" />
Friday, June 23, 2017

Data of 10 banks hacked from National Payment Commission of India


The data of 10 banks has been hacked from National Payment Commission of India (NPCI), sources told dna. People have complained that money has been withdrawn from their bank accounts.

However, NPCI boss AP Hota told dna this was not true. He said, “Not correct. We gather that compromise has happened at a few ATMs of a bank in private sector. But the bank is yet to confirm. Our Risk Head is in touch with the bank.”

Cybercriminals yet to figure how to make money from IoT: Raimund Genes


Raimund Genes, chief technology officer at security software firm Trend Micro Inc., has held several executive positions at the company, prior to which he worked in the German air force for 12 years in radar guidance and aircraft tracking.

In an interview in Mumbai, Genes spoke about cybersecurity trends in the digital world, and how his team is working to protect users and companies from these threats. Edited excerpts:

Can we really compute the cost of cybercrime?

We at Trend Micro don’t compute the cost of cybercrime, and all assumptions and statistics about the cost of cybercrime being floated around are simply estimates. We have been in this security business for 27 years and we don’t feel the need to scare people with these figures (Intel Corp.’s security arm McAfee pegs the likely annual cost to the global economy from cybercrime at more than $400 billion.)

I could tell you the exact cost of a piece of malware but when it comes to the total cost of cybercrime, all I can say is that cybercriminals make more than drug traders, and the risk of them being caught is much lower than that of a drug trader because cybercrime is international and does not know any borders.

How much of a risk does India face, especially from ransomware that tops the cybercrime list in developed countries?

The risk in India is much lower than in other countries, at least as of now. But the attacker would not necessarily be from India. He or she could be from Eastern Europe, where many attackers are from.

Globally, ransomware appears on the top of the list because it is so visible—cybercriminals want you to see their message on your devices to scare you so that you pay the ransom. On the other hand, other malware like keyloggers, which sit on your computer silently but steal vital information like your PIN numbers, can go undetected for even six months and more.

Ransomware is in your face. In terms of malware distribution, ransomware is definitely on the top of the list in the US, and in parts of Europe where keyloggers, remote access Trojans (RATs), etc., make up for the rest of the malware. In Japan, ransomware is typically low. In parts of Asia, it is high. But in India, ransomware is low on the list.

In India, cybercriminals typically use keyloggers, RATs that try to siphon off credit card and other financial information from your computer.

Why is ransomware low in India?

Cybercriminals typically seek return on investment (ROI) from their crimes. Hence, it makes more sense to seek ransom from people in developed countries who have more money. For instance, a recent study revealed that 5% of companies in the US paid ransom but in Canada, the number was very high at 75%, which shows how nice Canadians are (laughs). There are some cybercriminals who even do not know how to use ransomware, so they hire other cybercriminals who sell ransomware-as-a-service, and then try to find out which company or country gives the best ROI.

Cybercriminals have now begun targeting Internet of Things (IoT) devices…

We don’t see large-scale IoT attacks because cybercriminals have not figured out how to make money here. You have so many IoT devices with so many versions of software, so it is unlikely that we will see large-scale IoT attacks in the near future.

You do hear a lot about IoT attacks by White Hats (ethical computer hackers) but that’s for fame. For example, at the recent Defcon event in the US, we demonstrated Drone hacking, etc., but it was basically to show that better security measures need to be implemented.

This March, at the CeBIT event in Hanover, for instance, we demonstrated sex toy hacking by placing a large, neon-pink vibrator on a desk and bringing it to life by typing out a few lines of code on a laptop. We got a lot of press for it. But if you want to do something bad with this, I can get to the back-end infrastructure and blackmail people by getting hold of the sensitive (and embarrassing) data of the people who use this.

Also consider the case of smart TVs. Till now, there were hardly any attempts by cybercriminals to hack these because of the different versions of software. But in China, recently, a smart TV was hacked by a cybercriminal—that is because of the now common Android OS (operating system) build. This implies that malware is used most where standardization prevails, which is not yet the case with IoT devices.

If I want to make money as a hacker from IoT devices, I would rather attack the infrastructure that connects these IoT devices to render them useless. For instance, of what use will be an IoT device that cannot connect to the cloud—it will be garbage. You can do a DDoS (distributed denial of service) on the infrastructure or steal all consumer data like health, geolocation, etc.

Are cyberattacks on the rise in the financial sector, especially with digital payments picking up around the globe?

We saw isolated attacks in those in the US on companies like Target and Home Depot (in 2014), where millions of customer debit and credit cards were put at risk after hackers broke into the companies’ payment systems. That was primarily because the US was using cards that mostly used magnetic stripes for swiping rather than the chip-and-pin system that others were using in Europe.

Also consider the banking heist in Bangladesh where the hackers seemed to be well aware of the infrastructure (in February, the hackers used the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, credentials of the Bangladesh central bank employees to send more than three dozen fraudulent money transfer requests to the Federal Reserve Bank of New York asking it to transfer millions of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia). Hackers can physically open the service port of ATM machines, plug in a USB stick and get the ATM to dispense all the money held in the machine.

Earlier, most of the work was done on mainframes where every CPU (central processing unit) cycle cost money and where controls were tight because they were UNIX-based systems. Then came the age of PCs (personal computers) and users could install all kinds of software.

This is both good and bad. It means that when your in-house development team releases a new application, it needs to train the system before the application can be deployed—at least on critical systems like servers.

Android apps appear to be posing a big security risk to users.

Android, by design, is not insecure. However, the rights management in Android is not good. It allows you to access third-party apps and users do so when they are desperate to acquire popular free apps. You are relatively safe if you download apps only from Google Play.

This is not the case with iOS because Apple has very strict rules for its developers and does not allow users to download apps from any store other that its own Apple Store.

China is the biggest mobile phone market store?? but Google does not operate in China. However, the fact is that we get the biggest mobile malware from China. If Google accounts for the malware from China, then users who download Android apps from third parties and not from the Google Play store are definitely at risk.

Of late, there have been more attacks on Linux-based systems while earlier it was Windows that was the primary target…

That’s because a majority of your cloud-based systems run Linux—like your Web servers. It makes more sense for hackers to attack the infrastructure rather than individual devices. Apple is pretty immune because it created a closed ecosystem. It only runs software from a certified developer community. So is the Windows mobile ecosystem. Of course, they don’t have a market share.

Public Wi-Fi hotspots are becoming more popular. How safe are these?

Don’t use them if you don’t trust them. They are prone to vulnerabilities like the man-in-the-middle (where a cybercriminal gets between two parties and gains access to private information) attack. You must use a VPN (virtual private network) to access your company data when using a public Wi-Fi, else it can prove dangerous.

How is Trend Micro’s partnership with Interpol (International Criminal Police Organization) shaping up?

We have been working with Interpol for over two years. (The collaboration was announced in June 2013). We recently helped in the arrest of the head of an international criminal network, suspected of stealing more than $60 million through scams like the business email compromise.

Wipro Picks Up Minority Stake In Israeli Firm For $1.5 Million


New Delhi: Country’s third largest software services firm Wipro has bought minority stake in Israeli cybersecurity company, Intsights Cyber Intelligence for $1.5 million.

“The target entity (Intsights) is an early-stage company founded in 2015… Intsights offers a threat intelligence driven security platform employing cyberintelligence, rapid mitigation and one-click remediation,” Wipro said in a BSE filing.

Wipro has acquired a “minority stake of less than 20 per cent on a fully diluted basis” in the Tel Aviv-headquartered firm for a cash consideration of $1.5 million, it added.

The Bengaluru-based company expects the transaction to be completed by August 31, 2016.

In the past few quarters, Wipro has announced a string of investments, including acquisition of companies like HealthPlan Services ($460 million), Cellent of Germany (for $77 million) and US-based Viteos Group for $130 million.

However, it later called off the buyout of US-based Viteos Group, citing inordinate delays in completion of closing conditions.

Wipro’s net profit for the June quarter had declined 6.7 per cent to Rs 2,059 crore, while its total income from operations rose 10.7 per cent to Rs 13,697.6 crore from the year-ago period.

Shares of Wipro closed 0.75 per cent down at Rs 524.80 apiece on BSE.

China internet regulator to crack down on online comments


Beijing: China’s Internet regulator has launched a new campaign to clean up the comments sections on websites to prevent the spread of what it calls harmful information and to encourage what it considers more helpful, well-intentioned comments to appear.

The Chinese government already exercises widespread controls over the Internet and has sought to codify that policy in Law.

In a statement late on Tuesday, the Cyberspace Administration of China said the crackdown on comments sections was aimed at tackling “outstanding problems”.

Deputy head of the administration, Ren Xianliang, was quoted as saying in a statement that they wanted to carry out a large-scale “cleanse” of the comments sections and make it easier for people to report illegal or harmful content.

“Proactively foster a healthy, positive Internet culture, and let cultured comment, rational posts and well-intentioned responses become the order of the day online,” Ren said.

Online media must make sure their stories are not simply “click-bait” and that they fulfil their responsibilities to society and make sure they properly control online comments to “allow the Internet to better benefit the people”, Ren added.

Officials say Internet restrictions, including the blocking of popular foreign sites like Google and Facebook, are needed to ensure security in the face of rising threats, such as terrorism.

Foreign governments and business groups have pointed to restrictions on the Internet as a broader trade issue.

Internet security threats: just the beginning


More than 430 million new unique pieces of malware were discovered in 2015, a 36% increase over 2014, according to Symantec Corp.’s annual Internet Security Threat Report, Volume 21.

The report says the maximum malicious activity originated from China (23.7% of all global cyber-attacks), which is ahead of the US (18.9%) and India (3.4%).

Interestingly, the US remains the origin of maximum malicious codes with 13.7% of the total programs detected, and India is in second spot with 12.5% codes.

A malicious code is essentially the name given to one or more types of viruses, worms, and Trojans, which are distributed with the intent of stealing and destroying data, running destructive or intrusive programs, stealing sensitive information, and compromising the security of computing devices.

Verification: 55a190b0664d6f07