Recent Cyber Security Risks That Hit The News

Most of the attacks involve viruses, malware or spyware.

A number of big companies have been hit by cyber security breaches in the recent past. Most of the attacks involve viruses, malware or spyware.

Some attackers destabilize their competitors’ businesses to gain unfair advantage.

Sadly, the latest cyber security attacks show a level of wickedness and danger that might force a new approach to cyber security.

Attackers have managed to expose their victims’ names, Social Security Numbers (SSN) dates of birth, phone numbers, mailing and email addresses, and even bank account information.

There are two types of hackers that are known to be driving coordinated and dangerous cyber security attacks.

They include organized cybercriminals and nation-sponsored groups. The former chases financial gain, and the later carry out attacks for geo-political interests.

Both of them have elevated their efforts to undetected levels of recklessness so far this year. The FBI now ranks cybercrime as its 3rd priority behind terrorism and espionage.

The Obama administration budget proposal of 2016 financial year seeks $14 billion – $1 billion more than in previous budgets – to better combat cyber security breaches.

Let’s take a look at cyber security attacks that have hit the headlines in recent past.

The MICROS breach

Data Breach — Oracle’s Micros payment systems hacked

A Russian hacking group notorious for hacking into financial institutions hacked hundreds of computer systems at Oracle Corp., according to KrebsOnSecurity.

The group hacked a customer support portal belonging to firms that use Oracle’s MICROS point-of-sale (PoS) credit card payment systems.

The breach involved malware placed on the MICROS support portal, which gave them the ability to capture MICROS user names and passwords belonging to thousands of customers when they logged in.

Oracle acknowledged the breach and assured customers that they were working to fix the issue.

The company acknowledged the attack and requested MICROS customers to reset their passwords.

CiCi’s Pizza breach

CiCi’s Pizza, a Texas based fast-food business with over 500 stores spread across 35 states, is the latest restaurant chain to suffer a cyber security breach.

Attackers obtained access to card data by masquerading as technical support professionals for the restaurant’s point-of-sale provider.

Several months later, KrebsOnSecurity received inquiries from fraud-fighters at various financial institutions across the United States.

All of these financial institutions discovered a pattern of fraud on all cards that customers had used at various CiCi’s Pizza outlets.

DAC’s accounts

DAC Group, one of world’s largest digital & content marketing agencies suffered a security breach recently.

The personal information of 93,000 of its customers was the subject of “a sophisticated security breach.”

In normal conditions the attack would just be another cyber security breach but what made this breach unique were the 77,000 leaked accounts.

Researchers also found dozens of other leaked accounts on DAC Group’s data discarded with different email domains.

It is not clear who the hackers were and how they executed the attack.

Strider’s group

Strider’s, a previously unknown hacking group has been doing a surgical cyber-espionage campaign against companies in Belgium, China, Russia, Rwanda, Iran, and Sweden.

Symantec experts believe the group has been operational since 2011 and so there is a possibility it is a nation-state community.

The group uses a sophisticated malware dubbed “Remsec,” which lives in the server memory, leaving no trace for a normal antivirus to detect.

Symantec has discovered 36 computers belonging to 7 different companies since late 2011.

WP Mobile Detector

In June 2016, attackers exploited an unpatched vulnerability in WP Mobile Detector.

The vulnerability was located in a script known as resize.php script and allowed attackers to upload thousands of arbitrary files to servers.

These files are known as Web shells and give attackers access to the server and the ability to add code into genuine pages.

While the plug-in’s developer fixed the problem several days later, the attack left more than 10,000 thousand websites crippled.

Leave a Comment