Subscribe free to our newsletters via your
. 24/7 Space News .




CYBER WARS
Cyber thugs taking data hostage
By Glenn CHAPMAN
San Francisco (AFP) Feb 26, 2015


Bank regulator eyes tougher rules to fight hacking
New York (AFP) Feb 25, 2015 - Banks could be required to beef up their online password systems under new regulations designed to avert a so-called "cyber 9/11," a top financial regulator said Wednesday.

Benjamin Lawsky, who leads New York state's Department of Financial Services, said more steps were needed to prevent what he called an "Armageddon-type cyber event" that disables the financial system.

The current password system for online accounts is "very vulnerable," said the regulator, who rose to prominence with big financial settlements negotiated with the US against BNP Paribas and other financial heavyweights.

"I am deeply worried that we are soon going to see a major cyber attack aimed at the financial system that is going to make all of us to shudder," he said.

"Indeed, we are concerned that within the next decade or perhaps sooner we will experience an Armageddon-type cyber event that causes a significant disruption in the financial system for a period of time -- what some have termed a 'cyber 9/11.'"

Lawsky said such an event could create "a run or panic that spills over into the broader economy."

He said the department is considering mandating banks and other financial institutions to establish a "multifactor authentication" system whereby users would log in with a randomly generated password sent to a smartphone in addition to a conventional password.

The agency is weighing whether such new password requirements would fall on bank employees or consumers who do online banking, a Lawsky spokesman said.

Other proposals under consideration include rating banks and insurers on their cybersecurity as part of regular oversight of the banks used to determine if banks can pay dividends or make acquisitions.

Lawsky is also considering forcing financial institutions to require certifications of cybersecurity controls from third parties working in a bank, such as a law firm or a company brought in to do maintenance.

Cybersecurity was spotlighted at a summit two weeks ago in California at which President Barack Obama, Apple chief executive Tim Cook and others called for closer collaboration between government and the private sector to hold hackers at bay.

The biggest hacking episode on a bank came last year when contact details were taken for some 76 million households and seven million businesses in an attack on JPMorgan Chase.

However, JPMorgan said there was no evidence that critical account information such as account numbers, user identities or social security numbers were stolen by the hackers.

While the Treasury and Federal Reserve are main US bank regulators, New York is important because it is home to many large banks. Lawsky's office has the authority to revoke the charters of banks and insurance companies operating in the state.

Marriage therapist Valerie Goss turned on her computer one day and found that all of her data was being held hostage.

Malicious code referred to as "ransomware" had encrypted her files and locked them away. Cyber criminals demanded $500 in hard-to-trace virtual currency Bitcoin to give her the key. The ransom would jump to $1,000 in Bitcoin if Goss took more than a day to pay.

"I felt shocked; like I had been robbed," the Northern California therapist said. "And, I felt pressed for time to make a rational decision. It felt so surreal."

After online research by her son revealed that in a quarter of more of ransomware cases victims never see their files again even if they pay, Goss refused to pay.

Instead, she bought a new computer and fortified it with security software. She also started backing up data off the machine.

As painful as it was, Goss did the right thing, according to cyber security specialists interviewed by AFP.

"Unfortunately, it is the right thing to do," said Malwarebytes chief executive Marcin Kleczynski.

"If you do pay the ransom, that money is gone and there is no guarantee you will get your data back."

- Kidnapping smartphone files -

Ransomware has been around a while, but has been making a big comeback, according to Kleczynski and mobile security researchers at Lookout. Gross fell prey to the hacker tactic last year on the computer she used in her home office.

Data kidnappers are also taking aim at smartphones and tablets, particularly models powered by Google-backed Android software, said Lookout consumer safety advocate Meghan Kelly.

Lookout saw mobile malware "encounters" in the United States jump 75 percent in 2014 as compared with the prior year. Ransomware accounted for a big part of the jump, according to Kelly.

The United States seems to be a preferred target zone, perhaps because people here keep a lot of cherished, personal data on mobile devices and computers, or because they are seen as having the money to pay to get it back.

A US study released last year by Lookout revealed that one-in-three people considered pictures, contacts, and other digital files on mobile devices so precious they would pay to get them back.

Goss said that she was willing to pay the ransom, but had no assurance she would actually see her files again even if she did pony up the Bitcoin.

Like other forms of malicious code, ransomware can get into computers, smartphones or tablets when people click on dubious links or open infected email attachments.

- Drive-by attacks -

People can also be hit with ransomware at legitimate websites that have been unknowingly booby-trapped by hackers to infect visitors in what are referred to as "drive-by" attacks.

"Sometimes you don't have to do anything wrong, just visit a website that has been infiltrated and then all of a sudden you have a piece of malware on your computer," Kleczynski said.

Ransomware locks and encrypts all files on infected devices. Kleczynski said that ransom demanded typically ranges from $100 to $1,000.

Ransomware targeting mobile devices can lock phones, email and more, essentially stripping control from owners, according to Kelly.

"Ransomware is a pretty loud piece of malware," Kelly said. "It is going to be in your face saying you can't navigate away and we want money from you."

People can protect themselves by being wary of what links they click on or files they open, and by keeping operating software up to date so the latest security patches are in place.

It is also recommended to have security software running to intervene before malware takes root, and to keep back-up copies of files in the cloud or elsewhere in case defenses are breached.

"One day ransomware can hit you and you have to prepare for the worst," Kleczynski said.

"The threat is very serious, users are infected all of the time, and the encryption keys are so strong you can't get those files back."

Malwarebytes and Lookout offer free versions of their security applications.


Thanks for being here;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor
$5 Billed Once


credit card or paypal
SpaceDaily Monthly Supporter
$5 Billed Monthly


paypal only


.


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues






Comment on this article via your Facebook, Yahoo, AOL, Hotmail login.

Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle








CYBER WARS
SIM maker Gemalto confirms spy attacks likely
Paris (AFP) Feb 25, 2015
European SIM maker Gemalto said Wednesday it had suffered hacking attacks that were likely conducted by US and British intelligence agencies but denied any "massive theft" of encryption keys that could be used to spy on conversations. Investigative website The Intercept last week said the US National Security Agency and Britain's GCHQ hacked into the firm in 2010 and 2011 and stole SIM encry ... read more


CYBER WARS
Application of laser microprobe technology to Apollo samples refines lunar impact history

NASA releases video of the far side of the Moon

US Issuing Licenses for Mineral Mining on Moon

LRO finds lunar hydrogen more abundant on Moon's pole-facing slopes

CYBER WARS
How Can We Protect Mars From Earth, While Searching For Life

The Search For Volcanic Eruptions On Mars Reaches The Next Level

Using Curiosity to Search for Life

Curiosity Self-Portrait at 'Mojave' Site on Mount Sharp

CYBER WARS
Water pools in US astronaut's helmet after spacewalk

Korean tech start-ups offer life beyond Samsung

Fast visas and dim sum: Spain seeks to attract Chinese tourists

Industry: Risk aversion costs more than 'fast failure'

CYBER WARS
Argentina welcomes first Chinese satellite tracking station outside China

More Astronauts for China

China launches the FY-2 08 meteorological satellite successfully

China's Long March puts satellite in orbit on 200th launch

CYBER WARS
Russia to use International Space Station till 2024

NASA preparing to reassemble International Space Station

Spacewalking 'cable guys' wrap up work outside station

Space Station 3-D Printed Items, Seedlings Return in the Belly of a Dragon

CYBER WARS
Next Launch of Heavy Angara-5 Rocket Due Next Year

SES Announces Two Launch Agreements With SpaceX

Soyuz Installed at Baikonur, Expected to Launch Wednesday

Leaders share messages, priorities at AFA Symposium

CYBER WARS
Planets Can Alter Each Other's Climates over Eons

The mystery of cosmic oceans and dunes

Laser 'ruler' holds promise for hunting exoplanets

Scientists predict earth-like planets around most stars

CYBER WARS
MUOS - a Vital Next Step for Narrowband Satellite Communications

Japan's NTT to buy German data centre operator: report

Moving molecule writes letters

New filter could advance terahertz data transmission




The content herein, unless otherwise known to be public domain, are Copyright 1995-2014 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement All images and articles appearing on Space Media Network have been edited or digitally altered in some way. Any requests to remove copyright material will be acted upon in a timely and appropriate manner. Any attempt to extort money from Space Media Network will be ignored and reported to Australian Law Enforcement Agencies as a potential case of financial fraud involving the use of a telephonic carriage device or postal service.