How to avoid being hacked during this Fall’s travel season.
According to a recent study by cybersecurity firm NordVPN, one in four travelers has been hacked when using public Wi-Fi while traveling abroad. However, unsecured Wi-Fi is not the only factor travelers should be worried about.
Last year, the FBI published a tweet (see below) warning users against smartphone charging stations in public places (airports, hotels, and shopping malls). Hackers may have modified the charging cables with the aim of installing malware on phones to perform an attack called juice jacking.
“Digital information, although it exists virtually, can also be stolen using physical devices. So it is important to take a 360-degree approach and secure your device from both online and offline threats,” says Adrianus Warmenhoven, a cybersecurity advisor.
What is juice jacking?
Juice jacking is a cyberattack where a public USB charging port is used to steal data or install malware on a device. Juice jacking attacks allow hackers to steal users’ passwords, credit card information, addresses, names, and other data. Attackers can also install malware to track keystrokes, show ads, or add devices to a botnet.
Is juice jacking detectable?
Juice jacking attacks can be difficult to detect. If your device has already been compromised, you may notice some suspicious activity – but that won’t always be the case.
For example, you may notice something you don’t recognize on your phone — like purchases you didn’t make or calls that look suspicious.
Your phone may also start working unusually slowly or feel hotter than usual. Chances are you may have picked up malware. For a full list of signs to watch out for read on and find out how to know if your phone is hacked.
How to protect yourself
Since no sign of juice jacking is 100% reliable, it is best to avoid falling victim to this attack by using the following the advice:
Get a power bank. Power banks are a safe and convenient way to charge your device on the go. Getting a portable power bank means that you’ll never have to use public charging stations where juice jacking attacks occur. Always ensure your power bank is fully charged so you can use it on the go.
Use a USB data blocker. A USB data blocker is a device that protects your phone from juice jacking when you’re using a public charging station. It plugs into the charging port on your phone and acts as a shield between the public charging station’s cord and your device.
Use a power socket instead. Juice jacking attacks only happen when you’re connected to a USB charger. If you absolutely need to charge your phone in public, avoid the risk of infected cables and USB ports and use a power outlet. This is typically a safe way to charge your mobile device and other devices in public.
Within the global sector of cyber security, the two major areas that are constantly under attack are financial and governmental. Financial organizations that hold consumer data, in particular those that provide financial services to retail and commercial customers, including banks, investment companies, real estate firms, retail banking and insurance companies, are an obvious target for the simple fact that this is where the money is. At the end of the day, unless an attack is of a personal nature, in which the reputation of an individual or business is targeted, monetary assets are the endgame.
Now imagine a cyber threat the same as you would a burglar walking down the street. When a thief leaves their home, they do not necessarily know what they are going to target, unless they have done some reconnaissance and are after something specific. In most cases, however, the target itself is not premeditated. And a house which is more vulnerable and has less defences, will always be the first point of call. Given the choice between a house with an open window and lights out, and a house with attack dogs, security cameras and search lights, nine times out of ten a burglar will take the opportunity to infiltrate the house with the open window. Why? Because it is easier and quicker to break into this house successfully.
The same applies within the finance industry. If there is a vulnerability, it will be the first target. In response, banks and financial institutions require tailored and sophisticated security to support their systems and people, and to defend against an onslaught of complex and aggressive cyber-attacks. Not only must security compliance within the financial sector be tenfold, but it is essential that security precautions evolve, to mirror the growing threat landscape.
But as new cyber threats develop daily, this is easier said than done.
Anti-Fraud Systems
To uphold compliance, and elements such as GDPR, antifraud systems within the finance industry have developed significantly over the last few years to safeguard credentials. To do this a combination of key codes, two factor authentication, voice ID, behavioral analysis, one-time passcodes, protective messaging, and digital fingerprinting have been widely integrated.
In fact, if you look at the document, ‘Comparison of banking providers’ fraud controls’, from the Financial Conduct Authority (FCA), the majority of banks use a combination of these systems. With organisations including the Bank of Scotland, First Direct, Halifax and HSBC, using touch identification. An element that would seem almost impossible to recreate virtually.
But cyber criminals have a concerningly accurate knowledge of the internal workings of banking and banking systems. And, in 2019, an arena known on the dark web as Genesis Market was uncovered. Within Genesis Market, digital fingerprints, stolen from PC’s, were/are sold. And, with each fingerprint, a user’s digital identity provides the means to bypass security measures and gain access to accounts.
According to darknetstats, Genesis Market is accessible by invitation alone. Once in, not only are fingerprints available, but so are passwords, credit card information, cookies and more.
Admiral Kirk retina scan in progress. Star Trek 2: The Wrath of Khan
It is no wonder that retina scanners are developing in the biometrics/banking sphere.
Internal Threats
It can be argued that the reason why many cyber criminals know so much about the inner workings of financial organisations is because, at one point or another, many worked legitimately within the industry. Internal teams pose as much of a threat as external attacks. In every Bond film there is always an insider guy.
The Insider guy in 1995’s James Bond film GoldenEye. Alec Trevelyan (006), aka Janus.
But whether an attack is malicious or accidental, internal security breaches are regular occurrences. Which us why User Behavior Analytics is crucial to understand the actions within a team, and to highlight and stop unusual activity before the damage is done.
Another element that is important to recognize with regards to internal threats, is that many employees/insiders are completely unaware that they are a threat in the first place. Take, for instance, an employee working remotely. This employee may be sat at a local café where they decide to work on a company device. If this device was unknowingly hacked while using a different Wi-Fi, the user may be completely unaware that they are spreading malicious malware via their device throughout the company.
Ransomware
Say a crime group has gained access to personal accounts. The next logical step is to blackmail the victim/organization via ransomware. Unfortunately, as a public security breach would cause mass panic and many potential lawsuits, banks will often pay off cyber criminals into an anonymous cryptocurrency account, rather than lose client data. Crime groups know this.
Sometimes victims speak out, but this does not always end well.
Take Travelex, the currency exchange company, for instance. Following an attack by a Sodinokibi ransomware in January, $6 million usd was demanded in exchange for 5GB of personal data. Since the attack, Travelex has fallen into administration, with PwC saying that the ‘foreign exchange firm was acutely impacted by COVID and the recent cyber-attack.’
For financial organisations, ransomware can and will destroy a whole business. And, if they lock you out of an account, you are finished.
App Developments
Apps surrounding investment and finance have grown substantially in 2020. This, in part, is a good thing, as the ability to invest online is quick and easy, and accessible to all. But due to the demand, many of these apps were developed quickly and are underprepared for cyber-attacks.
For instance, many do not provide two-factor authentication, are not supported by the appropriate regulations, are not patched or maintained properly, and do not have contingency plans in place to mitigate the effects of a cyber-attack. As a result, personal information of app users is relatively easy to steal and sell. This can be done by creating duplicate fraudulent apps to trick the user. On these duplicate apps, the imagery and language of the genuine app is mirrored. And, once the personal information is supplied, both real and virtual money is then accessible. Thus, the circle of ransomware ensues.
COVID-19
Another element to take into consideration over the past two years and counting is, of course, COVID-19. According to an article by ComputerWeekly, ‘what has been referred to as an “unprecedented anomaly”, cyber criminals were and to some degree still are increasingly targeting the financial services sector during the Covid-19 coronavirus pandemic, with attacks on banks and other financial institutions spiking by 38% between February and March of 2020 to account for 52% of all attacks observed by VMware’s Carbon Black Cloud.’
COVID-19 has altered cyber security on a global scale and in every vertical.
Third-Party Risk
These days, few organisations work on their own. The majority use third parties, including vendors, partners, e-mail providers, service providers, web hosting, law firms, data management companies, subcontractors and so on. With regards to many of these, from IT systems to sensitive information shared with legal teams, these third parties could easily be a backdoor into your financial systems for attackers to infiltrate.
According to Ponemon Institute, ‘53% of organisations have experience one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.’ For a large organisation, this can be crippling. And can wipe out a small organisation in a matter of minutes.
To manage third parties, financial organisations must have the ability to detect threats, and the capability to respond to them. Which requires the right combination of people, processes, and technologies.
But half the battle is locating vulnerabilities in the first place. Which is why cyber resiliency needs to be sharp, and why investing in the best managed security services is essential. From Firewall Management, to Decoy Deception and Honeypots, it is important to know what services will support an organisation best. This will depend on factors including location, company size, current security measures and more.
Considerations
Cyber threats will continue to grow into 2023. That much is clear.
Financial organizations have either already tackled a cyber-attack, will tackle one in the very near future, or may be a target of one currently, but are simply unaware of the fact.
Effective security comes down to three key elements. Processes, people and technology. Processes must run seamlessly alongside the organisation. Security experts must have the capability to detect, react and understand the context of a risk. And the technology must be superior, to keep up with cyber threats. All elements are equally as important, and you must have all three to ensure security.
In times like these security measures are more crucial than ever. Especially for those within finance. So that our life savings are secure, the security of our loved ones is maintained, and the livelihoods of those employed within the financial world continues. Contact SecurityHQ for a free consultation to learn more. For the Silo, Eleanor Barlow.
As the 2022 school year comes to an end, the surge of summer travel plans begins. With an estimated60%of Canadians and Americans planning at least one trip over the next 3 months, hackers have roughly 200,000,000 projected tourists to prey on.
Lookout’s Cyber Security Expert, Hank Schless, shares how these cyber-attacks usually capitalize on travelers who are often overwhelmed or distracted when in unfamiliar environments, like airports and cafes.
>> Public Wifi Connections
“Although many airports offer free Wi-Fi connectivity, you should make sure that you join the official airport network and not a similar network that is configured to trick travelers into giving up their usernames and passwords”
Attackers have been known to set up fake networks – with obvious but convincing names like ‘Starbucks_Guest_WiFi’.
Once you connect, they’ll gain access to sensitive information, including your login credentials, emails, and messages.
In order to protect yourself from wifi threats, alter your device’s settings so that it does not automatically connect to nearby networks, which the Lookout app does automatically.
>> Social Awareness & Juice Jacking
While on the go, travelers rely on power outlets and USB cords to keep their mobile device’s battery charged. Attackers can exploit USB chargers by loading malware onto them that infects your device the second you plug it in – Always be aware of your surroundings.
The “USB condom” works by physically disconnecting the data pins of a USB device and only allowing the power pins to make contact.
If someone approaches you and offers their USB charging cord, it is best to decline.
Always travel with your personal USB cords, and plug your charger directly into an electrical socket (vs USB port) if possible.
The easiest place for a scammer to steal or hack your phone is in crowded areas – so never leave your phone or device unattended and only let people you know “borrow” your devices.
>> SMS and Email Travel Updates
“It’s important to be on guard for travel-related email, text, and social media scams as well. Attackers may try to steal a traveler’s credentials through phishing campaigns that pretend to be an airline, credit card company, or TSA”
The Lookout App by Google is now available in Canada.
Here’s how it works: A scammer will send a message telling the recipient that their TSA PreCheck needs to be renewed, but the link in the renewal email leads to a fake site where hackers can accept payment and steal a victim’s personal information.
Although the TSA sends renewal reminder texts and emails, travelers should always go directly to the TSA website for information on their existing accounts.
For added protection, consumers can also download security – Security protection, like the Lookout app, will automatically monitor and identify scam URLs in email, text messages, and on the web and block you from threats that can do harm.
As people are looking for ways to unwind at home, the gaming industry has been one of the primary places people set their eyes on. Not only is it a way to entertain yourself for hours on end, but it is also a place for people to connect, which is otherwise hard to do during the pandemic.
According to data presented by the Atlas VPN team, 303,827 individuals’ devices were affected by gaming-related malware and unwanted software between July 1, 2020, and June 30, 2021. Mobile games are also a major threat for gamers.
As many as 50,644 users attempted to download 10,488 unique files disguised as the ten most-played mobile games, generating a total of 332,570 detections. Minecraft was by far the most popular game on both PC and mobile platforms for dangerous app distributors to hide behind. On PC, nearly 185 thousand users were affected with over 3 million malware and unwanted software detections.
On mobile, the number of victims exceeds 44 thousand for the period.
Unwanted software includes files like adware, spyware, and so on. There are various versions of Minecraft and a plethora of mods (modifications that may be placed on top of the basic game to diversify gameplay) may account for its enormous popularity. Because mods are unofficial and developed by users, they can be used to hide dangerous payloads or undesirable software.
Security tips for gamers
Protect your accounts with two-factor authentication (2-FA) whenever possible.
Use strong passwords for your accounts, with a different one for each. That way, even if one of your accounts is compromised, the remainder will remain unaffected.
Downloading games from official retailers such as Steam, Apple App Store, Google Play, or Amazon Appstore is safer. These marketplaces aren’t completely safe, but they are at least examined by store staff, and there is some sort of screening procedure in place: not every app is allowed into these stores.
If you want to buy a game that isn’t accessible in major stores, you should do it through the official website. Make sure to double-check the website’s URL to avoid impostor sites.
Be cautious of phishing campaigns and unfamiliar players. If you are unsure about the sender, do not open links you receive via email or in a gaming chat. Do not open files sent to you by strangers.
Another one of the most well-known game titles worldwide, The Sims 4, was the second most often used title to distribute unwanted files. Over 43 thousand users were impacted, with detections closing in on 1.3 million. For the Silo, Valentina Perez.
