Cyber Liability: Managing Password Threats

Posted on October 29, 2013 by Marijana Dabic

Organizations trust passwords to protect valuable assets such as data, systems and networks. Passwords are versatile—they authenticate users of operating systems (OS) and applications such as email, labour recording and remote access, and they guard sensitive information like compressed files, cryptographic keys and encrypted hard drives.

Because passwords protect such valuable data, they are often a prime target of hackers and thieves. Although no method of password protection is 100 per cent effective, it is still important to understand and mitigate threats to password security so you can protect your company and its assets.

Types of Password Threats

Implementing security measures starts with anticipating security threats. There are four main ways that attackers attempt to obtain passwords: capturing passwords, guessing or cracking passwords, replacing passwords and using compromised passwords.

1. Password Capturing

An attacker can capture a password through password storage, password transmission or user knowledge and behaviour. OS and application passwords are stored on network hosts (a computer connected to a network) and used for identification. If the stored passwords are not secured properly, attackers with physical access to a network host may be able to gain access to the passwords. Never store passwords without additional controls to protect them. Security controls include:

Encrypting files that contain passwords
Restricting access to files that contain passwords using OS access control features
Storing one-way cryptographic hashes for passwords instead of storing the passwords themselves

Hashes are the end result of putting data, like passwords, through an algorithm that changes the form of the original information into something different. For example, the password ‘default’ could be mapped as an integer such as 15. Only the network host knows that 15 stands for the password ‘default’. Read more >>

ABEXAccess.com News: Initial Broker Rollout Will Begin VERY Soon!

Posted on October 22, 2013 by Marijana Dabic

In gearing up to our official launch of ABEXAccess.com, we will continue to provide you with information of what your experience will be like with this groundbreaking platform for Real-Time rating and paperless policy issuance.

The wait is almost over!

Over the past few months we have been providing you with information about some of the most exciting features that you will be able to do with ABEXAccess.com.

The entire ABEX team is excited to tell you that your wait to try it out yourself is nearly over! We are currently finalizing our own internal user testing and details of the broker rollout.

How does it work?

As described in a previous newsletter, our staff will enter your existing renewals into ABEXAccess and issue your client’s renewal policies.

An initial group of Brokers will be provided access to the ABEXAccess.com site to view their renewed policy information and enter new business. This group of Brokers will be expanded to all ABEX Brokers in the coming months.

Want to learn more?

Please click on the links below to learn more about this revolutionary solution for Real-Time rating and paperless policy issuance.

ABEXAccess.com will be released in the coming weeks, and those interested in test driving it can contact us at quotes@abexinsurance.com.

2.9 million Adobe customers affected by cyber-attack

Posted on October 17, 2013 by Marijana Dabic

The cyber attack on Adobe is just another example in a wave of global attacks targeting personal and business financial data.

Adobe, the software company behind Acrobat, Photoshop and InDesign has experienced a data breach, potentially compromising the data of 2.9 million customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems,” said Brad Arkin, Adobe chief security officer in a Customer Security Announcement on October 3^rd.

Adobe has reset passwords on customers’ accounts and recommended that customers change their passwords on any other website where they may have used the same user ID and password. The company has alerted the banks processing customer payments, as well as federal law enforcement.

Adobe also said it would give affected customers the option of enrolling in a one-year complimentary credit monitoring membership where available.

What’s the threat?

According to Brian Krebs, of the KrebsonSecurity blog, the threat is that the Adobe hackers could have hidden zero-day exploit code within a PDF document, or Flash animations, to create weaponised content. They would then use a spear-phishing email to deliver the weaponised content to the targeted user. “When the user opens the attachment or watches the animation, the exploit code exploits the vulnerability to silently download malware on the user’s machine. The user isn’t aware that this download has happened. But this malware, often a Remote Access Trojan (RAT), enables the attacker to access sensitive data or even gain full control over the user’s machine” explains Krebs.

Lessons Learned

These breaches underscore the importance of organizations continuously monitoring their systems for suspicious changes and unknown programs on their systems, as well as providing their employees with security awareness training.

Once the breach happens, it is imperative that a business continuity plan be executed in a timely manner and that the proper communication be established with the public.

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.

Cyber Threats Top Concern over Other Business Risks

Posted on September 30, 2013 by Marijana Dabic

A survey of perceptions about cyber risk, released by AIG earlier this year, found that corporate executives are more concerned about cyber threats than about other major business risks.

Survey Results

More than 85% of the 258 executives surveyed said they were very or somewhat concerned about cyber risks to their organizations, compared with the group’s response to six other areas of risk, including income loss (82%), property damage (80%), and securities and investment risk (76%).

AIG noted that 80% of executives and insurance brokers said they find it difficult to keep pace with changing cyber threats.

Other Findings from the Survey

More than two out of three (69%) executives and brokers believe that the reputational risk from a cyber attack is far greater to a company than the financial risk.

In addition, the survey found that:

More than seven in ten (75%) executives and brokers say legal compliance issues are making companies think more about cyber risks
The vast majority of insurance brokers and executives (82%) believe hackers are the primary source of cyber threats, though a significant portion of those surveyed (71%) also perceive human error as a significant component of cyber risk

Why is this important?

Your company, your clients, and your business partners are depending on you to ensure that cyber risk is being addressed properly. With a comprehensive and strategic approach to cyber risk management, you will accomplish this without breaking the bank.

Cybercriminals Ruin Escrow Firm and Cause Job Losses

Posted on September 16, 2013 by Marijana Dabic

Efficient Services Escrow Group of Irvine, California, was subjected to a $1.5 million Cyber heist that caused it to go out of business and lay off all 9 of its employees. Escrow companies are responsible for safeguarding funds, and if escrowed funds are at risk, the state regulator has the right to step in and protect those escrowed funds.

What went wrong?

Between December 2012 and January 2013, Efficient Services was hit with three separate fraudulent wire service transfers. These were from the company’s bank, First Foundation of Irvine, CA, to bank accounts in Russia and China. The first $432,215 that left Efficient Services’ account on Dec. 17 was recovered from Russia, but two other wires totaling over $1.1 million, which were sent to China on Jan. 24 and Jan. 30, were not recovered.

Efficient Services reported its losses to the California Department of Corporations on February 22, which launched an investigation. On Feb. 28, The Department of Corporations froze the escrow company’s activity and noted that the company had previously had instances of negligent bookkeeping and record-keeping practices.

According to former Washington Post reporter and now fraud blogger Brian Krebs, who first reported the Efficient Services incident on Aug. 13, the bank initially thought the losses resulted from embezzlement, not an account hack.

Why is this important?

Since then, a state investigation determined that a cyber theft was to blame for the losses. The cause of the incident was a remote access Trojan virus that was planted in Efficient Services’ systems. Nonetheless, the escrow company, unable to make up for its losses, has closed.

This incident now stands as one of the largest account takeover cases on record, eclipsed only by the June 2010 Global Title Services theft, which resulted in $2 million in fraudulent transfers and just over $200,000 in unrecovered losses.

Lessons Learned

In a case like this it is hard to determine whether the responsibility lies with the company or the bank. No litigation has been filed yet, but a civil suit may be filed in order to resolve the issue of responsibility for this case. Regardless, the fact remains that a cyber security breach has caused the company to close its doors and terminate jobs.

This cyber attack killed a viable business that was on its way to clear half a million in profits in 2014 and a million the year after.