The week in security: Data retention looms, Superfish gutted

Are your staff suitably trained to detect and ignore phishing spam? If not, you may want to revisit your policies: in the latest security embarrassment, banks in 30 countries have been systematically deprived of more than $US1 billion by cybercriminals due to what many are attributing to poor staff training around the handling of malware threats. Indeed, despite billions spent on security tools one study found that researchers were able to garner sensitive information in 88 percent of attempts just by using their eyes.

Companies offering bank-security tools may see a boost, and the fight for improved banking security may also be helped along as Microsoft strengthens support for biometric authentication in Windows 10 and proclaims the technology to be the future of its security architecture.

The Coalition government's push for data-retention legislation was coming to a head, with concerns that the government doesn't even know what it is legislating. It had better tread carefully, if a Dutch precedent is any indication: that country's privacy watchdog ruled that a revised proposal for data retention was not enough to make it compliant with its privacy laws. And Google, for its part, was concerned that the US government could use an amended warrant rule to be able to search computers overseas.

Lenovo was already working along that front, with reports that the computer maker was bundling an adware program called Superfish that presented significant security risks by hijacking HTTPS traffic. An explosion of concern led the company to back away from Superfish, with how-tos proliferating about how to remove the insidious spyware and Lenovo admitting that it “messed up badly” by installing the security-compromising tool. Meanwhile, another report suggested that 2 in every 1000 employee smartphones was infected with 'child-monitoring' spyware

The new ANZ head of Dell SecureWorks sees big opportunities ahead as organisations increasingly turn to managed security services providers to keep up with the growing security threat. Many of those will support growing use of cloud services, which got a boost as Google offered cloud security scanning for customer apps and Microsoft's Azure and Office 365 got the tick for a new cloud privacy standard.

Such compliance will be increasingly important as the threat level continues to increase: there were 1500 data breaches globally last year, according to one reckoning. A group of 'cyberespionage' perpetrators have, for example, used NSA-style techniques to attack online targets in Iran and Russia and set their sights on Macs as well as Windows PCs.

Speaking of the NSA, there were reports that snooping malware designed by that agency to intentionally infect hard drives and SSDs is completely undetectable by security tools. Along similar lines, a hacking group's ability to reprogram a hard drive's firmware had some concerned that you can't even trust your storage these days. Even regular security tools were in the firing line with reports that they are taking too long to detect new malware.

Also straight from the cyberespionage files was the discovery of a 'superworm' called Fanny that was likely the precursor to the insidious Stuxnet industrial espionage malware. There was also more evidence tying North Korea to last year's hack of Sony Pictures.

Yet infiltrating corporate networks is far from the only way that online nasties are perpetrating their work: some scammers are, according to reports, trawling obituary notices to acquire new victims. Others, as in the case of an Arab-speaking hacker group targeting Israeli institutions, are using pornographic videos to lure their prey.

Companies considering blocking Wi-Fi signals must tread carefully despite the availability of increasingly easy-to-use Wi-Fi blockers. Such issues are symptomatic of the increased scrutiny of device security: a flaw in Netgear wireless routers, for example, was said to expose them to attacks, leading many to consider how to protect their routers from malware. Others were concerned that a setup mistake had left hundreds of thousands of private home routers running SSH instances with identical private and public keys.

Cisco Systems reported that its firewall appliance is under attack from hackers, while Samsung's TVs were also proving problematic, with revelations that Samsung TVs don't encrypt the voice data they collect despite claims that they do encrypt users' personal information.

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @LeviathanSec

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)