The buzzword on the lips of the security world right now (and will likely continue to be) is Heartbleed. The vulnerability has affected up to two-thirds of the Web, in the estimation of some, and will continue to be a force to be reckoned with over the coming weeks and months. In late-breaking news yesterday, it was reported by the Washington Post that the first suspected Heartbleed hacker has been arrested (see below for the link to the story).
While this has been going on, China-based actors have continued to place atop the list of top attackers of the Norse Live Threat Intelligence Platform, with countries such as the U.S. and the Netherlands also near the top. During a one-hour stretch yesterday, around 2 PM PT, hackers from China launched over three million attacks against countries including the United States, Singapore, and Portugal. While when viewed via the Norse Live Attack Map, it can resemble global nuclear war, this was actually a pretty routine day on the Internet.
As was mentioned above, Heartbleed is dominating the security news this week, and will likely continue to do so in the coming weeks and months. Stories on different sets of Web users being hit are starting to be told, and as security pros continue to patch the vulnerabilities for their clients, it will be interesting to see just how far-reaching the Heartbleed effect will go.Also, the U.S. tax deadline passed on April 15th, and once again, hackers took advantage of the lead-up by filing fraudulent tax returns. Additionally, IoT security is still something to be discussed, and a survey indicated that the communication between IT pros and company executives is lacking.Here's a sampling of some of this past week's most relevant security stories:
- "The first suspected Heartbleed hacker has been arrested" - Washington Post
The first reported hacker arrested for a heartbleed-based attack is apparently a 19 year old Ontario man arrested by a Canadian cyber crime unit for hacking into Canada's tax agency.
- Crimeware Helps File Fraudulent Tax Returns - Krebs on Security
Very interesting article by Brian Krebs on how cybercriminals are filing bogus tax returns. It describes a "a Web-based control panel that an organized criminal gang has been using to track bogus tax returns filed on behalf of employees at hacked companies whose HR departments had been relieved of W2 forms for all employees. So, you might want to check with your HR department and ask how they are securing their employee HR data.
- Heartbleed is about to get worse, and it will slow the Internet to a crawl - Washington Post
"The sheer scale of the work required to fix this aspect of the bug — which makes it possible to steal the "security certificates" that verify that a Web site is authentic — could overwhelm the systems designed to keep the Internet trustworthy."
- The Internet of Things: An exploding security minefield - NetworkWorld
Another story on the security risks posed by the IoT but from the point of view of who is making the "Things", or internet connected devices, today. Whereas in the past these devices were primarily sold by large consumer electronics or PC peripheral manufacturers, today the smallest startups can get ideas for IoT devices crowd funded in days. "development of the IoT is, 'not just for larger companies,' Lanier said. 'Anyone can make a thing and get $80,000 overnight to do it,' from crowd-funding sources. 'But the problem is that entrepreneurs are not security minded people. They have no experience with it and no budget,' he said. 'And they don't know why other people want to break their stuff.'"
- Survey Highlights Communications Gap Between Security Pros and Senior Execs - Security Week
A new report from the Ponemon Institute finds that IT Security teams lack critical hard data from which to make informed decisions. "it would seem security in many organizations is based on perception and 'gut feel,' versus hard data," said Dr. Larry Ponemon, in a statement. "The stakeholders with the highest responsibility seem to be the least informed - a view that is amplified externally. We also found that executive perception of security 'strength' had a virtually identical percentage (63 percent) in external partners, and we know that third-party failings also had a hand in the Target breach."
Be sure to check back next week for our next Threat Thursday blog update!