Connect with us

Featured

Data kidnapping erupts

Published

on

A recent report has revealed that hackers are obtaining compromising material and then holding it hostage until their demands are met. IHAB MOAWAD sheds some light on this new tactic that many are calling “sextortion.”|A recent report has revealed that hackers are obtaining compromising material and then holding it hostage until their demands are met. IHAB MOAWAD sheds some light on this new tactic that many are calling “sextortion.”

In April Trend Micro released a research paper about sextortion: the means through which cybercriminals obtain compromising personal images or videos of Internet users – which they then hold hostage until their demands have been met. Fast forward to July and we have seen the hack of controversial adultery/dating site, Ashley Madison. Cybercriminals wreaked havoc as they threatened to slowly leak the data of the adulterers using the site, until it and its companion site, “Established Men”, shut down.

An article on time.com calls this tactic “hacking 2.0”, stating that this new hacking method is not about the data, but the context. Making money from stolen data, like credit cards, is a lot of work and cybercriminals have latched onto the fact that they have a larger pay cheque to gain from those that stand to lose more than just money. Hence, a hack like Ashley Madison’s that could – and has – destroyed reputations and families is a gold mine for the team responsible for the hack (The Impact Team).

Now, moral opinions about Ashley Madison aside, I’m sure that no one appreciates any of their personal information being kidnapped and held for ransom. But cybercriminals are cunning and they know that if they keep the sums low enough, people that stand to lose more than money would rather pay up. In this case, the Ashley Madison hackers offered users the ultimatum of paying $19 to have all their information wiped off the site or having it leaked. But there is of course, no guarantee that you can trust a cybercriminal.

How does data kidnapping affect my business?

According to time.com, there is a new reality that’s making matters worse for corporate security teams and it’s that in recent years, there has been heavy investment in protecting financial data – spending money to fortify the most valuable data. So while credit cards may be protected, email servers may have been left in the lurch, but this will slowly change as personal data of different contexts becomes a bargaining chip for cybercriminals.

Ashley Madison is just one example of an enterprise that has been targeted in this manner. Another example is the malware Cryptolocker which forced victims to pay a sum to unscramble their data and subsequently made $27 million in just the first two months from small home owners and businesses. And then there was the Sony hack in December 2014, in which cybercriminals stole corporate emails and embarrassed the company. In hacking 2.0 cybercriminals don’t need to steal your money, all they need is any data that is valuable to you.

This means that executives should be working tirelessly to do an honest assessment about what their enterprise’s valuable data really is.  Then wise investments need to be made in protecting data that might seem inconsequential if stolen in one context, but a disaster if stolen in another. The bottom line? Every company will now have to plan for ransom and extortion scenarios.

So what now?

In addition to a stealthy security policy, companies now need a data kidnapping and extortion policy in order to properly protect themselves. This is on top of robust business security solutions. Employees, and in turn the business, for example, could benefit from having Trend Micro Security 10 on the mobile devices of employees. Trend Micro Security 10 is a recently launched security and privacy tool that’s fully compatible with Windows 10.

The new version’s security features are simple-to-use, yet provide state-of-the-art protection for employees’ data, delivered with optimal performance. This allows users to securely connect and engage safely online – on the company network – while protected from today’s evolving threat environment. The software will feature protection from exposing private information or becoming susceptible to data-theft and other malicious online threats on both personal and business devices.

Trend Micro Deep Discovery is also an option for business as is detects, analyses and responds to today’s stealthy targeted attacks in real time and then Deep Security delivers automated and highly scalable cloud security. But really, what you should do is speak to a Trend Micro professional about a customised security solution for all your business’s security needs. As is the case with any form of cybercrime, prevention is better than cure, and you don’t want to wait until you’ve had data kidnapped to react to hacking 2.0.

* Ihab Moawad, Vice President MMEA and CIS at Trend Micro

Featured

Samsung unleashes the beast

Published

on

Most new smartphone releases of the past few years have been like cat-and-mouse games with consumers and each other. It has been as if morsels of cheese are thrown into the box to make it more interesting: a little extra camera here, a little more battery there, and incremental changes to size, speed (more) and weight (less). Each change moves the needle of innovation ever-so-slightly. Until we find ourselves, a few years later, with a handset that is revolutionary compared to six years ago, but an anti-climax relative to six months before.

And then came Samsung. Probably stung by the “incremental improvement” phrase that has become almost a cliché about new Galaxy devices, the Korean giant chose to unleash a beast last week.

The new Galaxy Note 9 is not only the biggest smartphone Samsung has ever released, but one of the biggest flagship handsets that can still be called a phone. With a 6.4” display, it suddenly competes with mini-tablets and gaming consoles, among other devices that had previously faced little contest from handsets.

It offers almost ever cutting edge introduced to the Galaxy S9 and S9+ smartphones earlier this year, including the market-leading f1.5 aperture lens, and an f2.4. telephoto lens, each weighing in at 12 Megapixels. The front lens is equally impressive, with an f1.7 aperture – first introduced on the Note 8 as the widest yet on a selfie camera.

So far, so S9. However, the Note range has always been set apart by its S Pen stylus, and each edition has added new features. Born as a mere pen that writes on screens, it evolved through the likes of pressure sensitivity, allowing for artistic expression, and cut-and-paste text with translation-on-the-fly.

(Click here or below to read more about the Samsung Galaxy S Pen stylus) Samsung Galaxy S9 Features)

Previous Page1 of 3

Continue Reading

Featured

SA ride permit system ‘broken’

Despite the amendments to the National Land Transport Act, ALON LITS, General Manager, Uber in Sub Saharan Africa, believes that many premature given that the necessary, well-functioning systems and processes are not yet in place to make these regulatory changes viable.

Published

on

The spirit and intention of the amendments to the National Land Transport Act No 5  (NLTA), 2009 put forward by the Ministry of Transport are to be commended. It is especially pleasing that these amendments include ridesharing and e-hailing operators and drivers as legitimate participants in the country’s public transport system, which point to government’s willingness to embrace the changes and innovation taking place in the country’s transport industry.

However, there are aspects of the proposed amendments that are, at best, premature given that the necessary, well-functioning systems and processes are not yet in place to make these regulatory changes viable.

Of particular concern are the significant financial penalties that will need to be paid by ridesharing and e-hailing companies whose independent operators are found to be transporting passengers without a legal permit issued by the relevant local authority. These fines can be as high as R100 000 per driver operating without a permit. Apart from being an excessive penalty it is grossly unfair given that a large number of local authorities don’t yet have functioning permit issuing systems and processes in place.

The truth is that the operating permit issuance system in South Africa is effectively broken. The application and issuance processes for operating licenses are fundamentally flawed and subject to extensive delays, sometimes over a year in length.  This situation is exacerbated by the fact that it is very difficult for applicants whose permit applications haven’t yet been approved to get reasons for the extensive delays on the issuing of those permits.

Uber has had extensive first-hand experience with the frustratingly slow process of applying for these permits, with drivers often having to wait months and, in some cases more than a year, for their permits.

Sadly, there appears to be no sense of urgency amongst local authorities to prioritise fixing the flawed permit issuing systems and processes or address the large, and growing, backlogs of permit applications. As such, in order for the proposed stringent permit enforcement rules to be effective and fair to all role players, the long-standing issues around permit issuance first need to be addressed. At the very least, before the proposed legislation amendments are implemented, the National Transport Ministry needs to address the following issues:

  1. Efficient processes and systems must be put in place in all local authorities to allow drivers to easily apply for the operating permits they require
  2. Service level agreements need to be put in place with local authorities whereby they are required to assess applications and issue permits within the prescribed 60-day period.
  3. Local authorities need to be given deadlines by which their current permit application backlogs must be addressed to allow for faster processing of new applications once the amendments are promulgated.

If the Transport Ministry implements the proposed legislation amendments before ensuring that these permit issuance challenges are addressed, many drivers will be faced with the difficult choice of either having to operate illegally whilst awaiting their approved permits and risking significant fines and/or arrest, or stopping operations until they receive their permits, thereby losing what is, for many of them, their only source of income.

As such, if the Ministry of Transport is not able to address these particular challenges, it is only reasonable to ask it to reconsider this amendment and delay its implementation until the necessary infrastructure is in place to ensure it does not impact negatively on the country’s transport industry. The legislators must have been aware of the challenges of passing such a significant law, as the Amendment Bill allows for the Minister to use his discretion to delay implementation of provisions for up to 5 years.

Fair trade and healthy competition are the cornerstones of any effective and growing economy. However, these clauses (Section 66 (7) and Section 66A) of the NLTA amendment, as well as the proposal that regulators be given authority to define the geographic locations or zones in which vehicles may operate, are contrary to the spirit of both. As a good corporate citizen, Uber is committed to supplementing and enhancing South Africa’s national transport system and contributing positively to the industry. If passed into law without the revisions suggested above, these new amendments will limit our business and many others from playing the supportive roles we all can, and should, in growing the SA transport and tourism industries as well as many other key economic sectors.

What’s more, if passed as they currently stand, the amendments will effectively limit South African consumers from having full access to the range of convenient transport options they deserve; which has the potential to harm the reputation and credibility of the entire transport industry.

Continue Reading

Trending

Copyright © 2018 World Wide Worx