CEO Fraud Attacks Were Far More Lucrative Than Ransomware Over the Past 3 Years

Computer Culture Admin - Thursday, August 24, 2017
Cisco's midyear report released this week showed that CEO fraud netted cybercrime five times more money than ransomware over the last three years.

The surprising highlight of Cisco's ninety-page report was that cybercrime made 5.3 billion from CEO fraud attacks--called business email compromise (BEC) by the FBI--compared with a "mere" 1 billion for ransomware over a three-year stretch.

Ransomware takes time to develop and extensively test before any Bitcoin comes into the wallet, compared to doing a quick bit of research on LinkedIn and crafting a spoofed spear-phishing attack. CEO fraud simply is faster to pull off. Moreover, your run-of-the-mill spray-and-pray ransomware attacks are often lower-dollar numbers.

Schooling Users on CEO Fraud and Ransomware

Cisco says targeted cybersecurity education for employees can help prevent users from falling for CEO fraud and ransomware attacks. The finance department could especially benefit from security training on phishing campaigns, so when the bogus email comes across the transit of the CEO asking for a funds transfer it can be detected.

Regular software patching also is crucial. When spam laden malware hits or ransomware attacks like WannaCry surfaces, the impact can be minimised. "People focus on new technology, but forget about patching and maintaining the infrastructure."

A balanced defensive and offensive posture is required, not just with firewalls and antivirus, but also including measures to hunt down possible attacks through data collection and analysis.

Spyware Makes a Comeback

Cisco found that in the first half of this year, attackers altered their methods of delivering, hiding, and evading their malicious packages and techniques.

File-less malware is popping up, which lives in memory and disappears when a device reboots, according to the report. As a result, it makes detection and the ability to investigate it more difficult.

Additionally, attackers are also making use of anonymised and decentralised infrastructures, to hide command and control activities.

Meanwhile, three families of spyware ran rampant, affecting more than 20% of the 300 companies in the report sample.

Ironically, many organisations underestimate or virtually dismiss spyware. "Spyware is being disguised as adware and adware, unlike spyware, does not create damages for a company," says Cisco. He adds that attackers are injecting spyware and other forms of malware into adware, since adware is a low priority for security teams.

‘Destruction of Service’ Attack Threat

The report also highlights the dangers of Destruction of Service (DeOS) attacks, epitomised by the likes of WannaCry and NotPetya which were both much more destructive than traditional ransomware. According to Cisco, these types of attacks have the strength to eliminate organisations’ data backups and leave them unable to recover.

Cost of Downtime Not Calculated

The one thing related to ransomware that was not considered was the amount of damage caused by downtime, having workstations and servers not up & running. If you calculate that in, ransomware is probably as damaging as CEO fraud, or even more.

New Type of WhatsApp Phishing Attack

Computer Culture Admin - Thursday, August 24, 2017
HP Heads-up. There is a new social engineering attack currently being tested in Europe, which means we may see it in the rest of the world very soon.

The bad guys are using malicious WhatsApp ads, which offer a 250-dollar coupon for a well-known retailer, in exchange for a short survey. The invite looks like it comes from a friend on WhatsApp. A similar strain installs a malware on the phone, which looks like a software update, but steals all the contacts, phone numbers and email addresses - and if they can find any, passwords and banking credentials.

There are different ways to monetise all this phishing data, and it looks like the bad guys have got that down too, from selling the stolen credentials to using the malware to go viral to all the contacts on the phone.

The large retailers have reported hundreds of these attacks to Europe's federal Cyber Crime Unit.

Does your house need a Google Home?

Computer Culture Admin - Wednesday, August 23, 2017
Though there are multiple options for voice-activated smart assistants available in the US, the launch of Google Home marks the first official entry of this exciting new category into Australia.

This cute little speaker essentially acts as a hub for all things Google in your house, performing tasks you might already do on your phone or computer — quick web searches, streaming music and TV shows, interacting with smart home gadgets — but it does it all with a quick spoken request from you.

Given how hit-and-miss voice services are in general, the reviewer was immediately impressed with how naturally you can interact with the Home. It can hear you whispering from across the room, can learn to differentiate different members of the household, and can parse natural-language requests regardless of your syntax, so you don't have to remember many exact phrases to get to what you want.

Just say "OK Google" or "Hey Google" to make it listen — you can tell by the colourful lights that appear on its surface — and then make your request. The Google Assistant replies in a soft, female voice, answering your questions or confirming the operations it's carrying out on your connected devices.

Let the music play
The first query the app suggested to be tried after setup was "OK Google, play some music". Home, of course, had no problem carrying out the simple request, immediately pumping out some 80s rock.

As a music player Home is surprisingly competent, one the nicest sounding speakers of its size, even at full volume. It can be used just like a Chromecast Audio, sending directions from any compatible app to play on the speaker, and an update rolling out soon will let you connect via Bluetooth if the app you're using doesn't cast.

Most convenient though is just asking for what you want to hear. You can be as broad or as specific as you like, asking for genres, moods, artists, albums or songs. If you want a specific version, just add more details.

You'll need Spotify Premium or a YouTube Red / Google Play Music subscription. Once you've trained Home to recognise the voice of each person in your household, it will use their Play Music library to tailor choices to them.

It will also easily pull music you've personally uploaded to your Play library.

You can ask for the radio too. If you have Chromecasts in your home you can also choose to beam your audio to any speaker or groups of speakers you like, as easily as saying "OK Google, play Metallica in the lounge room".

Hidden smarts
Beyond being a media player, Home can connect to a multitude of services — Google owned and otherwise — to quickly fetch info and fulfil tasks in a fraction of the time it would take you on your phone.

This is great for the dozens of quick queries you might usually Google each day — "what time will the sun set tonight?", or "what is 800 ounces in grams?" — but also for information you might get from other apps, like weather forecasts, news on a particular topic, or where the nearest burger joint is.

Home can also read your calendar so you can ask "when's my first meeting", "what do I have on today" or "can you schedule a lunch meeting at 1pm Thursday". Unfortunately this currently only works with the main calendar of your Google account.

It can also be used to set timers, alarms, and reminders.

Smart home pioneers can use Home to interact with certain brands of connected light globes, powerpoints and more as well. The selection is a bit limited, but there is full compatibility with IFTTT, so you can apply your own recipes and, for example, have all your globes turn on when you say "OK Google, lights up".

If you watch TV on a cast-enabled device, Home will also pull down shows from Netflix, and YouTube just fine.

Of course, like any voice-activated tech it's also fun just to chat to it and see what it says. You'll occasionally get a bemused dead end, but there's a surprising amount of simulated wit packed in.

Overall Home has been adapted very well to life in Australia. The language recognition is top notch, the responses are in-depth and conversational, and it makes heaps of tiny tasks a little bit simpler. Future updates will doubtlessly add more functionality as well but if there was one hardware feature I'd like to see in a Home 2 it's a bit of battery power so it could be carried temporarily to a different room.

For the original article click here.

New Social Engineering Attack Turns Off Your Power

Computer Culture Admin - Wednesday, August 23, 2017
OK, better get thinking about generators and 1,000 gallon drums of fuel to keep your data center up and running (which you should have done anyway for your disaster recovery plans...)

A new attack vector that bypasses all your software defenses has been discovered by Israeli cybersecurity company Cyberint. At the moment, the bad guys are only targeting US and UK energy companies which could cause power cuts and even cost lives, but this tactic could be used against anyone.

Here is how it plays out. A "honey-doc" masquerades as a resume attached to a harmless email. Both email and attachment are totally clean and contain no malicious code whatsoever. That's what makes them undetectable to any kind of incoming email filter.

However, the Word doc *is* weaponized with a template reference that, when the document is loaded, connects to the attacker’s server via Server Message Block and downloads a Word template which has an extremely well-hidden malicious payload.

The connection to the SMB server also provides the attacker with the victim’s credentials, which can then be used to acquire sensitive information and/or infiltrate the network and/or control systems used by the targeted employee.

The campaign appears to have started in May, and as it is targeted at infrastructure control systems of US and UK energy companies, it's not too hard to guess who is behind it.

The problem is that once this type of attack is out there in the wild all kinds of bad guys get their hands on it. To protect against this type of attack, you want to step your employees through new-school security awareness training so that they do not fall for social engineering tactics like this.

Computer Interfaces Gets Faster

Computer Culture Admin - Wednesday, August 23, 2017
Your desktop or laptop computer has a wide variety of ports and connection types, but what are they all for and how do they differ? USB 2.0, USB 3.0, eSATA, Thunderbolt, Firewire, and Ethernet are some of the technologies that are built into many of the computers sold today. So, what’s the fastest connection type? What type of connection is best to consider for an external hard drive? What about for 4K multi-monitor support? In this article, we’ll talk about the different types of high-speed data ports and how they are used. No matter what type of computer you have, you probably have one or more of the high speed connection types covered in this article. Let’s first take a look at the different speeds for each type of connection. Note that the rated speeds are not what you’ll get in real-world conditions. Most likely, you’ll be able to get anywhere from 70% to 80% of the max speeds listed.

The USB 2.0 connection type has pretty much become the standard. You have likely used a USB 2.0 cable to connect some device or drive to your PC or Mac at some point and you probably have several spare USB cables laying around the house. Even though USB 3.0 is here, many PC peripherals and other devices are still being manufactured with USB 2.0 connectivity. Many devices do not yet use USB 3.0, nor do they use Thunderbolt. Why? Because USB 2.0 is simply fast enough to handle minor tasks and many devices simply do not require lightning fast speed, such as mice and keyboards. OK great, so how fast is USB 2.0 exactly?
USB 2.0 is rated at 480Mbps. That's about 60 megabytes per second. For quick reference, 1000 Mbps equal 1Gbps, which is considered gigabit.

The USB 3.0 connection type is the next step for USB (from 2.0). USB 3.0 transfer speeds are about 10x faster than previous USB 2.0 speeds. So, what does that amount to?

USB 3.0 is rated at 5 Gbps. That’s about 640 megabytes per second.

In 2013, USB 3.1 was also released and is rated up to 10 Gbps. That’s around 1280 megabytes per second or 1.2 GB per second. This means that USB 3.1 is about as fast as a single first generation Thunderbolt channel. It’s also worth noting that the new USB Type C connection will support USB 3.1 for a max data transfer rate of 10 Gbps. eSATA stands for external SATA. SATA, of course, is a connection type that is used to connect an internal hard drive to a computer. So, inside your desktop or laptop is the hard drive, which in most cases, connects to the motherboard using a SATA interface.

With eSATA, an external hard drive can use that same connection type and technology to be connected to the computer. The hard drive inside a computer is quicker than a standard external hard drive (USB 2.0), so what kind of speeds does eSATA produce?

eSATA is rated at 3 Gbps and 6 Gbps.

Thunderbolt cables are the newest connection type featured on this list. Originally codenamed “Light Peak,” Thunderbolt was first a technology that was developed by Intel. For Thunderbolt’s consumer debut, Apple Inc. added the high speed interface to nearly all of their devices in the Mac lineup, making them one of the first companies to use the technology. Thunderbolt is capable of more than other connection types, but we will get to that later. What kinds of speeds does Thunderbolt produce?

Thunderbolt is rated at 10 Gbps per channel (x2). Thunderbolt 2 raises that value to 20 Gbps over a single channel. Thunderbolt 3 doubles the bandwidth again to 40 Gbps.

Firewire, or IEEE 1394, is another connection type that was popular for a while, but has kind of gone away over the last few years. The popularity of USB 2 and USB 3 devices slowed adoption of Firewire, resulting in the slow decline of the connection. This occurred even though Firewire 400 and 800 are faster than previous USB technologies (not including 3.0).

Firewire is rated at 3 Gbps (400) and 6 Gbps (800).

Ethernet is a connection type that is used mainly for networking, so it is not designed to be super-fast. However, Ethernet cable can be used to transfer computer data too.

Ethernet is rated at 100Mbps.

To summarise the above data, the connection types would result in the following from fastest to slowest.

1. Thunderbolt (up to 40 Gbps)
2. USB 3.1 (10Gbps), then USB 3.0 (5 Gbps)
3. eSATA (6 Gbps)
4. Firewall (6Gbps)
5. Gigabit Ethernet (1 Gbps)
6. USB 2.0 (480 Mbps)
7. Ethernet (100MBps)

For the original article click here.

Microsoft Office 2016

Computer Culture Admin - Thursday, July 13, 2017

Please note: Businesses should not be running any version of Office older than 2010

With Microsoft Office 2007’s support due to expire on 10 October 2017, now is a good time to upgrade to a newer suite such as Office 2016.  From October Microsoft will no longer supply patches for security vulnerabilities or fixes for other bugs, nor will it provide company-assisted technical support, whether free or paid, such as by-phone or trouble shooting.

That gives businesses that are using Office 2007 just over three months to drop Office 2007’s applications and switch to a new suite.

Here are the top 6 reasons to upgrade your Microsoft Office Suite to 2016.

1. Built for teamwork

In Word, PowerPoint, and Excel, there's easy sharing right from within the app. You can also see who has access to a given file and who is currently working in it.

2. New Chart Types in Word, PowerPoint, and Excel

Visualize financial or hierarchical data, and highlight statistical properties of your data with new chart types: Treemap, Waterfall, Pareto, Histogram, Box and Whisker, and Sunburst.

3. Faster, easier ways to get data into Excel

Excel includes a powerful new set of features called Get & Transform, which provides fast, easy data gathering and shaping capabilities. Get & Transform enables you to connect, combine, and refine data sources to meet your analysis needs.

4. Modern Attachments in Outlook

Attach a document from your recent items and share them from OneDrive or SharePoint with email recipients. Also configure sharing permissions so that all the recipients have access to the attached file without having to leave the app.

5. Smart Lookup in Word, PowerPoint, Excel, and Outlook

Fact-check or explore terms in your documents with Bing-powered Smart Lookup. Simply highlight terms in your document and use this feature to bring in search results from the web right into your reading or authoring environment.

6. Tell Me in Word, PowerPoint, Excel, Outlook, Project, Visio, and Access

Simply type what you want to do in the app using your own words, and then Tell Me will guide through the process as well as offer additional resources.

Security News

Computer Culture Admin - Thursday, July 13, 2017
When we think of hackers we mostly assume these are individuals working alone.  This is far from the truth with communities of hackers working together, mostly to the detriment of governments and organizations.

“Anonymous” is a loosely associated international network of activist and hacktivist entities. A website nominally associated with the group describes it as "an Internet gathering" with "a very loose and decentralized command structure that operates on ideas rather than directives". The group became known for a series of well-publicized publicity stunts and distributed denial-of-service (DDoS) attacks on government, religious, and corporate websites.

Anonymous originated in 2003 on the imageboard 4chan, representing the concept of many online and offline community users simultaneously existing as an anarchic, digitized global brain. Anonymous members (known as "Anons") can be distinguished in public by the wearing of Guy Fawkes masks in the style portrayed in the graphic novel and film V for Vendetta.

In its early form, the concept was adopted by a decentralized online community acting anonymously in a coordinated manner, usually toward a loosely self-agreed goal, and primarily focused on entertainment, or "lulz". Beginning with 2008's Project Chanology—a series of protests, pranks, and hacks targeting the Church of Scientology—the Anonymous collective became increasingly associated with collaborative hacktivism on a number of issues internationally. Individuals claiming to align themselves with Anonymous undertook protests and other actions (including direct action) in retaliation against copyright-focused campaigns by motion picture and recording industry trade associations. Later targets of Anonymous hacktivism included government agencies of the U.S., Israel, Tunisia, Uganda, and others; the Islamic State of Iraq and the Levant; child pornography sites; copyright protection agencies; the Westboro Baptist Church; and corporations such as PayPal, MasterCard, Visa, and Sony.

Anons have publicly supported WikiLeaks and the Occupy movement. Related groups LulzSec and Operation AntiSec carried out cyberattacks on U.S. government agencies, media, video game companies, military contractors, military personnel, and police officers, resulting in the attention of law enforcement to the groups' activities. Some actions by members of the group have been described as being anti-Zionist. It has threatened to cyber-attack Israel and engaged in the "#OpIsrael" cyber-attacks of Israeli websites on Yom HaShoah (Holocaust Remembrance Day) in 2013.

Anonymous have also joined the fight against terrorism. The group announced a major, sustained operation against ISIS following the November 2015 Paris attacks, declaring "Anonymous from all over the world will hunt you down. You should know that we will find you and we will not let you go” ISIS responded by calling them “idiots” and asking “What they gonna hack?”.

By the next day, however, Anonymous claimed to have taken down 3,824 pro-ISI Twitter accounts, and by the third more than 5,000. A week later, Anonymous increased their claim to 20,000 accounts and released a list of the accounts.


Computer Culture Admin - Thursday, July 13, 2017
Most of us don’t do very well when it comes to setting and remembering passwords. We also come up short regarding safe storage of our passwords.
Thankfully, there are password managers like LastPass. With a password manager, the app generates unique, complex passwords for each site or app that requires one. When you need to log in, LastPass fills in the correct information, even filling it in in other apps.
LastPass also securely stores your personal information so you can quickly fill out tedious forms, and includes mechanisms to safely share passwords with other people—even after you've departed this mortal realm.
A new pricing structure lets you create an account and sync passwords between all your devices, mobile or otherwise, for free.

Microsoft Surface Pro

Computer Culture Admin - Thursday, July 13, 2017
HP Computer Culture have joined a small select group of companies to become an official Microsoft Surface Product Reseller.  
We are now able to source directly:
  • The New Surface Pro
  • Surface Pro 4
  • Surface Laptop
  • Surface Book
  • Surface Studio
The new Surface Pro is 8.5mm thick and weighs only 786 grams.  Processors options includes m3, i5 and i7, hard drive sizes ranging from 128Gb up to 1TB and memory 4Gb up to 16GB.  Battery life is claimed to be 13.5 hours.

What is a Botnet?

Steve Hirst - Friday, June 23, 2017
Botnet A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection. The owner can control the botnet using command and control (C&C) software. Users are often unaware of a botnet infecting their system. 

Infected devices are controlled remotely by cybercriminals, and are used for specific functions, so the malicious operations stay hidden to the user. 

The botnet malware typically looks for vulnerable devices across the internet, rather than targeting specific individuals, companies or industries. The objective for creating a botnet is to infect as many connected devices as possible, and to use the computing power and resources of those devices for automated tasks that generally remain hidden to the users of the devices.

For example, an ad fraud botnet that infects a user's PC will take over the system's web browsers to divert fraudulent traffic to certain online advertisements. However, to stay concealed, the botnet won't take complete control of the web browsers, which would alert the user. Instead, the botnet may use a small portion of the browser's processes, often running in the background, to send a barely noticeable amount of traffic from the infected device to the targeted ads.

On its own, that fraction of bandwidth taken from an individual device won't offer much to the cybercriminals running the ad fraud campaign. However, a botnet that combines millions of devices will be able to generate a massive amount of fake traffic for ad fraud, while also avoiding detection by the individuals using the devices.

Back to Top