Are constant data breaches making people lose trust in technology?

“In today’s digital business environment, trust is built on two major components: ethics and security. Trust is the cornerstone of the digital economy.” – Accenture Technology.
The Internet Society (ISOC), expressed a concern that constant data breaches are seriously affecting people’s trust in technology.
Digital trust is actually not a process but rather a result of  secure relationships  and communications between companies, end users, partners and employees.
 
Security experts are continuously underlying that empowering digital trust doesn’t only mean investing in technology but rather in organizational’s mindset, which constantly develops and adjusts to ever accelerating threats.

In the Global Internet Report 2016 released by ISOC it was highlighted that there should be more incentives for breached organizations in order for them to invest in cyber security otherwise the breaches will continue. 

In just first half of this year there was 3.04 million compromised records which means that 35 records were compromised every second. This fact about compromised data presents a failure in cyber-security investments.

Since the amount of data breaches are in an tremendous increase over the years, the logical and expected consequence is customers loosing trust in technology. According to a new research conducted by Centrify 66% of U.S., 75% of U.K. and 57% of German consumers are likely to stop doing business with a hacked organization.

Consumers admit that, nowadays, they are more likely to expect from a business to be hacked and not to be protected. On the other side, half say that businesses are taking care for their customer’s online security.

Even thought investing in cyber security is a must for businesses, only 1 out of 3 organizations is actually planning to do so.

CEO, Olaf Kolkman, of The Internet Society (ISOC), highlighted few recommendations for organizations in order for them to avoid cyber attacks in the future and to keep digital trust stable.  One of them is related to transparency of data breaches. He believes that transparency about cyber security and incidents in this field should be a must and that people worldwide have to be aware about these matters.

He also refereed to the fact that businesses and government should work more in this field and come up with a strategic plan which will help decrease the data breach stats.

Organizations have to work on the company’s mindset when it comes to cyber security. Besides securing their network, they need to keep their programs always up-to-date, their communication channels secure and most importantly to share awareness among the employees how to deal with online cyber threats and social engineering.

If this trend continues to grow it is clear that if businesses don’t reduce the risk of a cyber-attack they will reduce the number of their customers. Loosing customers for a company also means loosing money. Better invest a small part of that money in cyber security and never experience a data breach again.

Stay safe.

What are bootkits and rootkits and why are they so scary?

While it’s hip and trendy to write and talk about ransomware variants, we should also not forget to spread the word on malware that is located deep into a machine’s boot process or firmware and which can get unrestricted access to the entire computer. The ones that keep malware analyst bump their head on the wall and make them want to change their career and run far away from everyone and everything.
So, what are these nightmare viruses that make malware analysts go crazy?
They are called: Rootkit and Bootkit. Doesn’t say a lot so here is a little bit info.
A Bootkit infects the Master Boot Record (MBR) with its ability to get load into the Windows Kernel and bypassing full volume encryption, because the Master Boot Record is not encrypted. The master boot record holds the decryption software which asks for a password and decrypts the drive. The “special” feature of bootkit is that it cannot be detected by usual means of an operating system because all its components reside outside of the standard file systems.
A Rootkit is a program and sometimes even a set of programs that hides and embeds itself deep into computers operating system and allows remote users to operate and control the computer’s operating system.  While rootkit opens the door to areas which are forbidden to unauthorized users it also has the possibility to hide presence of its existence.
“Root” stands for a UNIX/Linux term that’s the equivalent of Administrator in Windows and “kit” refers to the software components.
They have been around for 20 years but once they have been found they didn’t have any malicious character but over a while cyber criminals found the nature of rootkits as very interesting and useful for malicious attacks.
What is the biggest issue?
Due to their possibility to hide very deep and to embed themselves into the operating system in such a way that allows many legitimate and important function calls and data to be passed through their oversight it can be very hard to remove them. Some researchers made it simpler to understand by comparing it to a hard-water filter installed on your water pipe system right outside of the point where the water enters your house.  So, in case you remove this filter, a problem will emerge with your water correctly getting into your house.  The same goes with a rootkit. You cannot remove it that easily since you can break some vital functionality of the operating system and make create even worse damage. Removal is not easy and when dealing with  these kinds of infections removal may require specialized software tools.
Zemana Labs spend a lot of time and invested years of experience in order to create the best possible rootkit and bootkit remediator. Due to the high malicious nature of the infection Zemana made it free to end users so they can effectively remove deep embedded rootkits and rootkits without damaging any vital functionalities of the operating system.
MRG Effitas defined it as the best rootkit remediator.
Download Zemana AntiMalware Free here.
To have proactive protection and never let any of these infections get near your PC install Zemana AntiMalware Premium and stay worry free.
Stay safe!

Healthcare breaches: easy profit plus+lack of security protection

2015 was “the year of the healthcare breaches”-according to IBM, 2016 Cyber Security Index.

During the last year, 47% of the United states population experienced a personal healthcare data breach.

Out of the 16 critical infrastructure sectors, the Healthcare industry suffered from the most recent data healthcare breaches, an estimated ~21% – according to Gemalto’s report Data Breach Index for the first half of 2015.

Scary statistics speaks for itself, but what makes healthcare industry so attractive to cyber-criminals?

Simple answer. Easy opportunity for profit plus + lack of security protection.

Medical profiles are worth much higher on the black market than simple credit card numbers, since they contain: patients’ social security number, home address, phone number, emergency contacts, email address and etc.

According to Elliott Franz who is a CEO at Virtue Security “it’s easier than ever to gain access inside a hospital’s network and compromise a device,”

In February this year, the computers at Hollywood Presbyterian Medical Centre have been down for more than a week as the Southern California hospital tried to recover from a Ransomware attack. In order not to lose all its patient medical records, the hospital paid $17,000 to restore the hijacked files.

2015, was the year of healthcare breaches, but for now 2016 hasn’t shown a different face.

What measures to undertake?

Hackers will use many kind of advanced attack techniques to achieve their final goal.

For all businesses, as well as for healthcare organizations, it is very important to implement layered security approach and to use variety of other tools to block hackers out! A comprehensive security solution is number one move that each business has to undertake.

Having a security solution that is always up to date and that is able to defeat ransomware, keyloggers, financial malware, SSL injectors and other threats is a must have for every organization.

Besides, it is very important to include other techniques such as segregating networks so in case a hacker manages to gain access to one network area doesn’t automatically have access to all the data stored throughout the organization.

Since more and more organizations rely on wireless routers, one more technique that healthcare organizations should apply is to keep that their routers and other parts up to date. Beside having their routers safe having their network passwords secure and changed frequently is an additional level of security that hackers will find hard to pass.

Without proper education we are lost. Same goes for this situation. Many healthcare data breaches were caused by employees itself without themselves being even aware of it. Healthcare organizations should educate their staff members on how to avoid a phishing scam, on social engineering tactics and other attacks that target employees, and very importantly advice on choosing secure passwords.

Hackers very often misuse the existing software that your organization is using if it is not up to date all the time. Healthcare organizations should always keep the software patched and up to date to lessen possible security vulnerabilities.

It is very important to think about your organizations safety and to implement security techniques and tools that will keep you safe as best as possible. Remember a data breach always costs more than securing your organization.

So, what is better?!

Why is cyber security essential in video games development?

When software development started to become a hit worldwide, cyber security matters were not that important. Everyone just focused on the functionality of the software itself and no one had time to focus on security issues since cyber criminal was not that famous then.

Now with the increase of cyber criminal, security became a top priority throughout all channels and all development phases of software.

Luckily, developers are extremely aware of it and find it as an essential concept.

Software industry has grown rapidly, especially in the past decade. Everyday some new software comes to the surface and with that new challenges arise as well. However, there is a software category that became a BUM in this field and that holds very tight fingers with cyber security.

Video games!

Video games are not a new concept but lately they became one of the software categories that generate massive revenues and have million of active users worldwide.

ESET experts conducted an interview with Andrés Rossi, CEO of Sismogames – an Argentine company that develops video games for social networks and mobile devices, a niche market that was in 2015 worth $1.97 billion in the US alone.

His opinion on security problems in video games industry is very straightforward:

 “Over the years, I have seen all sorts of incidents, from payment-card frauds, to cyber attacks targeting gamers and the subsequent claim of prizes, to exploitation of servers just for the sake of playing”, he described.

Besides he also noticed that most of these problems occur because of users’ irresponsibility:

“Irresponsible as it may seem, what I see most frequently are players who leave their accounts open in machines that do not belong to them, they just leave without logging off or erasing their private data.” 

Even though this irresponsible act shouldn’t even be present among users but actually it is one major problem that causes a lot of security incidents.

Besides, as he states, the security incidents are caused due to the fact that there are many malware that are stored within different flash drives or file attachments that go from user to user.

The importance of cyber security implementation in video games development is a MUST!

He continues that thinking about security implementation while developing a game must be part of the development routine although he believes that the ignorance towards security matters prevails among many video games developers.

He even highlighted the incident with Sony which had its online PlayStation platform compromised.

Online security implementation is something that everyone should work on

While playing a video game, user reveals different kind of sensitive information such as email accounts, Facebook account, credit card details while purchasing some virtual currencies or premium features/items and so on and so forth.

All these games collect very sensitive data, therefore all video games are potential targets to cyber criminals  which means that users data can be easily compromised and exposed.

Having this in mind, and the consequences it can make, each game developer should carefully implement security channels throughout the software in order to prevent possible cyber attacks and data breaches.

Online security as a essential part of video games

It is definitely not easy to focus on many things while developing a game therefore video game developer should work closely with security software companies that can easily implement security channels throughout the game.

The awareness on this matter has to be raised

Security incidents related to video games are increasing each minute. Millions of users trust game developers and reveal their data in order to play and enjoy the game. Therefore security software companies and game developer should work closely and as much possible decrease the security incidents in this industry and share awareness among users on possible security issues.

How much data breaches affect company value?

With an overgrowing increase of malware samples and variants (near 600 million) in this year only , the average cost of data breaches has been estimated to reach $4 million-as according to Liviu Arsene, Senior E-Threat Analyst.

Gartner, American research and advisory firm, conducted an analysis on last year data breaches stats and estimated that people worldwide will invest in information security near to $75.4 billion. Besides, the organization sees a 26 percent probability that a company will experience one or more data breaches within a 24-hour period.

How much data breaches really cost a company?

While everyone out there focuses on how much money does the company has to invest to fix a data breach and to increase their security budgets in order to block any possibility from another attack, the question that arises here is actually what is the impact on company’s’ value?

Below, we will walk you through few massive data breaches that huge organizations experienced over the last year and what were the consequences they had to face.

Target

The massive data breach that everyone knew about is the one that Target has experienced in late 2013. Data of 70 million individuals were exposed. To fix the cost of the data breach company invested approximately $252 million. However, the company’s stock market rating wasn’t affected in long term. It took a year to get back on track and to increase their stock value as previous.

Anthem 

In 2015 Anthem data breach was hot topic. 78.8 million records were stolen.

When it comes to their stock market performance, the rice drooped during the time the breach happened but there was no serious drop until late 2015.

Vtech Holdings

A leading supplier of corded and cordless phones and electronic learning toys experienced a data breach last year. The impact was huge – 4.9 million parents’ accounts were accessed by cyber criminals and profiles of 6.4 million children were exposed.

Looking at their stock value, during the data breach it drooped but not significantly.

Adobe 

This one we all know about. Famous data breach that Adobe has been affected with were 38 million customer accounts have been accessed and all their data were out – including all credit card details, personal info and others. Just looking at the lawsuits Adobe had to face their cost reached $1.1 million in attorneys’ fees and expenses and an undisclosed sum to affected users.

The very interesting part here is that the stock value of Adobe didn’t drop down even a little bit.

Value or money?

If we take a look at the above examples of massive, well-known data breaches we could see that there is no significant decrease in companies’ value. We had to keep in mind that these examples included only big companies that had enough financial back up to fix the data breach and were most probably engaged with insurance companies and policies that cover such incidents. But till when will insurance companies bear the cost of constant data breaches?!

On the other hand, small businesses don’t share the same destiny as large corporations. According to a research conducted by Centrify 66% of U.S., 75% of U.K. and 57% of German consumers are likely to stop doing business with a small organizations that have been hacked. Read more here.

Full me once, full me twice but…

A company may fix a data breach in short time and secure its stock market value but if the security gaps are not taken care of in a long term, the data breaches will occur on a regular basis and than an organization may experience a serious drop down.

Why do you need Anti-keylogging app on your PC?

We came to a point where users worldwide are afraid to enjoy technology due to an increased number of security threats. I mean, one day you wake up to start your day as normal as usual and you decide to engage with a perfectly legitimate website in order to buy something for yourself without suspecting even a little bit that a cyber criminal has already installed a keylogger on your PC and now the scammer has the power to record everything you type.

How can a keylogger harm you?

A keylogger (keystroke logging or keylogging) is used by cyber criminals to track and record whatever you type on a keyboard without you being aware of it. By using this method cyber criminals can collect all you data, gain access to all your private accounts, engage in purchases and even criminals activities under your own name.

And then out of nowhere you are a victim. You lost your money, but even worse – you have lost your trust.

That is the key point here. Users lose trust.

It is one thing to be paranoid, but it is totally another thing to take needed precautions and to freely enjoy, surf the web and engage with websites worry-free.

You shouldn’t ignore technology and you shouldn’t be afraid to engage with different websites and enjoy your daily only activities.

So, what should you do?

Lately, there are many organizations and websites that advice you to use a virtual keyboard with numbers and letters in random places so users think they are safe enough.

However, even this is not secure since recently a Bastille Networks researcher Marc found a set of security issues in low-cost wireless keyboards that cyber criminals can exploit in order to collect all your passwords, sensitive data, credit card details and other.

Don’t panic. Luckily for you is that you don’t have to change your keyboard or spot any of these threats since there is a well-trained eye that will take care of that for you.

You just have to secure yourself with proper anti-keylogger software that will act as your bodyguard and will not let anything pass by.

Years ago, when keylogging was in the rise, Zemana developed anti-keylogger software – Zemana AntiLogger that aggressively combats keyloggers of all types.

It excels at fighting the most malicious type of keyloggers – financial malware.

The sole purpose of financial malware is to obtain your logins, passwords, credit card numbers and banking information, as well as valuable accounts such as stock trading accounts. Once that information is obtained, it is often sold to the highest bidder. Using our anti-keylogger software, you can wipe-out malicious keyloggers and maintain your privacy.

 Conclusion

You don’t want your credit card information stolen. You don’t want your emails hacked into. You don’t want hackers to gain access to your personal information. Therefore, protect yourself if you aren’t already. Keyloggers are serious danger! Don’t let hackers profit from you!

Youndoo.com using ShellExecuteHooks to hijack your browsers

Yesterday while doing my usual malware analysis, I discovered new Youndoo.com browser hijacker being pushed by malware downloaders. It comes from the same authors of original YesSearches malware that became extremely popular along with its younger Hohosearch brother.

This malware uses ShellExecuteHooks method to load youndoo.com address as soon as you start your browser.

During the installation, malware creates following registry keys that enables them to use this technique:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“EnableShellExecuteHooks”=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

“{6710C780-E20E-4C49-A87D-321850ED3D7C}”=””

They also create random named .dll file inside C:\Users\username\AppData\Roaming\Microsoft\Windows\Cookies folder that executes this hijack.

When you try to start Google Chrome or Firefox, they apply these command line arguments:

C:\Program Files\Mozilla Firefox\firefox.exe
-profile
C:\Users\admin\AppData\Roaming\Profiles\yzzfdyu4.default
http://www.youndoo.com/?z=2357d6c12

7eec6a3dc76789gaz1q1q7ecqcmbw6bbb&from=wak&ui
d=531364863_198339_4E6C236A&type=hp

 

C:\Program Files\Google\Chrome\Application\chrome.exe
–user-data-dir=C:\Users\admin\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E10
8
http://www.youndoo.com/?z=2357d6c127eec6a3dc76789gaz1q1q7ecqcmbw6bbb&from=wak&ui
d=531364863_198339_4E6C236A&type=hp

As you can see, they use previously created fake profiles to start your browsers with youndoo.com start page. All of this is to ensure this hijack remains after you manually remove your homepage.

Firefox hijack is even more interesting. They create two fake profiles.

They use second folder to start Firefox, while the first folder is used with different kind of hijack. We all have profiles.ini file inside C:\Users\username\AppData\Roaming\Mozilla\Firefox folder. The content of normal file looks like this:

[General]
StartWithLastProfile=1
[Profile0]
Name=default
IsRelative=1
Path=Profiles/4v91wrx7.default
Default=1

This malware changes it so when you start Firefox, it uses the fake profile from the first folder to start:

[General]
StartWithLastProfile=1
[Profile0]
Name=default
IsRelative=1
Path=Profiles/168z21qq.default

[Profile1]
Name=Firefox Default
IsRelative=1
Path=../../Profiles/n0dj6uo3.default
Default=1

The full path above is C:\Users\username\AppData\Roaming\Profiles\n0dj6uo3.default.
They also install GsearchFinder Firefox extension under each of two fake profiles.
Our latest build is capable of removing this browser hijack:
Save yourself the hassle and install Zemana AntiMalware.