Tag Archives: Cyber liability

2.9 million Adobe customers affected by cyber-attack

Posted on October 17, 2013 by Marijana Dabic

The cyber attack on Adobe is just another example in a wave of global attacks targeting personal and business financial data.

Adobe, the software company behind Acrobat, Photoshop and InDesign has experienced a data breach, potentially compromising the data of 2.9 million customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems,” said Brad Arkin, Adobe chief security officer in a Customer Security Announcement on October 3^rd.

Adobe has reset passwords on customers’ accounts and recommended that customers change their passwords on any other website where they may have used the same user ID and password. The company has alerted the banks processing customer payments, as well as federal law enforcement.

Adobe also said it would give affected customers the option of enrolling in a one-year complimentary credit monitoring membership where available.

What’s the threat?

According to Brian Krebs, of the KrebsonSecurity blog, the threat is that the Adobe hackers could have hidden zero-day exploit code within a PDF document, or Flash animations, to create weaponised content. They would then use a spear-phishing email to deliver the weaponised content to the targeted user. “When the user opens the attachment or watches the animation, the exploit code exploits the vulnerability to silently download malware on the user’s machine. The user isn’t aware that this download has happened. But this malware, often a Remote Access Trojan (RAT), enables the attacker to access sensitive data or even gain full control over the user’s machine” explains Krebs.

Lessons Learned

These breaches underscore the importance of organizations continuously monitoring their systems for suspicious changes and unknown programs on their systems, as well as providing their employees with security awareness training.

Once the breach happens, it is imperative that a business continuity plan be executed in a timely manner and that the proper communication be established with the public.

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.

Cyber Threats Top Concern over Other Business Risks

Posted on September 30, 2013 by Marijana Dabic

A survey of perceptions about cyber risk, released by AIG earlier this year, found that corporate executives are more concerned about cyber threats than about other major business risks.

Survey Results

More than 85% of the 258 executives surveyed said they were very or somewhat concerned about cyber risks to their organizations, compared with the group’s response to six other areas of risk, including income loss (82%), property damage (80%), and securities and investment risk (76%).

AIG noted that 80% of executives and insurance brokers said they find it difficult to keep pace with changing cyber threats.

Other Findings from the Survey

More than two out of three (69%) executives and brokers believe that the reputational risk from a cyber attack is far greater to a company than the financial risk.

In addition, the survey found that:

More than seven in ten (75%) executives and brokers say legal compliance issues are making companies think more about cyber risks
The vast majority of insurance brokers and executives (82%) believe hackers are the primary source of cyber threats, though a significant portion of those surveyed (71%) also perceive human error as a significant component of cyber risk

Why is this important?

Your company, your clients, and your business partners are depending on you to ensure that cyber risk is being addressed properly. With a comprehensive and strategic approach to cyber risk management, you will accomplish this without breaking the bank.

Cybercriminals Ruin Escrow Firm and Cause Job Losses

Posted on September 16, 2013 by Marijana Dabic

Efficient Services Escrow Group of Irvine, California, was subjected to a $1.5 million Cyber heist that caused it to go out of business and lay off all 9 of its employees. Escrow companies are responsible for safeguarding funds, and if escrowed funds are at risk, the state regulator has the right to step in and protect those escrowed funds.

What went wrong?

Between December 2012 and January 2013, Efficient Services was hit with three separate fraudulent wire service transfers. These were from the company’s bank, First Foundation of Irvine, CA, to bank accounts in Russia and China. The first $432,215 that left Efficient Services’ account on Dec. 17 was recovered from Russia, but two other wires totaling over $1.1 million, which were sent to China on Jan. 24 and Jan. 30, were not recovered.

Efficient Services reported its losses to the California Department of Corporations on February 22, which launched an investigation. On Feb. 28, The Department of Corporations froze the escrow company’s activity and noted that the company had previously had instances of negligent bookkeeping and record-keeping practices.

According to former Washington Post reporter and now fraud blogger Brian Krebs, who first reported the Efficient Services incident on Aug. 13, the bank initially thought the losses resulted from embezzlement, not an account hack.

Why is this important?

Since then, a state investigation determined that a cyber theft was to blame for the losses. The cause of the incident was a remote access Trojan virus that was planted in Efficient Services’ systems. Nonetheless, the escrow company, unable to make up for its losses, has closed.

This incident now stands as one of the largest account takeover cases on record, eclipsed only by the June 2010 Global Title Services theft, which resulted in $2 million in fraudulent transfers and just over $200,000 in unrecovered losses.

Lessons Learned

In a case like this it is hard to determine whether the responsibility lies with the company or the bank. No litigation has been filed yet, but a civil suit may be filed in order to resolve the issue of responsibility for this case. Regardless, the fact remains that a cyber security breach has caused the company to close its doors and terminate jobs.

This cyber attack killed a viable business that was on its way to clear half a million in profits in 2014 and a million the year after.

Employee Data Leaks a Major Cyber Risk

Posted on August 22, 2013 by Marijana Dabic

U.S. soldier Bradley Manning is escorted out of a courthouse during his court martial at Fort Meade in Maryland, August, 20, 2013. (REUTERS/Jose Luis Magana)

The case of Bradley Manning, the U.S. soldier convicted of the biggest breach of classified data in the US history by providing files to WikiLeaks, highlights how employees can pose a major vulnerability to the internet security.

In 2010, Manning turned over more than 700,000 classified files, battlefield videos and diplomatic cables to WikiLeaks, the pro transparency website, in a case that has commanded international attention. Manning was sentenced to 35 years in prison on Wednesday and this sentence is unprecedented in its magnitude for providing secret material to the media. Please click on the link to read more in the Toronto Sun article: Bradley Manning sentenced to 35 years in WikiLeaks case

This case shows how some of the most damaging cyber-attacks involving deliberate policy violations come from within the business, in ways that many employers overlook when it comes to their cyber security. It’s an employer’s worst nightmare—an employee is dissatisfied with his or her job and decides to defraud or steal from the company. Employees can cause enormous damage by committing these crimes.

According to a 2012 occupational fraud report by the Association of Certified Fraud Examiners (ACFE), the typical organization loses 5 per cent of its annual revenue to fraud. It also reported that the median loss caused by fraud was $160,000. For a small company, this could mean the end of the business. Small businesses are more at risk because owners inherently treat their employees like family, leading to complacency and lax security measures. Small businesses also tend not to have anti-fraud measures in place as many lack the knowhow and enforcement capabilities of larger businesses. Nearly half of victim organizations do not recover any losses that they suffer due to fraud.*

ABEX has partnered with WatSec to provide employee security awareness training as part of our Cyber Risk Management Program. The security awareness training prepares every staff member with the critical skills necessary to work productively while being vigilant for potential security threats.

Please contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.

*Source: ©2013 Zywave, Inc

Hackers Demand Ransom from Businesses after Stealing and Encrypting Their Information

Posted on August 15, 2013 by Marijana Dabic

Thank you to all who participated in ABEX / WatSec Cyber Webinar yesterday. During the webinar, we touched on a few different examples of cyber attacks, one of the newest threats involving ransom attacks.

In ransom attacks, hackers steal information from businesses and encrypt it so that it can’t be read by anyone. Data from backups can get encrypted as well. Then hackers demand ransom from the victims in exchange for the encryption key that would allow the victims to access their own information. However, the hackers won’t necessarily decrypt the files even after the ransom had been paid.

There are many examples of ransom attacks happening, not only around the globe, but also here in Canada and more specifically in Southwestern Ontario and GTA. These cases do not always reach the media, and thus do not get the deserved attention.

One example includes some Dryden, Ontario residents who were struck by a combination of computer virus and Internet scam. The virus would exhibit the logo of the RCMP, informing users they have violated copyright infringement or downloaded illegal pornography. It details the applicable money-wiring businesses users should use to pay their fine of $100 within 72 hours or risk being imprisoned from one to nine years or face a fine of up to $250,000. Click here to read more.

Another example includes an Australian medical centre, Miami Family Medical Centre and The Surgeons of Lake County which all had a ransom demand after blackmailers broke into the organizations’ servers and encrypted their entire patient databases. Click here to read more.

According to Norton’s Cybercrime 2012 report, 70% of online adults in Canada have been the victim of cybercrime at some point in their life. Cybercrime costs Canadians $1.4 billion per year. The average cost per crime victim is over $160, according to Norton’s report.

A security company, Trend Micro, has published an infographic: The Cybercriminal Underground: How Cybercriminals Are Getting Better At Stealing Your Money. The infographic explores what items are being traded in the cybercrime underground, how the underground is organized, and how users are affected. Click here to read more.