Category: Cyber Security

The General Data Protection Regulation – Start the countdown!

Start the countdown.

Start the countdown. 1)Copyright by Julian Lim under the Creative Commons Attribution 2.0 Generic

After years and years of lengthy drafting and negotiating, the European Commission, the European Parliament and the EU Council, following the final negotiations between the three institutions (the so-called “trilogue negotiations”) have, at last, reached a political agreement on the data protection reform package, which includes the General Data Protection Regulation (“GDPR”) and the Data Protection Directive for the police and criminal justice sector, as the Civil Liberties (LIBE) Committee of the European Parliament also approved the text on 17 December.

A formal adoption from the European Parliament and the EU Council is still required though, currently foreseen to take place at the beginning of 2016.

At this pace, and optimistically, the Regulation will finally be published somewhere in the middle of 2016.

So let the countdown begin…

References   [ + ]

1. Copyright by Julian Lim under the Creative Commons Attribution 2.0 Generic

The Sony data breach: when
fiction meets reality?

You better believe SONY. You have been HACKED!

You better believe SONY. You have been HACKED!

It is not the first time that Sony suffers a massive cyber attack. Back in 2011, due to some vulnerabilities found in its data servers, a hacking of its Play Station online network service enabled the theft of names, addresses and credit card data belonging to 77 million user accounts.

A few days ago, Sony Pictures computer systems were hacked again allegedly by a group of hackers calling themselves Guardians of Peace. As a consequence, a humongous amount of data, including confidential details, such as medical information, salaries, home addresses, social security numbers, regarding 47 thousands of Sony employees and former employees, namely Hollywood stars, as well as contracts, budgets, layoffs strategies, scripts for movies not yet in production, full length unreleased movies and thousands of passwords were leaked to the Internet.

The reason remains unclear. Despite the denial of a North Korea representative regarding a possible involvement of that country, it is being speculated that this attack is a retaliation from the North Korea government as a response to an upcoming Sony comedy, ‘The Interview’, starring actors Seth Rogen and James Franco, which depicts an assassination attempt against the North Korea’s leader Kim Jong-un. If Hollywood comedies are now deemed a sufficient reason to conduct cyber-attacks on real life, fiction and reality are meeting in a very wrong way.

Anyway, considering the volume and the sensitive nature of the information disclosed, this can actually be one of the largest corporate cyber attacks which has ever been known of.

It is a sharp reminder that hacking attacks can be directed to any company and can take all forms, equally damaging. This attack demonstrates once again that not only critical infrastructure is at risk. Sony Pictures Entertainment is one of the largest studios in Hollywood. It is really not the expected victim of a cyber-attack. However, it was an easy prey as its business decisions regarding information security have been publicly stated in previous occasions. Despite their ludicrous nature, I guess someone took those comments seriously.

Considerations regarding the absurdity of having a file directory named ‘Passwords’ aside, this attack outlines that data breach is one of the major threats that companies face nowadays. Cyber attacks are conducted against companies of all sizes. Large companies do eventually recover from these breaches. Small businesses generally hardly pull through after suffering a cyber-attack. It is therefore essential that businesses implement a solid cyber-security programme, namely conducting regular self-hacking exercises to assess the vulnerabilities of their security systems in order to prevent a potential breach.

What about Sony? Well, the value of the damages regarding its employees is incalculable considering that their identities may be stolen, their bank accounts may be compromised and their houses may be robbed. Only time will tell if and how it will recover.

Meet Regin

Yes, You have been hacked and spied upon!

Yes, You have been hacked and spied upon!

Regin is not like all the other regular viruses you can find in your computer. It is the most recently discovered powerful tool for cyber espionage between nation-states, as reported by computer security research lab Symantec, and by its main competitor Kaspersky Labs.

Regin is described as a sophisticated cyber attack platform, which operates much like a back-door Trojan, mainly affecting Windows-based computers. It can be customized with different capabilities depending on the target and, while it operates in five stages, only the first one is detectable.

Among its diversified range of features, Regin allows the remote access and control of a computer, thus enabling the attacker to copy files from the hard drive, to recover deleted files, to steal passwords, to monitor network traffic, to turn the microphone or the camera on, and to capture screenshots.

According to the above mentioned reports, Regin has been sneakily around since, at least, 2008, and has been used in systematic spying campaigns against a wide range of international targets, namely governments’ entities, Internet services providers, telecom operators, financial institutions, mathematical/cryptographic researchers, big and small businesses, and individuals.

As for the geographical incidence, Saudi Arabia and Russia appear to be the major targets of Regin. Mexico, Iran, Afghanistan, India, Belgium and Ireland were among the other targeted countries.

The conclusions drawn in the Symantec’s report are, at the very least, very unsettling. It is stated that, considering its high degree of technical competence, its development is likely to have taken months, if not years, to be completed.

Regin is a highly-complex threat which has been used in systematic data collection or intelligence gathering campaigns. The development and operation of this malware would have required a significant investment of time and resources, indicating that a nation state is responsible. Its design makes it highly suited for persistent, long term surveillance operations against targets.

Therefore, the new million dollar question is: who is behind its conception? Unfortunately, it is very difficult to find out who has created or has otherwise financed its development because little trace of the culprits was left behind. However, it is well known that not all countries are so technologically advanced to be able to engineer such an accurate tool or to conduct such a large scale operation.

As a governmental instrument for mass surveillance, cyber espionage and intelligence gathering, Regin is just one of its kind. A few years ago, the world assisted to the rise of similar viruses, also from a nation state origin. Stuxnet, Duqu and Flame were three of the detected viruses previously employed to perform industrial sabotage or to conduct cyber espionage.

Thus said, this historical pattern for cyber attacks clearly shows that virtual wars are being fought, in an almost invisible battlefield that is the cyberspace, where nation-states clash silently. Once limited to opportunistic criminals, viruses are currently the new weaponry in this cyber warfare.

But a state sponsored cyber attack does not really come as a surprise. Governments have always spy on each other in order to obtain strategic, economic, political, or military advantage. The discovery of Regin just confirms that investments are continuing to be made in order to develop implacable instruments for espionage and intelligence gathering purposes.

In this context, it is no coincidence that cyber security is increasingly appointed as a decisive part of any governments’ security strategy, as it involves protecting national information and infrastructure systems from major cyber threats.

And while these sophisticated attacks are conducted, sensitive information about individuals is accessed, stolen, collected and stored by unknown attackers. To what end? Well, it can be any, really…

© 2017 The Public Privacy

Theme by Anders NorenUp ↑