Uber Paid To Hide Massive Data Breach From Public

It has recently come to light that the company was hacked in 2016 in a massive breach that exposed the personal information of more than 57 million Uber users and drivers. A wide range of data was stolen. Where users were concerned, names, email addresses and phone numbers were compromised.

As bad as that is, the problem was even worse for more than 600,000 of the company’s drivers who had their driver’s license numbers hacked, too.

Standard protocol is that when a breach like this occurs, the company will engage law enforcement officials as appropriate, hire a third-party security firm to help with the forensic investigation and notify their consumers.

Unfortunately, that’s not the path Uber chose to take. Instead, they paid the hackers $100,000 in exchange for keeping quiet about the hack and deleting the stolen data.

The company kept the incident under wraps for more than a year, but eventually, word of the attack leaked out, and the fallout has been catastrophic. Uber’s CEO Dara Khosrowshahi has asked for the resignation of the company’s Chief Security Officer, Joe Sullivan, and one of his deputies, Craig Clark, both of whom worked to keep the attack quiet.

In a formal statement, Khosrowshahi had this to say:

“None of this should have happened, and I will not make excuses for it. While I cannot erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

As is common in the aftermath of events like these, Uber is offering its impacted customers a free year’s worth of credit monitoring services and will likely force password changes for its app users. More than a year too late, but it’s something.

File this away under how not to handle a data breach.

Former Employees Pose Serious Risk To Security

The Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded those who deal with PHI and PII of the dangers that terminated employees can pose to system security in their monthly cybersecurity newsletter. Their advice is as timely as it is excellent, and includes the following:

“Making sure that user accounts are terminated so that former workforce members don’t have access to data is one important way Identity and Access Management can help reduce risks posed by insider threats.

IAM can include many processes, but most commonly would include the processes by which appropriate access to data is granted, and eventually terminated, by creating and managing user accounts.”

Kate Borten, President of The Marblehead Group, agrees, citing Verizon’s 2017 Data Breach Investigations Report, which was released earlier this year and named health care as the industry with the highest number of insider breaches.

OCR has published an extensive list of recommendations, which include:

• The creation and maintenance of user access logs used to determine when a user’s access levels are increased, or new equipment is assigned. These logs can also be used to track and trace precisely who is accessing what data, when, and using what locations, creating an audit trail.
• Establishing processes designed to terminate an employee’s access as soon as employment ends. These processes should also refer back to the aforementioned access logs to ensure that all equipment has been returned.
• Changing all administrative passwords on termination of an employee with access to those accounts, so that they will be unable to access them post-employment.
• The creation of alerts that call attention to accounts that have not been utilized in some predefined number of days in order to identify accounts that may be ripe for purging from the system.
• And developing a robust auditing procedure designed to ensure that all IAM-related policies are being followed, and that the system is working as intended.

It’s an excellent piece, and if your firm is in any way involved with the handling of protected health information, you owe it to yourself to head to OCR’s website and read it in its entirety.

Apple Is On Track To Become A Trillion Dollar Company

Recently, Apple’s stock closed at $175.88, giving it a market valuation slightly above $900 billion. A Drexel Hamilton analyst named Brian White predicts that over the course of the next twelve months, the company’s stock could be trading as high as $235 per share, and at that price, Apple’s market valuation would be over one trillion dollars, making it the only trillion-dollar company on the planet.

“With a market cap of over $900 billion, we believe Apple is on its way to becoming a ‘trillion dollar baby’ as reflected in our price target. We were the first on Wall Street to project that Apple would reach a $1 trillion market cap as reflected by a price target; our current price target of $235 equates to approximately a $1.2 trillion market cap.”

Mr. White is not alone. Another analyst, Amit Daryanani, working for RBC Capital Markets, has made a similar prediction, stating:

“In our view, Apple’s quarterly results will be less important this summer as investors are focused on the iPhone 8 this fall, along with the company’s raised capital distribution initiative, depressed valuation and potential new innovations. We believe Apple remains among the most underappreciated stocks in the world.”

If you don’t yet own stock in the company, now would probably be a great time to buy. As Apple edges closer to the one trillion-dollar threshold, it’s sure to generate an increasing number of headlines, which will increase interest in the company and push the stock price higher still, hastening the day when it hits the mark.

If you already own a stake in the company, hold onto it, and if you concur with Daryanani’s assessment, add to it as you’re able. You could soon be the proud owner of a tiny slice of investment history.

Ransomware Attackers Are Increasing Their Attacks On Businesses

The ransomware ecosystem is maturing. Strains are divided into “families” and the number of new families that have been discovered in 2017 is half what it was in 2016. Even so, the total number of attacks targeting businesses have risen by 26 percent over last year’s totals, according to the latest statistics released by Kaspersky Lab.

Rather than inventing wholly new software strains, hackers around the world seem content to modify existing strains, with the number of modifications growing from 54,000 to an astonishing 96,000 this year.

The modifications are having impacts that extend far beyond simply allowing them to slip past a company’s defenses. Last year, 29 percent of companies impacted by a ransomware attack claimed that the incident took a week or longer to recover from. This year, that percentage rose to 34 percent.

According to one of Kaspersky’s senior malware analysts, Fedor Sinitsyn, “The headline attacks of 2017 are an extreme example of growing criminal interest in corporate target. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down.

Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems, are not surprisingly on the rise.”

In addition to the total number of such attacks increasing, we’ve seen several large-scale attacks this year, and there’s no reason to believe that we won’t see more of that in the months and years ahead.

This represents a fundamental shift in strategy as compared to years past and is a clear indication that hacking groups around the world are increasingly coordinating their efforts and learning from one another. That’s bad news for IT security professionals everywhere.

Black Friday Brings Major Increase In Fraud

Retailers are gearing up for the year’s busiest shopping weekend, which runs from Black Friday to Cyber Monday, but another group is also gearing up.

Scammers.

Security experts are warning that retailers should brace for impact because the best estimates are that there could be as many as fifty million fraud-based attacks between those spectacularly busy shopping days.

The estimate is higher than it’s ever been, and is driven in large part by the sheer number of high profile data breeches that have occurred over the last twelve months.

Account data for hundreds of millions of users flooded the Dark Web on the heels of those attacks. The scammers happily stocked up on them and are more than ready for the holiday season.

According to details provided by ThreatMetrix, the attack will shake out something like this:

• In advance of Black Friday, the scammers will use bots to test the stolen credentials they’ve purchased, tossing the ones that no longer work, and keeping the ones that are still active.

• Once they’ve culled their lists, they’ll spend a bit of time conducting a few million test attacks.

• After they successfully test their software with the valid IDs, they’ll launch large-scale fraud attacks with new user account registrations and attempted fraudulent payments.

According to security researcher Vanita Pandey:

“Many e-commerce merchants choose to accept a greater degree of risk on these key days in order to accept more transactions and reduce the chance that good customers experience friction when placing orders….fraudsters see peak shopping days as the opportunity to make larger purchases/attempt to redeem bigger basket sizes, which are less likely to be flagged as suspicious in among the sea of other high value purchases being made by good customers.”

The long and the short of it is that if you expect to see a spike in sales during the Black Friday – Cyber Monday shopping weekend, brace for a big spike in fraud attempts, too.

USB Drives Could Be Huge Factor In Data Loss, Theft

Most people agree that the use of USB drives increases efficiency and boosts productivity, which goes a long way toward explaining their popularity, but these handy little drives can also be problematic.

According to a recently published survey by Apricorn, 87 percent of employees surveyed report that they have lost or had a USB drive stolen and failed to notify their employer. Worse, 80 percent of employees surveyed reported using non-encrypted USB drives that they’ve often acquired for free at trade shows or conferences.

The fact that these drives are unencrypted is bad enough, but there’s another, even more frightening dimension to the problem. Such drives could be pre-loaded with malware, which could easily make it onto your company’s network the moment they’re connected to any office machine.

Apricorn had this to say about the results of the survey:

“With the ever-increasing amount of data breaches and compromises, companies need to carefully monitor what data is being created in their organizations, and what is leaving.

Government, healthcare, finance and education industries have access to copious amounts of sensitive information and most of these industries are using USBs without advanced permission. Not only are these companies leaving themselves vulnerable, they are placing their customers’ and employees’ data at risk.”

Although the company notes that there is an awareness of the damage that lost or compromised data can cause, not much is being done about preventing that loss, at least where the use of USB drives is concerned. According to the survey, fully half of the respondents indicated that they didn’t need to seek permission to use a USB drive to copy or transport potentially sensitive information.

Does your company have a robust set of policies in place to control the use of USB drives? Are all the USBs used by your employees encrypted and secure? Do you have a policy in place regarding proper reporting procedures should a USB drive go missing? Important questions, all.

Uber Paid To Hide Massive Data Breach From Public

It has recently come to light that the company was hacked in 2016 in a massive breach that exposed the personal information of more than 57 million Uber users and drivers. A wide range of data was stolen. Where users were concerned, names, email addresses and phone numbers were compromised.

As bad as that is, the problem was even worse for more than 600,000 of the company’s drivers who had their driver’s license numbers hacked, too.

Standard protocol is that when a breach like this occurs, the company will engage law enforcement officials as appropriate, hire a third-party security firm to help with the forensic investigation and notify their consumers.

Unfortunately, that’s not the path Uber chose to take. Instead, they paid the hackers $100,000 in exchange for keeping quiet about the hack and deleting the stolen data.

The company kept the incident under wraps for more than a year, but eventually, word of the attack leaked out, and the fallout has been catastrophic. Uber’s CEO Dara Khosrowshahi has asked for the resignation of the company’s Chief Security Officer, Joe Sullivan, and one of his deputies, Craig Clark, both of whom worked to keep the attack quiet.

In a formal statement, Khosrowshahi had this to say:

“None of this should have happened, and I will not make excuses for it. While I cannot erase the past, I can commit on behalf of every Uber employee that we will learn from our mistakes. We are changing the way we do business, putting integrity at the core of every decision we make and working hard to earn the trust of our customers.”

As is common in the aftermath of events like these, Uber is offering its impacted customers a free year’s worth of credit monitoring services and will likely force password changes for its app users. More than a year too late, but it’s something.

File this away under how not to handle a data breach.

Corporate Attacks On The Rise Through Vulnerable Printers

Few things are more ubiquitous in an office environment than printers. Of course, these days, most printers are much more than simply that. They can also scan, copy and even send emails. As such, they’ve become an increasingly attractive option to hack, according to the latest data released by Barracuda Networks.

The reason is simple. Most printers aren’t as well protected as PCs and other devices on your network. They’re the weak point in your company’s defensive armor.

The upsurge in this type of attack seems to be focused on Cannon, HP and Epson printers, and works like this:

A printer is compromised and used to send spoofed scanned attachments, usually bearing an innocuous subject line such as “Scanned From HP,” “Scanned from Epson” or “Scanned from Cannon.”

Most employees don’t think twice about opening such attachments because they appear to be from a legitimate source inside the company, which is, of course, exactly what the hackers are counting on.

While any sort of payload can be delivered in this manner, the most common strain found installs a back door on the target PC, allowing the hackers to:

  • Monitor behavior and log keystrokes
  • Change computer settings
  • Copy files
  • Access other connected systems
  • And more.

In a clear indication that the malware could be used to launch a ransomware style attack, it also gives the hackers the ability to replace the PC’s wallpaper with any file they choose.

Employees should be more mindful about this type of attack and always double check to make sure the sender is valid. Also, it’s important to hover over the links embedded in such emails in order to be sure they’re valid before clicking on them.

If you haven’t been on the receiving end of an attack like this yet, count yourself lucky and stay vigilant.

Hard Drives May Double In Speed With New Technology

What’s an HDD manufacturer to do when faced with competition by faster, more efficient SSD drives?

Go big, and go faster. At least that’s the strategy that both Seagate and Western Digital are adopting.

SSDs tend to get prohibitively expensive as their size crosses the 1TB threshold, which creates an opportunity for HDD manufacturers. Seagate is currently selling drives with an impressive 14TB of capacity, and has plans on the drawing board to introduce a 40TB drive by 2023, with Western Digital not far behind, aiming for a 40TB drive by 2025.

That’s impressive, but as Seagate mentioned in a recent blog post:

“Capacity is only half of the solution. If the ability to rapidly access data doesn’t keep pace with all that capacity, the value potential of data is inhibited. Therefore, the advancement of digital storage requires both elements: increased capacity and increased performance.”

In order to address the performance side of the equation, Seagate is experimenting with a new approach called “multi-actuator technology.”

HDDS are based on platters, with an actuator arm on the top and bottom that write to the platters.

Actuators are all aligned and are designed to move in tandem, but at any given moment, only one arm is writing to the disk.

Seagate’s new solution utilizes two sets of actuator arms, each controlled independent of the other. With two heads capable of reading and writing simultaneously, HDD speeds can effectively be doubled.

It’s an idea that has been around for a while, but until recently, thanks to the prohibitive cost of the components, it was simply impractical. With component prices falling, it’s suddenly viable. The combination of massive HDDs and the new technology are making people take a second look at HDD technology.

This is a great advance that breathes new life into HDDs, and is a truly exciting innovation.

Performance Issues Plague PC’s Updated With Spectre Patch

Recently a critical flaw was found inside every Intel chip made during the last decade.  The flaw makes two different exploits possible.  These exploits have been dubbed “Meltdown” and “Spectre.”

The flaws are incredibly severe, and make it possible for a hacker to gain complete, unfettered access to the targeted PC or laptop.  Although no instances of the exploit have yet been found in the wild, now that both are commonly known, it’s only a matter of time before that happens.

Based on that, and given the severity of the flaw, Intel scrambled to release an update, but here’s the catch:  The update would hurt system performance, lowering it by as much as 23%.

In the end, it didn’t matter.  To ignore the problem was simply not an option, so the company scrambled to get a fix ready and has since released it.  Unfortunately, the fix has proved to be even more problematic than was originally estimated.  In addition to degrading machine performance, it also interferes with a variety of maintenance activities and leads to an inordinate number of system reboots.

Initially, Intel advised its customers to proceed with the download in order to protect their systems, even in light of the performance degradation.  However, as the number of complaints have grown, the company reversed course and has now advised against downloading its latest update, asking users to wait for a revision to be published.

At this point, the company has not given an ETA on when the revised firmware update will be ready, but until it is, you’re placed in an awkward position.  Waiting for the update means exposing your company to risk, should a hacker target one of the machines on your network with the exploit.  Proceeding with the current firmware update means you’ll suffer performance issues, leaving you stuck between a rock and a hard place, at least for the short term.