KPMG has completed the acquisition of P3, a privately-owned German
cyber-security firm. The firm provides risk management, security
assessments and mobile & fixed network protection to clients across
the financial services sector.
The acquisition brings a boost
to KPMG's German Cyber Security practice, adding up to four partners and
100 staff. The P3 acquisition follows KPMG's recent purchase of the UK,
US and Indian assets of Qubera Solutions, a leading Identity and Access
Management consultancy.
Malcolm Marshall, global leader of
KPMG's cyber security practice, says: "cyber security is one of the
greatest risks facing business today. Building on our already strong
position in Germany makes us more able to protect our clients in the
world's fourth largest economy and globally. By bringing the expertise
of P3 together with our German and global teams, we are in an even
stronger position to help clients tackle and mitigate the threats they
face."
Hans-Peter Fischer, senior executive at p3, adds: "The
integration into the global KPMG network raises our offering to a new
level. We now have the opportunity to offer our customers even more
comprehensive solutions to the cyber security concerns they face and
look forward to helping them manage their risks on an international
platform."
Friday, 14 November 2014
Australia braces for G20 cyber attacks
File photo. (REUTERS/Elizabeth Shafiroff)
“Targeting of high profile events such as the G20 by state-sponsored or other foreign adversaries, cyber criminals and issue-motivated groups is a real and persistent threat,” a defense department spokesperson told FoxNews.com.
Among the dozens of groups planning physical protests on the sidelines of the annual meeting of the world’s largest economies is Anonymous. Group members often wear their signature Guy Fawkes masks while appearing in public, but they’re most notorious for cyber attacks on high-profile government and corporate websites around the world.
Anonymous attacks have targeted the websites of PayPal, the FBI and many others. One of the group’s signature strategies is to use “Denial of Service” attacks, which floods networks with useless traffic, effectively crippling them.
Since the debut of the G20 leaders’ summit in 2008, activists have used the event to spotlight social injustice, corporate corruption and climate change. But it’s also an opportunity to gain attention through cyberprotests, according to Dr. Ernest Foo, a computer scientist with the Queensland University of Technology.
“Certainly, in the case of the G20, with all the heads of state here, it means there’s a lot more eyes from all over the world who are looking at this particular location, and there’s an opportunity for people to protest without actually being here,” Foo said.
“Information is Power”
Beyond so-called “hacktivism,” digital espionage is also a concern.
“It’s more than likely that some espionage may occur,” Foo said. “Hackers might be able to take over a telephone or a computer or something like that and be able to extract files or listen in on conversations.”
It’s a growing threat at high-profile gatherings of world leaders.
“It’s basically become the next frontier now,” Foo said. “Information is power.”
In 2011, the French government said a “spectacular” cyber attack from hackers traced to China targeted documents about international economic affairs related to the G20 in Paris. The attack reportedly forced the country’s finance ministry to shut down 10,000 computers.
The National Security Agency, along with Canadian intelligence officials, carried out spying operations during the G8 and G20 summits in Toronto in 2010, according to a CBC News report based on documents leaked by former NSA contractor Edward Snowden.
The Australian Signals Directorate, the country’s electronic intelligence agency, has warned this year’s G20 delegates to avoid opening suspicious emails and using public, unsecured Wi-Fi, as well as unfamiliar USB flash drives.
“The information contained on government systems, whether classified or unclassified, is of strategic interest to cyber adversaries,” a defense spokesperson said. “Information gathered through cyber espionage can be used to gain an economic, diplomatic or political advantage.”
But cyber attacks may be unavoidable.
“Hacks are so sophisticated that organizations won’t even know it’s happened to them,” said Nigel Phair, a technology consultant who works with Australia’s Council of Registered Ethical Security Testers (CREST).
Phair said just one mistaken click on a government computer could open the door to cyberthieves.
“The weakest link is always people,” Phair added.
System Failure
Cyber security experts say Australia’s infrastructure to protect delegates, government officials and corporations from online attacks is sophisticated, with firewalls and secured information networks to combat digital intruders.
But analysts warn it’s doubtful the government will be able to prevent every cyber attack.
“They have the capability to prevent cyber attacks but it’s very difficult,” Foo said. “It’s more than likely that there will be some kind of cyber attack during the G20, it just depends on how serious it’s going to be.”
Among the greatest concerns is the threat of hackers taking over critical technology like power stations, water treatment plants, transport systems and traffic lights.
“They would be able to remotely gain access to and alter one of those systems,” according to Foo. “It would make a big statement if they were able to do that.”
So while thousands of police officers patrol Brisbane, helicopters circle overhead, and regular ground searches are performed, cybersecurity patrolmen are taking their own precautions to guard against what could be a potential disaster in the digital space.
Employees the weakest link in cloud security
90% of the organisations expressed concerns regarding cloud security
SMBs consider employees as their weakest link in cloud security, according to a survey by cloud based application provider CloudEntr.
According to the company's State of SMB Cybersecurity report, which surveyed 438 IT professionals from SMBs across the US, 90%of organisations expressed concerns regarding cloud security.
Around 75% of IT professionals regarded employees exposing data unintentionally as their biggest concern.
SMBs felt threatened by server side attack, with larger SMBs raising concerns of hacked employee credentials threatening the cyber security of the organisation.
89% of the professionals considered employee education regarding security as the top preventive measures, followed by stronger perimeter security and stronger server security.
However, 60% of companies said that recent attacks on companies like JP Morgan and eBay did not impact their security decisions, with 48% regarding social engineering as one of the the top challenges facing companies.
CloudEntr vice president of business development Tom Smith said: "Given the proliferation of threats experienced in 2014 and its strong potential to increase in 2015.
"We believe SMBs should consider investing in the tools that will ensure that the sanctity of their data and brands remains intact.
"If there ever was a 'Year of the Hack', 2014 has been it."
SMBs consider employees as their weakest link in cloud security, according to a survey by cloud based application provider CloudEntr.
According to the company's State of SMB Cybersecurity report, which surveyed 438 IT professionals from SMBs across the US, 90%of organisations expressed concerns regarding cloud security.
Around 75% of IT professionals regarded employees exposing data unintentionally as their biggest concern.
SMBs felt threatened by server side attack, with larger SMBs raising concerns of hacked employee credentials threatening the cyber security of the organisation.
89% of the professionals considered employee education regarding security as the top preventive measures, followed by stronger perimeter security and stronger server security.
However, 60% of companies said that recent attacks on companies like JP Morgan and eBay did not impact their security decisions, with 48% regarding social engineering as one of the the top challenges facing companies.
CloudEntr vice president of business development Tom Smith said: "Given the proliferation of threats experienced in 2014 and its strong potential to increase in 2015.
"We believe SMBs should consider investing in the tools that will ensure that the sanctity of their data and brands remains intact.
"If there ever was a 'Year of the Hack', 2014 has been it."
Top 50 Cybercrime Targets of 2014
Home Depot is the top discussed cybercrime target so far this year, according to data from SurfWatch Labs.
The company is once again in the news following the announcement that
more than 50 million email addresses were also stolen in addition to the
56 million payment cards previously announced.
Apple is in the #4 spot, which is neck and neck with Android in terms of cybercrime chatter this year. That's interesting since Android is generally thought of as the less secure platform.
The top 10 trending industry targets related to cybercrime so far in 2014:
Attacks in the IT and Consumer Goods sectors appear to carry the furthest in terms of discussion. I suspect this is due to the more public nature and widespread effects of the breaches in these sectors.
Materials, Telecommunications and Energy round out the top 5.
Healthcare is right in the middle of overall discussion and also has the most distinct cybercrime targets so far this year. But when looking at the ratio of industry targets to discussion, it has by far the lowest levels of any sector. Utilities has the lowest overall discussion and the second lowest ratio of industry targets to discussion.
Apple is in the #4 spot, which is neck and neck with Android in terms of cybercrime chatter this year. That's interesting since Android is generally thought of as the less secure platform.
The top 10 trending industry targets related to cybercrime so far in 2014:
1. Home Depot
2.Microsoft
3.Android
4. Apple
5. Target
6. Facebook
7. JPMorgan Chase
8. Twitter
9. Feedly
10. Israeli Government
Attacks in the IT and Consumer Goods sectors appear to carry the furthest in terms of discussion. I suspect this is due to the more public nature and widespread effects of the breaches in these sectors.
Materials, Telecommunications and Energy round out the top 5.
Healthcare is right in the middle of overall discussion and also has the most distinct cybercrime targets so far this year. But when looking at the ratio of industry targets to discussion, it has by far the lowest levels of any sector. Utilities has the lowest overall discussion and the second lowest ratio of industry targets to discussion.
HSBC Turkey WON'T reissue cards despite 2.7 MILLION account details going AWOL
HSBC Turkey has confessed to a security breach exposing the details
of 2.7m credit card accounts but the bank has made a decision not to
reissue cards after deciding that the data exposed is not enough to make
fraudulent transactions.
The compromise – limited to the international bank's business in Turkey – exposed credit card numbers, expiration dates, names, and the associated HSBC account number.
The breach was detected internally and has not been linked to any fraudulent transactions, as a notice (PDF,
English language) by HSBC Turkey explains. The bank said it "identified
the attack in the past week through our internal controls".
Often serious security breaches are only caught by third parties or government agencies rather than the victim itself. Trey Ford, global security strategist at Rapid7, the developers of Metasploit, credited HSBC Turkey for spotting the breach quickly.
"A couple of things stand out – the attack happened last week, and they’ve caught it already, and they caught it themselves," Ford said. "This is impressive given that the vast majority of breaches are detected by third parties, and often not for months."
HSBC Turkey has notified the Banking Regulation and Supervision Agency of Turkey and other relevant authorities about the breach. An investigation aimed at identifying the perps behind the hack has begun. In the meantime banking customers should continue to use their account as normal, HSBC Turkey advises.
The bank said it is "not possible to print cards and withdraw money from ATMs with the compromised information" and likewise "not possible to make any transactions through internet banking or telephone banking with the compromised information".
"Our customers can continue to use internet banking and telephone banking confidently," it added.
Ford said this response was reasonable in the circumstances.
"HSBC is underscoring that cards will not be re-issued at this time, and that the compromised data will not impact Internet Banking, ATM transactions, and telephone banking services; customers can continue using their cards with confidence. This is because 'card present' transactions require additional information that would be encoded on the magnetic strip, and for 'card not present' transactions, the card security code (CVC or CVV2) would be required to transact business.”
Although cybercrooks may be missing pieces of information needed to carry out fraud, there's a very real possibility that they might attempt to hoodwink prospective marks into handing over this information through phishing scams or similar trickery. Extra vigilance would be prudent and we'd be inclined to support HSBC Turkey customers who went further and requested a reissued card.
The compromise – limited to the international bank's business in Turkey – exposed credit card numbers, expiration dates, names, and the associated HSBC account number.
Often serious security breaches are only caught by third parties or government agencies rather than the victim itself. Trey Ford, global security strategist at Rapid7, the developers of Metasploit, credited HSBC Turkey for spotting the breach quickly.
"A couple of things stand out – the attack happened last week, and they’ve caught it already, and they caught it themselves," Ford said. "This is impressive given that the vast majority of breaches are detected by third parties, and often not for months."
HSBC Turkey has notified the Banking Regulation and Supervision Agency of Turkey and other relevant authorities about the breach. An investigation aimed at identifying the perps behind the hack has begun. In the meantime banking customers should continue to use their account as normal, HSBC Turkey advises.
The bank said it is "not possible to print cards and withdraw money from ATMs with the compromised information" and likewise "not possible to make any transactions through internet banking or telephone banking with the compromised information".
"Our customers can continue to use internet banking and telephone banking confidently," it added.
Ford said this response was reasonable in the circumstances.
"HSBC is underscoring that cards will not be re-issued at this time, and that the compromised data will not impact Internet Banking, ATM transactions, and telephone banking services; customers can continue using their cards with confidence. This is because 'card present' transactions require additional information that would be encoded on the magnetic strip, and for 'card not present' transactions, the card security code (CVC or CVV2) would be required to transact business.”
Although cybercrooks may be missing pieces of information needed to carry out fraud, there's a very real possibility that they might attempt to hoodwink prospective marks into handing over this information through phishing scams or similar trickery. Extra vigilance would be prudent and we'd be inclined to support HSBC Turkey customers who went further and requested a reissued card.
Subscribe to:
Posts (Atom)