Untold Truth Of 2018 and What to Expect From 2019

There are a few days left for another year to end. During this year, many exploits were found and many governments, small and large companies suffered from cyber-attacks. Let’s remember some of the incidents that caused trouble…

  • As the value of bitcoin increased to 20,000 USD during the first month of 2018, cyber-attacks slightly changed their target and also revealed a new type of attack: Cryptojacking. Cryptocurrencies were stolen and victims’ computers were used to mine cryptocurrency. Even, governments of United Kingdom, United States and Australia experienced this security issue.
Designed by Fullvector, can be found on https://www.freepik.com/free-vector/internet-payments-protection-money-transfer-online-bank-budget-accounting_2910144.htm

Designed by Fullvector

  • Rather than a software vulnerability as usual, new hardware vulnerabilities were found in processor chips. Thus, Meltdown and Spectre attacks started to hunt down computers that had these processor chips: so, basically, every computer…
  • SamSam ransomware hit a city in United States. It affected almost every station in the city, such as water management departments and police stations. Even though the ransom was only $52.000, it cost $9.5 million to recover. Also, Baltimore’s 911 dispatch system was hit by a ransomware, which forced the employees to spend 17 hours making the dispatches manually.

These events are very important factors that show why ransomware should never be underestimated…

  • GitHub, the software development platform, was targeted by the biggest DDos attack ever experienced. Their servers exposed to 1.3 terabits of traffic per second.
  • So many companies and institutions including, Equifax, UnderArmor, Aadhaar, Biritsh Airways, Rail Europe, Dixons Carphone, Ticketfly, MyHeritage, Exactis, SingHealth, Timehop, Air Canada, Facebook, Amazon, Marriot, Germany’s foreign and interior ministries and the U.S. State Department experienced data breaches effecting 4 million people, 150 million accounts, 1.1 billion Indian citizens, 185,000 passengers, unknown numbers, 10 million people, 27 million customers, 92.2 million accounts, 340 million records, 1.5 million healthcare patient records, 21 million users, 20,000 customers, 30 million users, unknown numbers, 500 million hotel guests, at least 17 gigabytes of data and several hundred employees respectively.
  • According to a United Nations report, North Korean hackers attempted to get an access to e-mail accounts UN panel members who are enforcing trade sanctions against North Korea. Also, an evidence that shows same group of hackers was targeting Turkish banks and government finance agencies was revealed by the cyber security researches.

The list of significant cyber events goes on and on…

Lessons to Be Drawn

Cyber world offers limitless opportunities to people who want to reach any point in the world while they are sitting on their chair. Thus, it also gives opportunities to hackers to find vulnerabilities and exploit them far away from the crime scene. This indicates that hackers will always be lurking on the internet to find victims according to their taste.

As there are lots of reasons behind cyber-attacks, with the right protection, proper cyber security trainings for increasing the awareness against the threats and 24×7 security monitoring, most of the cyber-attacks can be prevented.

What to expect from 2019?

Just as cryptocurrencies, increased usage of Internet Of Things and their lack of security systems will create massive hunting grounds for the hackers. On April 2018, security researches have already shown that Alexa can be made to listen to the owners without hacking it. Imagine the outcome once your devices can listen to whatever you are doing… And now imagine, if your devices can see you, listen to you and sense you…

Internet of Things

Designed by Freepik

Every day a new piece of malware is being developed. Even as cyber security experts, we can’t know all of them. This is why they are called zero-day threats. However, we can predict that with the integration of Artificial Intelligence to our lives, the AI powered malware will also be implemented to our lives, eventually…

2018 Cyber Security Overview

Christmas time is behind us and we are heading towards New Year, so we decided to take a moment, look back at 2018 and remember the major security trends:

 

From .exe Files to Package and Deploy Malware

One of the most significant trends we saw early 2018 is the ongoing shift away from using malicious .exe files to package and deploy malware. This changed the way in which attacks were carried out, and it posed a severe problem for traditional security solutions such as antivirus, which rely heavily on analyzing executable files in order to make detections.

Attacks that avoid the use of malicious executables started being classified as fileless. New, improved tools and strategies make it much easier for criminals to use fileless attack techniques even if they have little or no technical expertise.

Fileless attacks techniques are actively bypassing security solutions much more efficiently than traditional, file-based attacks.

Decrease in Ransomware Attacks

During the first half of 2017, there was almost nothing more common than a ransomware attack. If your company suffered a malware infection it was more likely to be ransomware than anything else.

Then, suddenly in 2018, things changed. Ransomware made room for cryptocurrency-mining malware! This provided a stealthier, more effective alternative to ransomware. Therefore, more and more attackers switched over to crypto-mining malware as a result.

Hacking Tools for Sale

One of the biggest trends in 2018 was the use of black market for purchasing numerous hacking tools and packages. Even lower skilled cyber criminals were able to utilize resources and skills which can be purchased in the black market to increase their capabilities and skills.

Ransomware-as-a-service variants have fallen in 2017, but they are more customizable, so they can be adapted to targets and thus more a threat to organizations.

 

GDPR

The EU General Data Protection Regulation (GDPR) came into force on May 25, 2018. This regulation presents a major step in protecting personal data of European citizens. GDPR affects not only EU companies but extends to any company offering goods or services (even for free) to EU citizens or any monitoring of EU citizens.

Important new obligations under GDPR include notification of breaches within 72 hours, increased requirements in relation to consent for sharing data, storing data, processing data and transferring data as well as the ability to revoke consent. The goal was to standardize data protection laws across Europe.

 

Worst Cyber Security Breaches in 2018

 

Facebook

In March 2018 reports which emerged showed that a political data firm called Cambridge Analytica collected the personal information of 50 million Facebook users via an app. Despite Cambridge Analytica’s claim that it only had information on 30 million users, Facebook determined the original estimate was in fact low. In April, the company notified 87 million members of its platform that their data had been shared.

US Universities

In March, the Department of Justice indicted nine Iranian hackers over an alleged spree of attacks on more than 300 universities in the United States and abroad. The suspects are charged with infiltrating 144 US universities, 176 universities in 21 other countries, 47 private companies, and other targets like the United Nations, the US Federal Energy Regulatory Commission, and the states of Hawaii and Indiana.

The Department of Justice says the hackers stole 31 terabytes of data, estimated to be worth $3 billion in intellectual property. The attacks used carefully crafted spear phishing emails to trick professors and other university affiliates into clicking on malicious links and entering their network login credentials. Of 100,000 accounts hackers targeted, they were able to gain credentials for about 8,000, with 3,768 of those at US institutions.

Exactis

In June, a security researcher Vinny Troia discovered that Exactis, a marketing and data aggregation firm based in Florida, had left a database exposed on a publicly accessible server. The database contained two terabytes of information that included the personal details of hundreds of millions of Americans and businesses.

Exactis has not confirmed the exact number of people affected by the breach, but Troia reported that he was able to find close to 340 million individual records. He also confirmed that the incident exposed affected consumers’ email addresses, physical addresses, phone numbers, and other personal information, in some cases including extremely sensitive details like the names and genders of their children. 

Under Armour

In March, Under Armour learned that someone had gained unauthorized access to MyFitnessPal, a platform which tracks users’ diet and exercise. The criminals responsible for the breach accessed individuals’ usernames, email addresses, and hashed passwords.

150 million MyFitnessPal users are believed to have had their information compromised in the data breach.

 

Some Facts

 

  • In 2018, 4 out of 5 organizations replaced or augmented their existing antivirus solution
  • The total cost of a successful cyber-attack is over $5 million, or $301 per employee
  • 69% of organizations don’t believe their antivirus can stop the threats they’re seeing
  • In July 2018, the ratio of ransomware dropped to less than 30 percent of all malware payloads. By December, the ratio had fallen below 5 percent
  • In 2018, 54% of companies experienced one or more successful attacks that compromised data and/or IT infrastructure
  • In 2018, 77% of attacks that successfully compromised organizations in 2018 utilized fileless techniques
  • By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion
  • In 2018, 150 million user accounts were compromised
  • 1n 2018, 6 million Instagram accounts were hacked
  • 35% of people use weak passwords

 

Stay Positive!

While risks and threats continue to grow, we shouldn’t despair! Keep in mind that the challenges cyber criminals pose, are not too great to overcome. A key part of managing them effectively is staying up-to-date on most current threats, but also stepping back to understand the big-picture trends that are driving them.

Let’s make a promise to be smarter in the following year to keep our personal information far away from criminals’ prying eyes by educating ourselves even more and protecting our devices on time!

Security-Filmful

 

Release Notes: Enjoy new Zemana Mobile Antivirus Cloud Scanner

The Zemana team (small but strong!)  pushes out new features, improvements and bug fixes based solely upon your feedback. To all our work and the improvements in ZMA that you see we  give credit to you aaaaaaand a little bit to us as well.

Up until now, to be honest we haven’t done such a great job on keeping you guys informed on what we are doing and what we plan to do with ZMA.

However, we decided to change that and now we have a blog category for release notes related to all our products including ZMA as well.

Every month Release Notes will highlight all the improvements we’ve launched, so you can easily stay up-to-date on what’s new.

So, let’s see what we have done.

ZMA v1.7.8 highlights

rocket-icon.gif

 

 

Cloud Scanner

Basically we decided to pump up our scan engine.

So, before this version everything was scanned locally. This means that we scanned all files in our own scanning engine which made it possible for users to scan all of their apps even offline which is more than great. Sure thing.

But, we had to add some wings.

This application had to fly even higher so natural result… Cloud scanner.

detections

In order to use cloud scanning option you have to accept EULA agreement once you launch the application. In case you decline the EULA unfortunately you will be unable to access this feature. So, please make sure to accept it. You don’t want to miss it.

Screenshot_20181227-155316

Ok, this is clear. Great. Let’s move on.

Cloud scanning feature is a great enhancement of our current scan engine. It improved the detection rate which is the most important thing.

So, once you are connected to the Internet we will scan with our engine and also we will scan on the Cloud. So, right now we will scan all your applications both locally and with the help of cloud as well.

What are we scanning?

We are scanning only installed applications so private files like documents, photos and similar are not scanned.

When we are scanning an application we are just scanning the logic of the applications and not the files the applications contains.

But locally we are scanning all your files with our own engine so your privacy is always protected.

We are not taking any user history in the Cloud also we don’t know which users is sending a request so we are only taking the fingerprint of the application. This is a hashcode unique for everything.

2. Easier access to menu bar

menu_open_close

You no longer need to break your fingers to access the menu bar. We heard your bad feedback about it and we are truly grateful for that. We made it easier for you to access your licence info and settings menu on the top of the app.; What do you think about it?

3. What’s up next?

Currently we are working on Web Protection module, so stay tuned.

Happy Holidays and please share your feedback with us.

Progression from Stealth to Damage and Disruption

A decade or two ago, hackers were infiltrating the targeted network silently; they were waiting for the perfect moment to act and exit with no evidence left behind them. Thus, their attacks were unnoticeable and even the target companies hardly noticed that they were the victims of a cyber espionage or cyber-attacks. Hackers were lurking in the shadows…

However, during the last decade hackers changed their tactics. They started performing their malicious activities publicly. They no longer cared whether their identity would be revealed or not. In fact, some of them leave traces behind on purpose to be linked back to their activity.

The Most Famous Cyber-Attack Gone Public

It is the most feared cyber-attack so far and still an active threat – the notorious WannaCry ransomware.

wannacry-ransomware

Photo by zephyr_p/Fotolia

It created a big deal of chaos around the world and increased its reputation when it encrypted files of many businesses and asked for a ransom in cryptocurrency. Even though the ransom was paid, most victims could not access their files or they ended up being a victim again.

The WannaCry ransomware emerged when North Korea – according to accusations of UK and USA – took advantage of EternalBlue. As former U.S. National Security Agency employees affirmed, EtrenalBlue was NSA’s hacking tool. EternalBlue was used to increase infection rate of the WannaCry ransomware attack.

The motivation behind the attack is still a mystery: making money or showing North Korea’s cyber force…

Weeks Later Another Attack Occurred

Initially, NotPetya targeted Ukraine but it was spread across the world very quickly. It created around $10 billion of damage. NotPetya was working as a ransomware but it had no intention to restore the files on the infected computers. Any ransom paid by the victims were useless because there was no key created for decryption. Once again, USA, UK and other countries accused Russian hackers, who are supported by their state, for this cyber-attack.

Petya-ransomware

 

Both North Korea and Russia…

… deny and reject involvement with Wannacry and NotPetya attacks. In the past, hackers remained in stealth mode. Now, scaring people and creating chaos became a part of cyber-attacks. This also created a new arena for less powerful states, who compete with economically or militarily more powerful states, to show off their cyber skills.

At the state level, cyber-attacks may not aim your credit cards or personal details but your city’s infrastructure. Such attacks have already happened. The most known example is Stuxnet malware that targeted Iran’s nuclear plant. There is also TRITON malware that targeted Saudi Arabia’s oil and gas petrochemical plant. Lastly, the attack that occurred in Ukraine in December 2016. It took down the power grids and created darkness in people’s lives and took their heating during the harsh winter conditions.

Cyber-attacks whose aim are damage and disruption will most likely become a trend in the near future.

The Scariest Month of the Year

Snow, Christmas movies on TV, Christmas trees, tea and big sweaters…

These are all things that probably come to our mind when we say December. The festive season is approaching, and we feel certain coziness and warmth inside us.

‘’A month of lights, snow, and feasts. A time to make amends and tie up loose ends. A time to finish off what you started and hope your wishes come true.’’

And let’s not forget the festive shopping! A perfect time for sharing and surprising our loved ones with wonderful presents! So many discounts and amazing offers starting with Black Friday, Cyber Monday, following Christmas sales and continuing until New Year…

It is truly hard to resist, and all this makes us excited and happy!

And so, we often forget that there is another much darker side to this shopping season.

This image can be found at https://www.freepik.com

Created at Freepik.com

The Nightmare Before Christmas

According to statistics, December is the month when users spend most of their money. Online sales boom because consumers are ready to spend more money than they usually do.

However, consumers aren’t the only ones looking to take advantage of the festive season – cyber criminals are increasingly exploiting the holiday period in order to trick users with their malicious campaigns designed to deliver malware.

Black Friday and Cyber Monday are big targets for cyber attackers – but they don’t stop here. They increase their effort throughout December.

Security researchers remind that there was a 57.5 percent increase in attempted cyber-attacks during the holiday shopping season last year.

Therefore, both individuals and companies should expect a rise in attempted cyber-attacks this year too.

Biggest Effort Between Christmas and New Year

Traditionally, cyber-criminals make their biggest efforts and attempts in the period between Christmas and New Year, which is not surprising. This is when all retailers hold important and biggest sales.

Preying on users’ weak spot for discounts, cyber-criminals mostly try to trick users with false discount ads and phishing emails.

Many attackers will always attempt to target individual consumers for by clearing out their bank accounts or by selling fake or non-existent goods, but more organized and sophisticated hackers and hacking groups will aim for bigger scores.

What Works in Hackers’ Favor?

There are several advantages that work into cyber- criminals’ favor and they know it.

When it comes to business and companies, hackers are fully aware that festive season is a holiday season where most of employees will be on vacation leaving their companies understaffed or closed.

This leaves plenty of time for hackers’ attempts of delivering malware. It doesn’t necessarily mean that they will succeed but they have greater chances. If they succeed, they also have better chances of not getting spotted or caught.

On the other hand, when it comes to home users, most common attempts are mostly through phishing emails. The basic ways you can protect yourself from such scams is check the email’s structure, intention and sentence structure/grammar.

Do not click on unknown links and don’t be too quick to believe in amazing offers or gifts that are promised in the email. Double-check everything you read.

This image was created and can be found at https://www.freepik.com

Created at Freepik.com

Refund Threats

Recent studies showed that one of the biggest threats to retailers’ revenue loss are fraudulent refunds. Traditionally, during the holiday shopping season, there is a high number of returns, which leaves an opportunity for scammers to get away with their frauds.

What is even worse, a person doesn’t have to be a skillful hacker to engage in this. And unfortunately, every year refund scams are becoming better and better organized.

Fashion retailers and electronic industry are the ones who are mostly victims of fraudulent refunds.

Organized cyber-criminals frequently operate from outside the countries where the refund scams are taking place, which makes it extremely hard for retailers to prosecute them.

Make Sure It Stays a Joyous Season

Holiday season should stay a joyous season, so beware of cyber-crime attacks that can ruin your holiday.

Always remember that hackers have been preparing for the holidays for months (even more than you!) They also want gifts, presents and treats and are not afraid to take them from you!

Facebook Account Mysteriously Hacked: The Police Was Not Able To Help

As we all know, social media can take all our free time and even create addiction.  This was the case with one Australian software support specialist, who recently decided to deactivate her Facebook account precisely to fight her social media addiction.

However, several months later, the account mysteriously appeared.

Different Password

According to 9news.com, an Australian website, Louise tried to login to her account, but she realized that the password has been changed. She was confused at first but eventually decided to forget about it.

The matter would have probably stayed forgotten if other two strange circumstances hadn’t happened. Few months later, Louise realized that she can’t access her other Facebook account either. This caused more confusion, so she decided to check her Instagram account.

This is when she realized that her Instagram account has been lost.

It Didn’t Stop There

This time she couldn’t just drop the matter and forget about it. Her active accounts have been lost and inaccessible. Unfortunately, it didn’t stop there.

One day, after a short travel, she needed to check her emails but while trying to assign in to her account, she realized that somebody changed her password. At this point, it was rather obvious that someone hacked all her accounts.

The most frightening part was that they did this to try to gain access to her bank and Centrelink accounts.

 “There was also an address changed on my Centrelink account to an address that I have never heard of in my life.”

No Help From Facebook

Louise’s friends informed everyone on their social media profiles that Louise’s accounts have been hacked. Louise also wrote to Facebook and explained her situation, hoping the could help her.

The only idea that came to her mind was to write a private message to her hacked account. So, she did it. Several hours later, her message was read, which only proved that there was someone using her account and watching all her photos and conversations.

“This person was seeing everything – clear copies of my bank details, cards, visa and passport details, copies of drivers’ license, Medicare – and more over personal images and messages.”

391054-PCEIQK-500

No Help From The Police

The only thing left to do was contact the police. Louise reported the matter to Queensland police, but their answer brought no comfort. They told her they cannot help her because the issue was not under their jurisdiction.

Desperate, Louise then turned to ACORN (Australian Cybercrime Online Reporting Network) and ID CARE, the national identity and cyber support service, hoping they would take the matter more seriously.

Unfortunately, this was not the case. They too gave no assistance.

Help Comes at Last

The website 9news.com, found out about Louise’s case and decided to help her out. They contacted Facebook and received a reply from them and managed to regain Louise’s accounts in 48 hours.

Louise was grateful for this but frustrated at the same time because even though the news website was able to help her, how come the police and the government agencies couldn’t?

It Can Happen to Anyone

According to 9new.com, Louise wanted her experience to be a warning to others.

“I’m not a naive person when it comes to the dark side of the cyber world. I did my certificates in Information Technology, I work in the IT industry, I take all the security measures available like an antivirus program, regular scanning of my computer, not clicking on emails or links that look suspicious, changing my passwords often.”

“I know there are people out there that aren’t as aware as I am and are even more of a vulnerability than myself, yet they still got me.”

Conclusion

When it comes to social media accounts, keep in mind that your deactivated accounts are in same danger as your active accounts. Deactivation implies that even though the account is in no longer in active use the data is still there. The same goes for old accounts that may have been forgotten.

 

 

 

 

Future Threats Of The Cyber World

Age of Artificial Intelligence is upon us. Artificial Intelligence is started being used and it will be used in broader areas. If you did not notice before, YouTube tracks what you watch and recommends you other videos that you might like. If you like the video that was recommended, you choose to watch and let the circle continue.

At one point, you don’t even notice that the main topic of the video has changed. You started watching a video about a do-it-yourself project that you want to do, but now you are watching top 10 goals in the World Cup 2018.

Thus, you end up losing so many minutes or even hours in front of your computer and doing what YouTube offers you to do. If you can’t resist watching recommended videos, it seems like your brain is hacked, doesn’t it?

Integration of Artificial Intelligence into our lives

In 2016, the public’s opinion about contentious issues in United States, such as gun control and the presidential election, was aimed to be manipulated through social media. In this manipulation, autonomous computer programs – bot accounts – were used to tweet or share propagandas.

In 2016, Microsoft created an AI chatbot to act like a curious teenage girl and engage in smart conversations with Twitter users. The chatbot Tay displayed extremely racist and sexist behaviors in less than a day.

In 2017, a new technique called Deepfake has been introduced to create new videos. This technique consists of combining and superimposing existing images and videos onto source images or videos with the help of deep learning. This lead to creation of fake celebrity or revenge pornography on the internet. Furthermore, it was also used to damage the reputation of known politicians.

H. Kim et al., 2018/Gizmodo

Comparison of the two studies – the right one done in 2017 and the middle one in 2018. The background does not move anymore. Source: H. Kim et al., 2018/Gizmodo

As of 2018, Deepfake videos are getting harder to differentiate form the real videos. This shows that it is very abuseable and can be used for hoaxes.

All of the examples above have something in common: Artificial Intelligence.

More Malicious Stuff…

One of the most sophisticated malware ever – Stuxnet was released to neutralize Iran’s nuclear infrastructure in 2010. It was designed to spread like a worm and release its payload once it knows that it is inside of the right computer. That was the reason it stayed unseen and it infected over 200,000 computers.

But how?

As a proof of concept, a variation of WannaCry ransomware, which uses deep neural networks to hide and release its payload once it detects the target, was presented by IBM researchers.

DeepLocker was integrated into a video conferencing software. The malware was hidden showing no malicious behavior and the software was working well so that it could be downloaded and used by millions of users.

Designed by Macrovector, can be found on https://www.freepik.com/free-vector/webcam-fixed-on-computer-or-laptop-with-model-data_2874853.htm

Designed by Macrovector

Meanwhile, DeepLocker was waiting for its prey. As programmed, it was using facial recognition neural network and scanning the user via the webcam. Once it acquired the target face, it activated the ransomware encrypting all the files on the computer. A personal ransomware…

Tricking the Artificial Intelligence

There are several reports and studies that show how Artificial Intelligence is targeted by malicious attacks. These attacks aim to manipulate the input data to cause neural networks to act in a misleading way.

For example, students of MIT made computer vision algorithms to flag a toy turtle as a rifle by making minor tweaks to a toy turtle. While this seems as not harmful, a study that is made by University of Michigan, the University of Washington, and the University of California, Berkeley showed that placing small black and white stickers on stop signs made these signs undetectable by Artificial Intelligence of self-driving cars.

Adversarial Artificial Intelligence Attacks

It is extremely difficult to do reverse engineering and investigate the vulnerabilities of neural networks due to their impervious nature. If hackers find a vulnerability within the Artificial Intelligence by chance or trial and error, it would be very easy for them to exploit it secretly.

To relieve the raised concerns, Adversarial Artificial Intelligence Attacks are very hard to develop and even if they are developed, they usually do not work consistently. However, if we look at how Artificial Intelligence was used to create perfectly Deepfake videos, it is only a matter of time before hackers create AI infused malware or Adversarial Artificial Intelligence Attacks.