and the National Ethical Hacking Professionals Association, María José Montes, which has been well received on the Spanish cybersecurity community.


Post a Comment