Britain packs on the pounds lost to fraud, topping a billion

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The cost of fraud to Britain rose 1.1 billion pounds ($1.4 billion) for the first time in five years in 2016, driven in part by a huge surge in cyber crime. The total value of fraud in Britain soared 55 percent last year, despite the number of cases dropping by nearly a third from 310 to 220, KPMG’s Fraud Barometer showed. KPMG cited a rise in “super cases” worth more than 50 million pounds ($62.5 million), while the value of the average fraud case doubled, to 5.2 million pounds ($6.5 million). The barometer also highlighted a 1,266 percent jump in cyber fraud, which reached 124 million pounds ($155 million) in 2016One new case saw cold callers pretending to be members of bank fraud departments and persuaded some 750 victims to reveal security details. Source: The Mirror

Ransomware slips into Google Play store 

sh_google-play_280A form of mobile ransomware that also steals data from its victims has been removed from the official Google Play store for Android. Dubbed Charger by cybersecurity researchers at Check Point, the zero-day mobile ransomware was found embedded in EnergyRescue, an app supposedly designed to enhance the battery life of phones and tablets. Once downloaded, the app initially steals contact data and text messages from the device before asking the user for admin permissions, which, if granted, run the ransomware, locking the device and displaying a note demanding payment. Source: ZD Net

Former CIA chief says private sector leads charge on cybersecurity

Though the U.S. government can still claim to be the top physical security player in the world, it can no longer claim leadership as the top cybersecurity player, says retired Gen. Michael Hayden, who has served as the director of both the National Security Agency and the CIA. “I no longer believe that to be the case,” Hayden said at the ICIT Winter Summit. “I am now convinced that, except in a very thin veneer in very, very extreme cases, the main body [in cyber] is the private sector.” Source: MeriTalk

Hackers fake news to make news

sh_new-york-times_280The New York Times is investigating an apparent hack of one of its Twitter accounts on Sunday. The newspaper’s video account, @nytvideo, tweeted around 9:40 a.m. ET a hoax about a missile attack from Russia against the United States. The message attributed news about the “missile attack” to a “leaked statement” from Russian President Vladimir Putin. That tweet was quickly deleted. But subsequent tweets popped up claiming to be from OurMine, a group that has hacked high-profile social media accounts, including that of Twitter CEO Jack Dorsey, to advertise security services. The Times account later tweeted that it deleted tweets published “without our authorization.” Source: CNN

GSA to alter, speed up identity protection

The General Services Administration will streamline the way it provides identity protection services, from its current role of Comprehensive Protection Solutions—which provides customized products for credit monitoring services, risk assessment and mitigation services, independent risk analysis and data breach analysis—to one that focuses on identity protection and data breach response. Source: The Federal Times

SEC takes aim at Yahoo over breach-revelation delay

sh_yahoo_280The Securities and Exchange Commission opened a formal investigation into the record-breaking data breach at Yahoo, said to focus on why it took until September 2016 to report a breach that took place in 2014. The Yahoo breach included the pilfering of information on half-a-billion accounts. If brought to prosecution, it would mark the first time the SEC has pursued a case based on failure to disclose a data breach. The FBI, Senate and other groups also have announced plans or begun to investigate Yahoo. Source: The Hill

Man who hacked celebrity accounts get nine months

A Chicago man was sentenced to nine months in prison in a plea deal for hacking the electronic accounts of 30 celebrities and stealing their personal data, including nude photos and videos. Edward Majerczyk was accused of orchestrating a phishing scheme that netted personal information from celebrities including Jennifer Lawrence, Kate Upton and others. Lawrence likened the privacy invasion to a “sex crime” and said she worried about its impact on her career. Source: CNN

Health professional charged with identity theft of patients

sh_patient medical records_750A paramedic supervisor of a medical emergency service in Illinois has been charged with multiple counts of wire fraud, identity theft, and theft of controlled substances. During Jason Laut’s employment at MedStar Ambulance, he is accused of altering and falsifying documents, including patient records, to conceal the theft of fentanyl and morphine. Authorities claim Laut used his administrator access to alter patient care reports, to falsely indicate that the controlled substances were given to the patients. Source: KMOV.com

Major Russian cyber official arrested in bribery case

The manager responsible for investigating hacking attacks at Russia’s biggest private cybersecurity firm has been arrested amid allegations of bribery and treason involving senior intelligence officers. Kaspersky Lab, a cybersecurity firm based in Moscow, confirmed the arrest of Ruslan Stoyanov, head of its computer incidents investigations team. Stoyanov previously worked in Department K, the Russian Interior Ministry’s cyber crime unit. Source: The Telegraph

More consumers have lots of linked devices, raising security risks

sh_internet-of-things_280Eight out of 10 U.S. consumers have a home data network, and more than a third connect entertainment systems, gaming consoles and other smart devices to the internet, increasing the risk of home cyber attacks, says a survey by Zogby Analytics for HSB. Of the 81 percent of consumers who said they have a Wi-Fi or other home data network, 38 percent had electronic devices other than computers, smartphones or tablets linked to the internet—smart televisions, music systems, thermostats, security cameras, door locks, alarms, lighting and home automation devices. Source: Business Wire

Useful consumer tools also prove useful to bad guys

Security researchers reported further evidence of cyber attackers abusing legitimate tools after the discovery of networks of hundreds of thousands of fake accounts lying dormant on Twitter. Forcepoint researchers said the Carbanak cyber crime group was using Google services to issue its command and control communication to malware to evade detection. Twitter accounts can be used in a similar way, for boosting follower numbers, sending spam or tweeting messages. Source: Computer Weekly