Friday, December 22, 2017

To protect a giant

Glaciers, those giants in extinction, have a law of protection for themselves. This legislation was approved in 2012 and although it is so necessary, there is currently a debate about it. The Argentine government wants to modify the glacier protection law to promote the development of economic activities such as mining. The eternal struggle between environment and economy.

This week from CIGTR we want to highlight the struggles that big companies face worldwide. While it´s true that they have a much greater protection capacity than a small or medium company, their attack surface is also superior and, therefore, they are in the eye of criminals and black-hackers.

Big technology companies; Google, Facebook, Apple and Microsoft; they have the suspicions that they might have suffered a hickjacking attack. These suspicions are due to the fact that during the past week the traffic of these large companies was transferred to Russia. In addition to the fact that the traffic belongs to large technology companies, which is already suspect due to its value in data, the hijacked IP addresses belong to small and specific blocks that are normally not seen on the Internet. Do you need another reason? The prefixes that were affected are all high profile destinations, that is, it is not a simple leak but someone could have been inserting these specific prefixes with the intention of attracting traffic. Hopefully they are not right but, ... everything points the opposite.

Sometimes we forget that Internet of Things (IoT) is much more than the new devices that we have added to our daily lives such as webcams, Smartphone devices, etc ... We have been connected to the network for quite some time but ... are all those "old" devices protected? This week the NewSky Security experts scanned the network and discovered that of the 1,475 unique IP addresses of the Lexmark printers, 1,123 had no security at all. The discussion about who bears the burden of implementing security measures has been put on the table. While this discussion is resolved; if you have a Lexmark printer, you should think about protecting yourself.

Android is not characterized precisely by having few enemies. This week has discovered one more to add to the list. Kaspersky researchers have discovered a strain of malware that can cause the victim's device to suffer physical damage. This new malware, called Lopai, performs a lot of malicious activities, from cryptocurrency mining to the launch of DDoS attacks and enters your device through some popular streaming and video streaming sites such as Openload, Streamango, Rapidvideo and OnlineVideoConverter Let's give thanks that Loapi did not manage to break through in Google Play Store and therefore the users have not been affected by the malware. Even so, it will be necessary to have a thousand eyes when downloading applications from the Play Store.

This week Microsoft and Facebook have stopped hacking attacks from North Korea. The measures taken have impeded the activities of a group called Lazarus. This group has been accused of being behind high-profile attacks such as the attack on Sony Pictures in 2014, a series of attacks on the SWIFT financial system and the recent and destructive WannaCry ransomware epidemic. Once these accounts were eliminated, thus hindering the activities of this malicious group, users of accounts that had been in contact with Lazarus were warned and recommended to take greater measures of security in their accounts.

Although in many occasions it is possible to think that the big technological companies have strong security measures, cyberattacks are in full evolution and, sometimes, even for these technology giants, it is difficult to keep up with them. As with glaciers, companies have laws that protect them, but the desire to monetize the data that these companies have makes criminals try to cross these laws. Fortunately, the attacks and threats detected this week have been nothing but a scare but how long can the giants stay on their feet?


Post a Comment