2015's big security attacks and blunders

The security breaches and blunders have made us loose faith in health insurance agencies, credit agencies, car manufacturers and even toy makers. Once again, it has been revealed that security is always the last thing that an organisation thinks about, whether big or small. We no longer can trust the innocence of the toys that are kids play with. Are we bieing overly paranoid ? Maybe yes, but security has still a long way to go before it gets into the central thinking of organisations. 

Anthem Data Breach

In Febraruary, this year, Anthem Inc. said its database was penetrated by a hacker attack which included personal information for 78.8 million people, including 60 million to 70 million of its own current and former customers and employees.

Chrysler/Jeep's Hack

Two security researchers teamed up with a journalist in July and demonstrated how they take control of a moving Jeep in a live traffic demo. Chrysler was severly affected by this and had to recall 1.4 million vehicles for security fixes

Vtech toys hacked 

Vtech, a company which specialises in electronic toys and educational material for childred has stated that there was "unauthorised access" to the database on 14 November, irony, that it is celebrated as 'Children's Day' in India. In an email to customers, the company said: "Upon discovering the unauthorised access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against further attacks.". A Large number of childred information, which looked could be from this hack, appeared online. This included their name, age, gender etc.

Havard Univertisy

A July breach at Harvard University highlighted growing security concerns around higher-education. The breach affected as many as eight schools and administrative offices. It remains unclear what information was accessed by the hackers.

GajShield Security Times - New Research Reveals 43 Percent of Bittorrent Applications on Corporate Network Contain Malicious Software

The report uncovered that 43 percent of applications and 39 percent of games contained malicious software that could infect corporate and vendor networks – highlighting that P2P file sharing can pose a major security threat to organizations and their vendors.

While the sharing and downloading of copyrighted or pirated content and applications over peer-to-peer typically violates most corporate policies, the behavior continues to occur at a high rate. Movies and games often come to mind when organizations think about P2P file sharing; however, the majority of infected applications that was uncovered were either Adobe Photoshop, Microsoft Office or various versions of the Microsoft Windows operating system.

Key Findings

  • 23 percent of organizations analyzed have evidence of some P2P file sharing activity on their networks.

  • 43 percent of torrented application files and 39 percent of torrented games contained malicious software.

  • Adobe Photoshop and Grand Theft Auto V are the top torrented applications and games respectively.

  • Industries such as Government, Education, and Energy/Utilities are poor performers; more than a quarter of companies in these industries have observed BitTorrent file sharing activity in the last six months.

  • Companies with more file sharing activity were likely to have more compromised machines due to botnet infections.

Many employees use the Bittorrent network to download and share copyrighted materials. The presence of such materials on workstations and computers can lead to potential liabilities and embarrasements for coporate organisations as well as fines levied too. Enterprises should ensure that these applications and sites are blocked at their firewall to secure their network.

Phishing Emails Targeting Chinese Users

Chinese people are increasingly getting online and adopting mobile services. 2014 was a pivotal year, with the massive adoption of mobile services by over 560 million users. It is anticipated that more than half of the entire population of China will have a smartphone by 2018 as the number edges past 700 million.

Additionally, China is one of the most developed markets in e-commerce and with mobile commerce via WeChat, the dominance of Alipay and a strong online shopping behavior is arguably more developed than Western markets.

Chinese users are therefore a very attractive target for phishing attacks: These attacks trick unsuspecting users into giving away their username and password for leading Chinese e-commerce brands and banks.

Find out more; check out this new blog article: Phishing Emails Targeting Chinese Users

Page 3 of 5