SUVs recalled in fear of hack attacks

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Fiat Chrysler Automobiles has recalled nearly 8,000 SUVs to try to stop hackers from mounting remote attacks on the vehicles. The manufacturer said it needed to apply software updates to 7,810 Jeep Renegades that were sold in the U.S. market. It added that 2015 models of the SUV, which comes loaded with certain radios, were affected by the software flaw. “The campaign—which involves radios that differ from those implicated in another, similar recall—is designed to protect connected vehicles from remote manipulation. If unauthorized, such interference constitutes a criminal act,” Fiat Chrysler said. Source: The Register

Ready to picture this again

sh_costco_280Costco customers can order photos online again, seven weeks after a security breach at a third-party hosting company forced it and several other photo ordering sites to go down in mid-July. The retailer says customer photos weren’t compromised in the hack, but the company warns in an FAQ, “At this point, we believe that the credit card information of a small percentage of Costco members was captured.” The hack targeted PNI Digital Media, a company owned by Staples that handles online photo ordering for several sites. Costco reports the company was compromised for more than a year, from June 2014 through July 2015. Sam’s Club, CVS, Rite Aid in the U.S. and Walmart in Canada also were affected. They said their photo services had not been restored yet. Source: Geek Wire

Taking a growing financial hit

sh_cybersecurity_280Cybersecurity is one of the fastest-growing segments of technology, and companies that specialize in this area are starting to get more attention. Analyst Sarbjit Nahal and team at Bank of America Merrill Lynch said cybersecurity is one of the biggest global risks today, with more than 90 million attacks a year. They report that there are nearly 400 new cyber threats per minute, and that up to 70 percent of the attacks are not being detected. Further, Americans are more worried about this type of crime than any other, according to BAML. Last year in the United States alone, hackers compromised 1 billion data records. The BAML team thinks cybersecurity is one of the biggest threats to what they see as the “three pillars of creative disruption,” which are the Internet of Things, the sharing economy, and online services. They call this problem “Cybergeddon,” as cyber breaches cause up to $3 trillion in economic impacts, with the average cost of cyber crime for U.S. companies hitting a new record of $12.7 million last year. They estimate that cyber crime “extracts up to 20 percent of the value created by the Internet.” Source: Value Walk

Hey, we’re victims, too, China says

sh_us and china_280Cui Tiankai, China’s ambassador to the United States, said he hoped that “nobody will do anything so nonconstructive,” as economic sanctions in response to cyber attacks and that he hoped “the U.S. side will make the smart choice,” implying that such sanctions would be the wrong choice. Cui said that both the U.S. and China are facing cyber attacks, but that “China, as a developing nation, is much more a victim of” them. He said that “instead of moving toward conflict and confrontation, the U.S. and China have every reason to conduct more communications and cooperation in this regard.” There have been reports that the United States would announce economic sanctions against Chinese companies for cyber espionage on U.S. companies. Source: Forbes

Cyber insurance, a growth industry

Stricter data privacy notification laws, government incentives, cloud adoption and the increase in high-profile hacks and data breaches contributed to an increase in the number of companies offering and buying cyber insurance. There are two candidates for such policies: companies that store data from external sources, such as retailers, health care companies and financial services firms; and any company that stores employee data. In 2014, cyber attacks and cyber crime against large companies rose 40 percent globally, according to Symantec’s Internet Security Threat report. Purchasing cyber insurance can be an opportunity for companies to take a closer look at their internal technology and security. Source: Beta News

Another brick in the firewall

sh_firewall_280One cyber defense tactic that has been undervalued is the Domain Name System (DNS), says Simon McCalla, CTO of Nominet. The IT staff of any company with a large DNS infrastructure could be looking for patterns in millions, if not billions, of requests to and around a network. However, new tools that use advanced big data techniques to analyze DNS data in depth open the possibilities for using such data to fight cyber crime. DNS analysis can reveal signs that computers on a network have become part of a botnet by spotting large numbers of requests for domains that do not exist. DNS analysis also has enabled the identification of aggressive malware by tracking infected machines using a Domain Generation Algorithm, which creates domains for botnets to communicate with. Decoding DNS data gives businesses a tool to fight hacks. Source: SC magazine

Going back to Ohio for help

Ohio’s attorney general says his office got more than 3,500 complaints of identity theft in the first three years of a special unit designed to thwart it. Attorney General Mike DeWine also says the office’s Identity Theft Unit has helped to adjust more than $1 million in disputed charges for victims. The unit helps victims correct problems typically associated with identity theft by working with creditors, collectors, credit reporting agencies, law enforcement and others on their behalf. Some common complaints included fraudulently opened accounts using personal information and tax identity theft. The unit lets consumers opt to have an advocate work on their behalf or get a self-help guide from the state to correct their own problems. Source: Associated Press via WTTW

Intensifying a flight plan

sh_flight plan_280Airlines building defenses against hackers should not forget the danger to backroom technology such as reservation and flight-planning systems. Aon Risk Solutions cyber risks practice leader Eric Lowenstein says there already are examples of such attacks in the aviation industry, including an incident in June that saw 10 planes grounded at Polish airline LOT after computers that issued flight plans were hacked. Other aviation cyber victims have included Hobart International Airport’s website and Japan Airlines’ frequent-flier membership database. “I think there’s concern about aviation and hacking and how this is on the rise,” he said. “There’s this increased awareness of connectivity to the Internet and the Internet of Things that is prompting the fear that cyber terrorists could even take control of planes remotely.” He predicted the aviation industry would suffer increasing attacks from hackers, who were constantly innovating and had multiple points of ingress. Source: Phuket News Online