Exact figures on how much it is costing British firms vary but recent research from the UK government found that eight out of ten large companies had suffered a breach and most were seeing attacks on at least once a month.But nowadays it is increasingly attracting professional criminals.They can make good money from cybercrime and the risk of getting caught is low.Even if they do get caught the punishments are far less arduous than if you get caught robbing an actual bank or dealing drugs.The huge growth of Bitcoin and other alternative currencies have also made it much easier for the crooks to get paid.The traditional way of protecting a business against cyber-attack was to protect the perimeter.
Photograph: Robert Galbraith/ReutersA hacker claiming to have the log in details of millions of LinkedIn users is advertising the data for sale online.The extensive list of user IDs and passwords, which were allegedly sourced from a cyber attack on the networking site four years ago, is being advertised on the darknet – a sub-section of the internet not accessible through normal web browsers and often a platform for illegal activity.Around 6.5m details were posted online at that time – but LinkedIn s chief information security officer Cory Scott said he does not believe the extra data was gained as the result of a new security breach.In 2012, LinkedIn was the victim of an unauthorised access and disclosure of some members passwords.We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords.News of the breach is the latest in a long line of cyber-attacks on major websites and companies, with telecoms firm TalkTalk and parental forum Mumsnet among those who have been the victims of security breaches in the last year.
Photo: Nora TamHong Kong companies and financial services institutions lag behind the US and Europe in cybersecurity measures as little emphasis is placed on security from a board-level perspective, according to industry experts.He said the banking sector in Hong Kong had lagged in their uptake of cloud technology adoption.Darren Argyle, chief information security officer of UK-based financial technology firm Markit, believes that Hong Kong banks and companies fall behind the US and Europe in beefing up cybersecurity even as the number of cyberattacks have been on the rise globally.He added that companies often view security as a cost of doing business, as cyber criminals increasingly target corporations in their attacks.CEOs of financial companies are now starting to ask what technology is in place which assures that they can respond adequately during a breach, he said.One way to mitigate the skills gap in Hong Kong is for the government to invest heavily in cybersecurity and related security start-ups, thereby encouraging more Hongkongers to pursue a career in security, he said.
The reasons can range from dissidents to espionage, according to James Clapper, without going into details. According to one source told Reuters it can move on to find out details about the upcoming foreign policy, or internal campaign strategies. Before the last two years, the presidential candidates on both sides suffered cyber attacks, including linked to Chinese hackers. Yet, said Matthew Prince, CEO of security firm CloudFlare, who provided including Trump with IT security solutions, it has so far been a "surprisingly civilized" cyber landscape. - We have not seen anything that would indicate the sophisticated level one would expect of a foreign power la whole weight behind it, he says. Will get briefing The two who are appointed to the respective party's presidential candidate in the summer will receive a briefing on IT security by the authorities.
From virtual reality to bringing the next 1 billion people online, Facebook founder Mark Zuckerberg is all about big ideas these days.His latest brainstorm was trotted out at F8 this year: opening Facebook s Messenger to chatbots.The primary challenge is fragmentation and a lack of standardization, said Jon Cifuentes, a research analyst for VentureBeat Insight.And I tried TechCrunch s newsbot, which sent me a news summary each day that just seemed like a basic newsletter I can already get via email.All fine.It s certainly artificial, but there s a notable lack of intelligence.Cyber Galaktioni Chat Bot tries to simulate the mind of the poet, all his answers are based on his writings, biography, memories and letters.Until we see broader adoption from consumers — and really, better chatbots that help people, there s no need for search and discovery right now.
A hacker affiliated with the notorious Anonymous collective has launched a series of cyberattacks against government portals in North Carolina to protest against the so-called 'bathroom bill' – which has been criticised by many as being anti-LGBT.Indeed, a number of businesses and high-profile celebrities have protested its advance into law – including Bruce Springsteen, Bryan Adams and Elton John.This type of cyberattack sends a tidal wave of traffic towards a single web server with the aim of taking it offline and is regularly used by Anonymous as a method of protest.Following the DDoS attacks, the hacker posted a JustPaste link that purported to hold a database compromised from the North Carolina State University www.ncsu.edu .The hacking group recently became embroiled in the ongoing US election campaign after planning operations against presidential hopeful Donald Trump.The latest campaign, however, looks set to continue.
If hackers take down a bank, it could endanger the whole society, says Barclays chairman John McFarlane.The financial sector needs to do more to protect itself against cybercriminals, as the combination of money and personal data that banks possess represents the "perfect target" for hackers, according to a new industry report.Read More"Digital technology has radically changed every aspect of our lives and brought untold benefits.Of course, with these opportunities it's introduced a new threat which is cybercrime; not only are they after our information, they're after our money and can and will steal it from wherever they choose," said John McFarlane, chairman of Barclays and TheCityUK.TheCityUK also calls for the creation of a City-wide cyber forum to "to promote collaboration across all firms" in the sector, in order to encourage best practice sharing and strengthen every organisation's cybersecurity.There is no silver-bullet to manage it, but there are practical steps the industry, and the customers we serve, can take to ensure we're well protected against attack," said Chris Cummings, chief executive of TheCityUK.
"We've already had some indications of that," said James Clapper, the director of national intelligence, according to AP.But the revelation is not totally surprising: The Chinese government reportedly hacked both Obama and McCain in 2008, and hackers tried repeatedly to break into the campaign accounts of Obama and Romney in 2012.The Romney campaign was "under constant attack," Digital Director Zac Moffatt told Time Magazine."Four or five times a week."According to CNN, Clapper said both the FBI and DHS were working to educate the campaigns about cyber threats.Hackers working for foreign governments can gain valuable insight into a presidential candidate's mindset before they take office, or uncover private communications that might give their country a leg up in diplomatic negotiations.In 2008, for example, a letter Sen. John McCain sent to the president of Taiwan was intercepted by hackers from China.And on the flip side, the US government does much the same thing to many world leaders, as the massive leaks out of the National Security Agency from former contractor Edward Snowden have demonstrated.The Clinton and Trump campaigns did not immediately respond to a request for comment.Read the original article on Tech Insider.More from Tech Insider:12 of history's greatest philosophers reveal the secret to happinessThe nation's top spy says hackers are spying on presidential candidatesThis wearable exoskeleton could one day turn your grandparents into cyborgsA new trailer for the 'Ghostbusters' reboot is here and it's much better than the firstSunday s 'Game of Thrones' director was surprised by fan reactions to this brief character interactionNOW WATCH: Hackers showed us how easy it is to secretly clone a security badgeLoading video...
News: CBR looks at the meanings of this broadly used term.The term 'hacking' is used very broadly, but in general is used to refer to seeking and exploiting weaknesses to networks and databases.There are many types of hacking, including cyber crime, ethical hacking, hacktivism, and state-sponsored hacking.For example, the much-publicised Ashley Madison attack was carried out by the Impact Team, who claimed moral motives.They released a limited amount of data shortly after the hack was made public, threatening to release all of the data if the site was not shut down.There is some controversy around the usage of the term hacking, since many people in the IT industry use the term 'hacker' to refer simply to somebody with a good knowledge of computer systems.
Blockbuster season might just be getting underway, but with Captain America dominating the box office, this week's new releases look firmly focused on the small screen.It's not Netflix with the biggest shows, either: Amazon is pulling out all the stops to bag those precious Prime signups.There's plenty of nostalgia too, with several high profile reboots and remakes on the way to US TV channels.After bringing Wall Street to its knees last year, Cyber vigilante Elliot will be back on our screens in July to see what kind of chaos he s caused.We burned through all ten episodes of Amazon s nail-biting tech thriller when the first season landed, so it ll be two very long months while we wait for this second run to kick off.A chain-smoking Texan clergyman, infused with alien powers that lets him order people to do anything?
Speaking at the Financial Regulation Summit in Washington DC, White warned the industry that their policies and procedures were not up to scratch and without them they faced the same fate as the Bangladeshi bank that recently lost $81m through a cyber attack."As we go out there now, we are pointing that out."The SEC is "very pro-active" in assessing how open those acting in the financial sector are to a cyberattack, she said, adding: "we can't do enough in this sector."She noted that companies are increasingly using non-Generally Accepted Accounting Principles GAAP to report their figures – an approach which enables them to keep what can be very large expenses out of public reporting.She also warned that the SEC was closely watching "fintech" – startups targeting the financial markets – name-checking in particular blockchain, automated investment advice and marketplace lending.It's not known whether the new crowdfunding rules will help revive the many startups across the country – but particularly in and around Silicon Valley – who are struggling to find funding through VC routes, or whether the rules will just sit on the books awaiting the next tech boom.
View photosMoreMembers of the public walk past the Bank of England in central London June 3, 2008.REUTERS/Alessia PierdomenicoLONDON Reuters - The Bank of England ordered UK banks to detail steps taken to secure computers connected to the SWIFT bank messaging network about two months after a still-unidentified group used the system to steal $81 million from Bank Bangladesh, according to three people familiar with the effort.The previously unreported action marks the earliest known case of a central bank in a major economy to order its member banks to conduct a formal security review in response to the Bangladesh theft, which has shaken the global system for transferring money among both commercial and central banks.The Bank of England, one of the G10 central banks that oversee Brussels-based SWIFT, said it had no immediate comment.The communication from the Bank of England asked banks to respond by early May and provide details about plans for installing a security update to SWIFT Alliance Access software, according to the person.In the Philippines, a senior central bank official said on Tuesday that regulators were crafting regulations to help banks and other financial institutions fend off cyber heists and minimize damage after any systems breach.
Reuters - The Senate Homeland Security Committee's top Democrat sought information Thursday from global financial network SWIFT and the Federal Reserve Bank of New York on steps being taken to bolster cyber security in the wake of the theft of $81 million from the central bank of Bangladesh.Senator Tom Carper of Delaware requested that both answer questions and brief his staff by June 17 on how they were handling issues following the February heist, during which hackers wired money out of an account at the New York Fed held by Bank Bangladesh, as well as how they were safeguarding against other potential cyber threats."These cyber attacks raise important questions about the security of the SWIFT system and the ability of its members to prevent future attacks," Carper wrote in his letters.The inquiry comes as policymakers, regulators and financial institutions around the world increase scrutiny into the heist at Bank Bangladesh and a separate attempt to use fraudulent SWIFT messages to steal from a commercial bank in Vietnam.The Bank of England last month ordered British banks to provide documentation on SWIFT security measures.He requested similar information from the Federal Reserve, including steps it has taken to coordinate with SWIFT, Bangladesh Bank, the Department of Homeland Security and Department of Treasury since the heist.
There were several tweets posted via the S1ege and Scrub Twitter handles about the exploits of the hacking group.On 13 May, Bank of France was hit by a DDoS attack, as tweeted by S1ege; the next day Ghost Squad hackers and S1ege tweeted about bringing down Bank of Kathmandu, Bank of Nepal, Central Bank of Chile, Central Bank of Kuwait and the National Bank of Philippines.In a related tweet, S1ege claimed the National Bank of Philippines was targeted in retaliation to the arrests of the Comelec hackers, who have been accused of breaching Philippines' Commission on Elections website and leaking millions of voters' records online.These were originally tweeted from yet another account speculated to be affiliated with Anonymous hackers that goes by the handle "@Banned Offline".While the NY stock exchange was reportedly down for four hours, Scrub claimed that Union Bank of Cameroon was down for over 48 hours.There is no information about the extent of damage the cyberattacks may have caused the banks.
National Intelligence Director James Clapper said the problem is only likely to grow "as the campaigns intensify" at an event hosted by the Bipartisan Policy Center.Clapper's director of public affairs, Brian P. Hale, later clarified the remarks in a tweet:Following up on DNI Clapper's response to a BPClive query about cyber attacks on presidential campaign websites: pic.twitter.com/5pycu5QlHW— Office of the DNI @ODNIgov May 18, 2016Foreign cyberattacks against political candidates, however, is not a new trend.By gaining access to the presidential candidates' campaign servers, hackers could potentially find a wide range of sensitive information to exploit, including private contacts, embarrassing communications, classified details or other valuable information.So far, Anonymous has continued to target Donald Trump, after declaring a cyberwar on the Republican presidential candidate in December 2015."So we have been doing this — the intelligence community has been doing this for many years.It is not designed to shape anybody's worldview.
The details were apparently taken when LinkedIn was hacked four years agoA hacker claiming to have more than one hundred million LinkedIn logins is advertising them for sale online.The extensive list of user IDs and passwords were allegedly sourced from a cyber attack on the networking site four years ago.According to news site Motherboard, a hacker calling himself "Peace" has placed the alleged details of 117 million LinkedIn users on "dark web" marketplace The Real Deal for the price of 5 Bitcoin - the digital currency - worth around £1,500.In the wake of the 2012 breach, only around 6.5 million details were posted online - but LinkedIn's chief information security officer Cory Scott said he does not believe the extra data was gained as the result of a new security breach."In 2012, LinkedIn was the victim of an unauthorised access and disclosure of some members' passwords," he said."We are taking immediate steps to invalidate the passwords of the accounts impacted, and we will contact those members to reset their passwords," he said.
The BoE ordered them to detail steps taken to secure computers connected to the SWIFT bank messaging network, according to insiders who spoke to Reuters.The orders included conducting a 'compliance check' to check whether they are following security procedures issued by SWIFT after an attack in February saw $81m £56m stolen from Bangladesh's central bank.On 13 May, SWIFT issued a notice saying that another instance of a malware-led attack on an institution had emerged, directed at banks' secondary controls.In addition to the two fraud attempts on the SWIFT network, major financial institutions have been targeted recently as part of hacking group Anonymous's Operation Icarus, a hacktivist project protesting the role of banks in global corruption.In 2014, Andrew Gracie, Executive Director, Resolution at the BoE, formally launched a new framework to help identify areas where the financial sector could be vulnerable to sophisticated cyber-attack.This was part of the BoE's response to the Financial Policy Committee's recommendation to test and improve resilience to cyber-attack.
View photosMoreThe SWIFT logo is pictured in this photo illustration taken April 26, 2016.REUTERS/Carlo Allegri/Illustration/File PhotoHONG KONG Reuters - Hong Kong's central bank has a launched a new program to strengthen lenders' ability to protect their critical technology systems after recent attacks by unidentified groups on a global messaging system used by the financial community.The Hong Kong Monetary Authority's latest measure, known as the "Cybersecurity Fortification Initiative CFI ," plans to raise the level of cybersecurity at banks in Hong Kong through a three-pronged approach and follows similar steps taken by its counterparts from London to Vietnam.They installed malware inside the bank's Dhaka headquarters that hid traces of their attack in a bid to delay discovery so they could access the funds, according to police and private security firms.The theft prompted fresh attacks on other central banks within the region, with Vietnam's Tien Phong Bank saying earlier this week it had interrupted an attempted cyber heist that involved the use of fraudulent SWIFT messages, the same technique at the heart of February's massive theft from the Bangladesh central bank.The Bank of England joined its counterparts in Singapore and the Philippines, asking banks to increase their checks on security systems in the wake of the attacks.
Mary Jo White made the stark warning on cyber-security, or lack of it, at the Reuters Financial Regulation Summit over in Washington.As we go out there now, we are pointing that out."White also noted that the SEC is being active in reviewing cyber-security defences of the likes of brokers to ensure they are up to scratch.Bangladesh Bank suffered from woeful security and lacked basic measures such as a firewall, and also used bargain basement $10 switches in its internal networks, all of which made it a much easier target than it should have been – and also meant it was much more difficult to trace those who pulled off the online heist.Last week, global payments network Swift warned that a second bank had been hit by hackers using broadly the same tools and methods seen in the Bangladesh affair.Many more banks, particularly those in developing nations, are at risk according to Swift, and they need to be seriously looking at their security measures.
A hacker group going by the name of Suckfly has been targeting Indian government and commercial organisations by focusing on high-profile individuals and installing spyware on their work networks to access sensitive information.However, a more in-depth analysis lead to the researchers discovering that the group, which has developed a custom malware called Backdoor.Nidiran, had also been targeting major government and commercial organisations in India.The attacks targeted high-profile targets, including government and commercial organizations.Most notably, when researchers analysed the timing of the instructions sent, they discovered that the hacker group had no activity during weekends."The nature of the Suckfly attacks suggests that it is unlikely that the threat group orchestrated these attacks on their own.We believe that Suckfly will continue to target organizations in India and similar organizations in other countries in order to provide economic insight to the organization behind Suckfly's operations," DiMaggio said.
More

Top