International hacking was a big theme among this month’s headlines. In addition, we learned about the new dangers of router firmware and Apple’s not-so-secure app approval process. Network World also did a product overview of Silo. Those stories and more in the September InfoSec news roundup:
- Backdoored Business Routers An Emerging Threat: According to security firm FireEye, businesses’ internet connection are at grave risk. The company cited 14 recent instances where hackers have replaced firmware on Cisco routers with a malware. The so-called “backdoored” routers were once considered a theoretical point of attack, but it looks like the threat has become quite real.
- OPM Increases Fingerprint Theft Victim Count to 5.6 Million: The Office of Personnel Management increased their estimate of fingerprint theft victims from 1.1 million to 5.6 million. The news was a stark reminder that biometric security measures, on their own, are insufficient. Check out our blog to learn the best strategy to employ biometric authentication as part of a multi-layered data protection strategy.
- RC4 Encryption Dumped By Mainstream Browsers: Google, Mozilla and Microsoft announced they will remove the RC4 encryption algorithm from their browsers by 2016. RC4 is a stream cipher introduced in 1987 to encrypt data packets. For years the digital security industry has known that criminals can break the algorithm. But freelance hackers aren’t the only ones who can crack the code. Documents from the Edward Snowden fallout revealed that US and UK intelligence agencies have been willing and able to degrade the RC4 encryption also.
- Error on Amazon’s Cloud Exposes Medical Records: Nevermind hackers, plain ol’ corporate neglect brought about a recent exposure of police injury reports, private medical records, and social security numbers on Amazon Web Services. The data was discovered by a curious tech enthusiast, Chris Vickery, who notified the affected companies when he found the information. Vickery reportedly was told that the data was accidentally made available to the public due to a contractor’s mistake.
- Chinese Government Is Linked To Cyberattacks: The Wall Street Journal reported that Chinese military has been linked to a hacker collective known by the name “Naikon.” The connection, which may hinge on the work of a Chinese military operative Ge Xing, was discovered by the security firms ThreatConnect and Defense Group Inc. According to the new revelations, Ge and his team primarily focus on phishing attacks directed at Southeast Asian governments. In related news, the US government has stated that China is a prime suspect in the recent OPM cyberattack.
- Russians Hijack Satellite Links To Steal Data: A new report reveals that the state-sponsored Russian cyber-espionage group, Turla, has been taking over IP addresses of satellite internet customers. Targeting satellite internet users allows Turla to hide their command server while they steal data. Even though satellite internet hijacking is an unreliable method for the criminals, it provides a lot of cover by preventing law enforcement agencies from tracking hackers and shutting down their operations.
- Apple’s App Store Infected by Chinese Malware: Apple is taking action to remove malware discovered in many of the most popular apps on its app store. The nefarious code has been dubbed XcodeGhost. Apparently, criminal coders created a fake version of Apple’s iOS development software that allows them to steal data and trick users into providing passwords and other personal information.