This Week in Cybercrime: Three Denial of Service Attacks, Kaspersky Calls for Help

-Today, there are reports that the web site of Russia Today is being hit by a denial of service attack. Exactly who is behind the attack and what their motive might be is unclear at this time, but speculation is that it may be connected to the Pussy Riot punk band conviction.

-On Wednesday, Reuters admitted that its blogging platform had been hacked again, and that another false story had been posted, this time claiming Saudi Arabia's Foreign Minister Prince Saud al-Faisal had died.

-In addition on Wednesday, word started to filter out that AT&T was being hit by a denial of service attack. AT&T admitted yesterday that the attack attempted “to flood our Domain Name System servers in two locations”, and that corporate customers had been affected, apparently some for at least eight hours.

-On Tuesday, the Financial Times reported that Wikileaks’ web site was back up after being down for 9 days because of a sustained denial of service attack. A Wikileaks spokesperson suspected it “was the work of a large organization,” although the person would not single out who it might be, such as the U.S. government with which it has been at odds with (wink, wink).

-Also on Tuesday, security researchers at Kaspersky Lab put out a call for help in deciphering how a new computer Trojan works. Kaspersky discovered the Trojan last week and dubbed it "Gauss", and tied its parentage to both Stuxnet and Flame. The purpose of Gauss seems to be to spy on financial transactions that take place mainly in Lebanese financial institutions.

A blog post at Kaspersky states:

“Despite our best efforts, we were unable to break the encryption. So today we are presenting all the available information about the payload in the hope that someone can find a solution and unlock its secrets. We are asking anyone interested in cryptology and mathematics to join us in solving the mystery and extracting the hidden payload.”

-A couple of interesting cyber security stories hit the news this week. On Monday, the Boston Globe reported on a survey recently conducted by computer security company CounterTack of 100 information security executives at companies with revenues greater than $100 million. The survey found that half of the executives admitted to computer network attacks in the past year, and that over a third did not believe that their organizations could stop future attacks. Being able to beat off advanced persistent attacks was a major worry of over 80% of those surveyed, with nearly half saying that they did not have the resources to keep such attacks at bay.

Making the CounterTack results a bit more worrisome was a survey report of nearly 10,000 executives in 138 countries released on Wednesday by consulting firm PricewaterhouseCoopers which indicated that despite the increase in IT security incidents and costs over the past few years, that only 39 percent of the executives said they reviewed their privacy policies annually, compared to 52 percent in 2009. As Jason Pett, head of PwC's U.S. internal audit services, remarked in a bit of understatement in a press release announcing the report, “No matter how strong a company’s data security policies and controls are, a company won’t really know the adequacy of its defense if it doesn’t continually verify that those defenses are sound, uncompromised and applied in a consistent manner.”

-There were also two off-beat cyber security stories this week as well. The first involved a 73-year-old Wisconsin woman who discovered that someone had been illegally taking out loans in her name for nearly a decade. She discovered this after she applied for a free credit report which was turned down because the credit monitoring service said that she had the incorrect address on her application. The woman only had applied for the credit report because she was one of the 100,000 plus individuals who had their Social Security and tax id numbers inadvertently posted on the Wisconsin Department of Revenue web site for three months this year; the state offered a year of free credit monitoring to those affected. So without the data breach, she may not have ever known her identity had been stolen.

The other story appeared in the Washington Post and claimed that motorists involved in traffic accidents should be wary of providing “too much” information to the other driver because it may lead to your identity being stolen. The story claims that the National Association of Insurance Commissioners (NAIC) is recommending that drivers in accidents “don’t share personal information, such as your driver’s license number, home address or even your telephone number.”  A NAIC official quoted in the story implies that ID theft is occurring as a result of staged vehicle accidents.

However, at least here in Virginia, the state Department of Motor Vehicles says that in case of an accident you need to get the driver’s name, address and contact details, including the driver’s license number, the license plate number of the vehicles involved, along with auto insurance information for the motorists involved.

The Post article is the first I have read about this being a potential source of ID theft. Anyone else read about ID theft being traced to a car accident, staged or not? And how real do you think the threat is?

Advertisement

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 
Advertisement