Tuesday, December 4, 2018

Marriott hotels hacked, credit card details and data of 500 million guests stolen: All you need to know

Hackers have stolen data of nearly 500 million guests who stayed at Marriott group hotels. This data includes in some cases credit card details, addresses and passport scans that people submitted to Marriott.

ADVERTISEMENT
JW Marriott

HIGHLIGHTS

  • The attack had been taking place since 2014 on Marriott's Starwood reservation system and has affected nearly 500 million guests.
  • As of now, according to a research by the cybersecurity firm Recorded Future, the stolen data from Starwood's servers have not been spotted anywhere on the dark web.
  • Guests can head over to a dedicated website that Marriott has set on this matter or call up the group's customer care support.
If you have ever stayed a Marriott hotel or a hotel that the group operates, chances are that some of your data have been stolen by hackers. According to the hotel group, its servers and database were breached, probably multiple times, before September 10 this year. In the breach data of nearly 500 million guests have been stolen, and this data in many cases includes credit card information, passport scans, addresses, phone numbers and email IDs.
On November 30, the Marriott announced that their entire chain of hotels was affected by the massive cybersecurity breach. The attack had been taking place since 2014 on Marriott's Starwood reservation system and has affected nearly 500 million guests. The group was unaware of the ongoing attack for the last four years. It found the data breach only in September this year when one of the security measures in its server alerted IT staff of an unauthorised access to the database. The hotel group has acknowledged the mistakes on its part and is trying multiple ways to ensure the stolen data isn't misused anywhere.
As of now, according to a research by the cybersecurity firm Recorded Future, the stolen data from Starwood's servers have not been spotted anywhere on the dark web - a place where hackers and cybercriminals sell data illegally in lieu of monetary benefits. Therefore, this suggests the hackers were not looking to sell the data to anyone.
Source: https://www.indiatoday.in/technology/features/story/marriott-hotels-hacked-credit-card-details-and-data-of-500-million-guests-stolen-all-you-need-to-know-1400263-2018-12-01

Thursday, October 4, 2018

Police, AG targeted by Russian hacker

Report: Police, AG targeted by Russian hackers

Russian hackers’ activities were exposed following the seizure of laptops from four suspects briefly detained in the Netherlands. — Reuters pic
Russian hackers’ activities were exposed following the seizure of laptops from four suspects briefly detained in the Netherlands. — Reuters pic
KUALA LUMPUR, Oct 5 — A global investigation into Russian state-sponsored cyber espionage revealed that the Attorney General’s Chambers (AGC) and Royal Malaysia Police were also targeted by the hackers.
According to a report by British state broadcaster BBC, the motive for the cyber attacks on Malaysian authorities was over the multinational investigation into Russia’s role in the downing of Malaysia Airlines Flight MH17.

Russian hackers’ activities were exposed following the seizure of laptops from four suspects briefly detained in the Netherlands, from which investigators discovered their use in four global locations including Malaysia.
From one confiscated machine, investigators extracted information that one Dutch official said contained details of a cyber-operation based here that targeted the AGC and PDRM.
The report did not reveal the nature of the cyber-attacks or whether these were successful.
Russia stands accused of various espionage schemes, both in cyberspace and in the real world, that includes attempts to mask the extent of its involvement in the missile launch that brought down the Malaysian plane in 2014.

The BBC report also said countries worldwide including the US, the UK, Canada, and the Netherlands suspect that Moscow coordinated various espionage attacks that span election hacking, disrupting anti-doping probes, and an attack on an American nuclear power firm.
Suspicions of Russian state involvement were heightened as the four suspects carried Russian diplomatic passports, which prevented Dutch authorities from arresting them.
A US national security official told the media in Washington that the attacks were meant to discredit and delegitimize agencies investigating Russia over various matters.

Russia has denied all the claims, insisting that Western rivals were prejudiced in their view of the country.
“It’s unclear who is supposed to believe these statements accusing Russian citizens of attempting to mount cyber-attacks against the OPCW and trying to obtain data related to the Malaysian flight MH17, as if it is necessary to be near the target of your attack,” Moscow said in a statement.
“Any Russian citizen carrying a mobile device is seen as a spy.”
MH17 was shot down on July 17, 2014, while flying over eastern Ukraine as it was heading from Amsterdam to Kuala Lumpur. All 283 passengers and 15 crew members were killed.

The Joint Investigation Team headed by the Dutch Ministry of Justice, eventually indicated the plane may have been down by pro-Russian rebels fighting against the Ukrainian government, which Moscow has denied.

Tuesday, October 2, 2018

Almost 10,000 online incidents reported to CyberSecurity Malaysia each year

PUTRAJAYA: CyberSecurity Malaysia receives between 9,000 and 10,000 incident reports each year on various matters of contention happening in cyberspace.
Its chief executive officer Datuk Dr Amirudin Abdul Wahab said one of the reported incidents were data breaches, classified under the intrusion category.
"This category also includes hacking. For data breaches, we are seeing a rising trend (over the last few years). In 2015, we received seven data breach reported incidents and six cases last year.
"This year until September, however, we have seen a four-fold increase with 22 reported incidents on data breaches (alone).
"It shows now that data breaches are a concern. Individuals as well as organisations would do well to adopt best practices," he said.
He was speaking to reporters after the signing of a memorandum of understanding between CyberSecurity Malaysia and Turkey's May Cyber Teknoloji.
The MoU identifies three areas of collaboration- research and development covering the areas of cyber security technical, tools, methods and processes; capacity building through competency training programmes as well as cyber security skills, and develop marketing strategies to promote cyber security.
Amirudin said data breaches are not a local phenomenon, noting that cyber threats, data breaches and cyber crime had been listed as the top three global risks last year.
For the past five to six years, he said, CyberSecurity has seen a growing number of cyber incidents with fraud topping the list followed by intrusion, malicious codes and cyber harassment.
As of October, the cyber security specialist agency has received 3,240 reported incidents on fraud; 1,781 on intrusion; 694 on malicious codes and 499 on cyber harassment.
"We have so far received 6,891 incident reports in total as of October this year," said Amirudin.
Meanwhile, chairman of the CyberSecurity Board of Directors, General Tan Sri Mohd Azumi Mohamed says the recent data leak involving data of 46.2 million Malaysian mobile phone customers is now a police case.
"As we are fully aware, the police are investigating (it). So let us leave it to the police," he said, declining to elaborate on the case.
It was reported recently that a data comprising mobile phone numbers, identification card numbers, home addresses, IMEI and SIM card data had been leaked.
The data breach was first reported last month by public online forum Lowyat.net, which said it had received information that someone was trying to sell huge databases of personal information.
The databases are also believed to contain private information of more than 80,000 individuals, leaked from records of the Malaysian Medical Council, the Malaysian Medical Association, and the Malaysian Dental Association, Lowyat.net reportedly said.
Amirudin said CyberSecurity is always ready to provide its technical support and expertise to any enforcement agencies, which it had done before.
"For example, if there is a (data) breach, they can report to our Cyber999 or call us at 1-300-88-2999," he said, adding that the statistics he gave earlier did not include the data leak incident of more than 40 million telco customers.

Report: Malaysia's cybersecurity is third best globally

PETALING JAYA: Malaysia is ranked third among 193 countries in terms of its commitment to cybersecurity, according to the Global Cybersecurity Index (GCI) 2017.
According to the report released on Thursday, Malaysia achieved a score of 0.89, behind Singapore and the United States.
The report cited Malaysia's creation of the Information Security Certification Body, a department in Cybersecurity Malaysia, as one of the reasons behind its excellent commitment in ensuring a safe cyberspace.
According to Cybersecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab, this is the second time the International Telecommunication Union has conducted such a study.
"The previous one was done in 2014 and produced in early 2015, where Malaysia also ranked third globally.
"Malaysia has maintained its ranking for two consecutive reports," said Dr Amirudin in a WhatsApp reply to The Star.
Countries in the top 10 include Oman, Estonia, Mauritius, Australia, Georgia, France and Canada.
The GCI is a survey that measures the commitment of 193 member states to cybersecurity.
It assesses a country based on five pillars, namely legal, technical, organisational, capacity building, and cooperation.
Launched in 2014, the GCI aims to foster a global culture of cybersecurity.
According to the report, nearly 1% of all emails sent in 2016 were malicious attacks.
Ransomware attackers are demanding more from victims, with the average rising to US$1,000 (RM4,305) from just US$300 (RM1,291) a year before.
In May, the ransomware WannaCry wreaked havoc across 150 countries, causing disruption to companies and even hospitals.
Just a few weeks later in June, another ransomware called NoPetra broke out in Europe, crippling thousands of machines.
The report called for greater cooperation around the world to fend off and prevent such attacks.
The top ten countries are:
1. Singapore (GCI score of 0.92)
2. United States (0.91)
3. Malaysia (0.89)
4. Oman (0.87)
5. Estonia (0.84)
6. Mauritius (0.82)
7. Australia (0.82)
8. Georgia (0.81)
9. France (0.81)
10. Canada (0.81)

Read more at https://www.thestar.com.my/news/nation/2017/07/06/malaysia-rank-high-cybersecurity-commitment/#pxfkCgFJPApU2vVa.99

Countries with the highest commitment to cyber security based on the Global Cybersecurity Index (GCI) as of September 2016

This statistic presents a ranking of the countries with the highest commitment to cyber security based on the Global Cybersecurity Index (GCI) as of September 2016. During the measured period, Singapore ranked first with a GCI score of 0.92. The United States were ranked second with a GCI score of 0.91 index points.


GCI ScoreLegalTechnicalOrganizationalCapacity BuildingCooperation
Singapore0.920.950.960.880.970.87
United States0.9110.960.9210.73
Malaysia0.890.870.960.7710.87
Oman0.870.980.820.850.950.75
Estonia0.840.990.820.850.940.64
Mauritius0.820.850.960.740.910.7
Australia0.820.940.960.860.940.44
Georgia0.810.910.770.820.90.7
France0.810.940.960.610.61
Canada0.810.940.930.710.820.7

SLED / FED Virtual Cybersecurity Summit - CISO MAG

SLED / FED Virtual Cybersecurity Summit  CISO MAG http://dlvr.it/TB1n1g