FBI Cyber Crime Stories Week 11

We are plagued by cyber threats every day. Just as steps and controls are taken to mitigate one threat, another one appears in its place, often harder to detect, and even harder to combat.

ABC News reports a new form of malware, WireLurker, is monitoring devices connected by a USB cable to an infected computer and is installing malicious applications onto Apple devices, stealing valuable information from these mobile devices.

The Tech News World website, http://www.technewsworld.com/, provides valuable information on the latest cybersecurity threats. In one of the reports, hackers affiliated with the Russian government were able to breach some unclassified computer networks at the White House; users experienced  service disruptions as the FBI, Secret Service and NSA worked to contain the intrusion. No longer are intruders armed with guns where they can be contained before they reach the front doors. In this case, they were able to enter the White House while sitting in their room all the way in Russia. Computer users and organizations must ensure a considerable budget is allocated to counter the ever-rising security threat that comes with fast-evolving technological advances.

http://abcnews.go.com/Technology/wireStory/cybersecurity-firm-ids-apple-targeting-malware-26727467
http://www.technewsworld.com/story/81312.html

FBI Cyber Crime Stories Week 10

Today I received an email supposedly from Yahoo, asking me to click on a url to upgrade my mail account. Reading the email thoroughly, I discovered a comma where a period was supposed to be, and immediately deleted the email. It was just another scam to allow a hacker access to my system! One must give these hackers some credit .... they are persistent!
The FBI most recent cyber crime story is from a few days ago, "Purchase Order Scam Leaves a Trail of Victims". The attackers are using online and telephone social engineering techniques to trick retailers into fulfilling fake Purchase Orders that are purportedly from legitimate businesses. The products end up in  Nigeria. A new tactic, but using old tricks. Like always, businesses must look for e-mails that contain unusual phrases or spellings, and phone numbers that are hardly ever answered by a live person. Again the emphasis is not on any complicated security measures, but on plain old common sense!

http://www.fbi.gov/news/stories/2014/october/cyber-crime-purchase-order-scam-leaves-a-trail-of-victims/cyber-crime-purchase-order-scam-leaves-a-trail-of-victims

FBI Cyber Crime Stories Week 9

Today I was notified by Capital One that a new debit card is on the way, since my account could have been one of those compromised by the attack on Home Depot. Now, even Ebola has found its way in cyber threats. Hackers are using people's fear of Ebola to attack computer users by installing malware via an email attachment purportedly sent by the World Health Organization.

Like the threat of Ebola, cyber threats are widespread, can cause panic, and often extremely difficult to contain. The U.S. Department of Homeland Security is now investigating cybersecurity flaws in medical devices and hospital equipment that could be exploited by hackers to overdose a patient with drugs, or manipulate a heart implant....and the list goes on. Just when we think we have a handle on cyber threats, here comes another one that we did not foresee!

http://www.valuewalk.com/2014/10/now-ebola-become-threat-cyber-security/
http://www.foxnews.com/tech/2014/10/22/us-government-probes-medical-devices-for-possible-cyber-flaws/
 
 

FBI Cyber Crime Stories Week 8

Education is key to knowing threats, and understanding how we can avoid them. October is National Cyber Security Awareness Month, with the message that the responsibility of security belongs to all of us. The FBI published a good article on this topic, listing some superb tips on keeping our computers and electronic devices safe. These include updating antivirus software, enabling automated patches for your OS,using common sense when opening e-mail attachments or accessing URLs, using strong passwords, and keeping your personal information personal. As is the common theme by now, these are some basic security steps we can all follow to help maintain security.
I am also very happy to know that the U.S. government is making cyber security a top priority. Collaboration with the various security agencies throughout the United States (federal, state, and local), along with crime centers at Interpol and Europol is a great step toward fully understanding this threat and preparing to overcoming it.


http://www.fbi.gov/news/stories/2014/october/national-cyber-security-awareness-month/national-cyber-security-awareness-month

FBI Cyber Crime Stories Week 7

This week's cyber security news has been quite an eye-opener. CNBC lists a cyber security threat that is so obvious that it is often overlooked - obtaining unauthorized access through smaller vendors / suppliers! I mean, it is brilliant! Many large companies use smaller vendors who often have links to sensitive data, and while larger companies may have strong security defense systems in place, these smaller vendors do not. hackers are using this vulnerability to breach the systems of major companies and wreak havoc.
The bottom line is that attackers are working harder and smarter; for the first half of this year, 17.7 percent of all phishing attacks were aimed at Apple....something unheard of in previous years. Attackers realize that if they can hack into someone's Apple ID, they have a wealth of confidential information awaiting them, including banking and other online account information, etc. We've got to be more vigilant!

http://www.cnbc.com/id/102067495#.  
http://www.technewsworld.com/story/81157.html

FBI Cyber Crime Stories Week 6

History continues to repeat itself. Approximately 83 million accounts of Chase customers were hacked over the summer in what is considered an epic breach of security. Yet JP Morgan says that the bank has not found any evidence of compromised account numbers, passwords, dates of birth, and Social Security numbers. Didn't we hear this same response from the other financial institutions whose security were breached? This is how it seems to work: a bank or other financial institution suffers a security breach. First the institution denies the security breach. Then the institution acknowledges the breach, but denies any customer account was compromised. Then the bank admits that a limited number of customer accounts were compromised. Then that number of compromised accounts continues to increase. Finally, the bank gives a full fledged confession of the real damage! 

Thankfully, security experts are giving good advice: change your password. In fact, this is good advice, whether there is a security breach or not. Changing your password constantly helps to protect your account, and using complicated password makes hackers work extra hard to gain unauthorized access. Just as we out deadbolts and multiple locks on our doors, and arm our home with an intruder alarm, we can use that same concept to follow basic security rules and protect ourselves online.

http://www.nydailynews.com/news/crime/jp-morgan-customers-change-passwords-experts-article-1.1962538

FBI Cyber Crime Stories Week 5

Google and Apply have just earned themselves a bad name with the FBI! In the race to provide privacy to their customers, both companies touted their new encryption to boost smartphone privacy, prohibiting the FBI, and even Google and Apple from obtaining the contents of those phones.

It would seem to fit in nicely with the recent Supreme Court's ruling that the police need a warrant to search the cell phones of criminal suspects! The fact is that our smartphones today house a lot of private and sensitive information; information like bank and other online accounting information, and other such information. Police need a warrant to search our homes, and cell phones today contain just the same valuable information that can be found in a home!

As much as the FBI is crying fowl over this technology being used on smartphones, the fact is that people still need a certain degree of privacy, especially in this world of cyber threats! The recent episode with the NSA spying on people's records doesn't help the FBI's case much! The FBI will just have to find other means to locate vital information....and I am sure they will.

http://www.usnews.com/news/articles/2014/09/26/google-apple-earn-fbis-wrath-over-privacy
http://www.cnn.com/2014/06/25/justice/supreme-court-cell-phones/

FBI Cyber Crime Stories Week 4

No security plan is ever 100% secure. I believe that as more companies begin to understand this, they will begin to employ other checkpoints to detect unusual activity, etc. Just last week my credit card was compromised. I was alerted when I received an email from Capital One, listing show unusual activity on my credit card. Thankfully Capital One was able to quickly cancel the credit card to prevent further fraud, and issue a replacement to me.
Two weeks ago Home Depot launched an investigation after it was alerted that its customers’ credit and debit card information was stolen and was on sale in the cybercrime underground. Possible attackers were a group of Russian and Ukraine hackers. There was a possibility that customers’ data was stolen from almost all the Home Depot stores in the United States. The amazing thing is that even a formal, thorough investigation into a possible data breach often does not reveal conclusive information! We must adopt chip-reading technology and other latest security measures to prevent these breaches. Companies cannot afford to be lax; they stand to lose too much in revenue, brand reputation, etc.

http://www.theguardian.com/business/2014/sep/02/home-depot-investigate-hackers-credit-cards-breach

http://www.theguardian.com/business/2014/sep/03/home-depot-customer-data-breach-all-stores-security

FBI Cyber Crime Stories Week 3

Security breaches are a norm in our world. Reports of hacking attacks are accepted with less fuss as expecting rain in the forecast. And the trend will only multiply as companies rush to entice their customer with the latest online and mobile conveniences, and customers sign up without reading privacy notices and disclaimers. I mean, today I was able to deposit a personal check in my Capital One checking account right from my office. I used my iPhone 5S to take a picture (back and front) of the check, and made my deposit right on the phone! I can check my checking and savings account balances, credit card transactions....you name it, on my iPhone.
Every now and then I have to remind myself that convenience comes with a price, and last Friday was a start reminder / wake up call for me. I attempted to use my Capital One credit card but the charge was denied. I didn't think anything of it, until i checked my email later that afternoon. Capital One had sent me a fraud alert; someone was able to obtain my credit card information and make several purchase at delivery.com, buy movie tickets, and order music on iTunes. Thankfully my card was canceled after about a few hundred dollars of suspicious activity, and I once again made a resolution to take even harsher measures to protect myself online.
E Hacking News reported yet another security breach in the past few days; at Bartell Hotels. Over 40,000 customers were affected. The company reported the security breach occurred in February 2014 and May 2014, and have listed a Security Compromise Notice on their homepage. The company took several steps to deal with the matter: they used independent data forensic experts, they notified law enforcement and credit card companies, and are alerting customers who were affected. They have also provided a toll-free information line for customers, and are providing free services by AllClear ID to provide identity monitoring and identity protection services. It's just not good enough to try to 'hide' information when a company has experienced a security breach. Kudos to Bartell Hotels for doing the right thing!

http://www.ehackingnews.com/2014/09/security-breach-at-bartell-hotels.html

FBI Cyber Crime Stories Week 2

The reports of data breaches continue to occur; faster, it seems, than we can stop them! NBC news reported that the FBI is investigating an incident where Russian hackers attacked the U.S financial system earlier this month and stole data from JPMorgan Chase and at least one other bank. What was even more frightening was the response from JPMorgan's spokeswoman Trish Wexler, who stated that companies like JPMorgan experience cyber attacks nearly every day.
In another report by the Inquirer, it seems that particular cyber attack targeted seven of the world's top banks, with hackers altering and deleting customer records at will! We like in an exciting, yet frightening world. Today’s cyber attackers do not have the look of traditional criminals, and the Internet has enabled them to steal across the globe from the convenience of their home!  

http://www.nbcnews.com/tech/security/fbi-investigates-whether-russians-hacked-jpmorgan-other-u-s-banks-n190671

 http://www.theinquirer.net/inquirer/news/2362260/jp-morgan-chase-reportedly-hacked-by-russian-cyber-criminals

FBI Cyber Crime Stories Week 1

My name is Bickram Mark Singh. I am a Systems Engineer Manager; working for Verizon for the past 21+ years. Much of my daily functions include trouble-shooting and problem solving; it is a fast-paced, hands-on, non-stop work environment with deadlines to meet and emergencies occurring constantly. My major is Cyber Security, and this is my first Masters class with Bellevue University.

Each week I will post information on interesting FBI Cyber Crime Stories. The first story is quite an eye-opener for me. According to the FBI (n.d.) website, the first online bank robbery occurred two decades ago, 1994, when a computer programmer in Russia hacked into a major U.S. bank and secretly started stealing money. During that time, the FBI did not have a cyber crime team. The good thing is that this robbery opened our eyes to network security and raised general awareness of the emerging online criminal threat. This robbery caused the FBI to expand its cyber crime capabilities across the nation and around the world.

Reference

FBI. (n.d.). A byte out of history. Retrieved from http://www.fbi.gov/news/stories/2014/january/byte-out-of-history-10-million-hack-1994-style/byte-out-of-history-10-million-hack-1994-style