By Roger Bambino for Tech JaJa

Dr. Bright Gameli Mawudor heads the Cyber Security Service Team at Internet Solutions. He recently bumped into some MultiChoice credentials on the open Internet as he was giving a live demo at a conference.

Dr Gameli is also the co-founder of AfricaHackOn and was giving a speech at a recent MyBroadband CyberSec Conference, where he revealed that the DStv hack was more less accidental and uncovered a text file full of MultiChoice credentials on a misconfigured web server in the middle of a live demo.

He told MyBroadband that he was demonstrating a technique known as Google Dorking. This involves using Google’s highly technical search operators to find information people didn’t imagine would be found on the open Internet. To put this in context, many people put a lot of information on the internet including ripped media series for download on Internet-connected servers, which Google eventually crawls and indexes.

As he was trying to demonstrate how easy it was to find credentials for streaming services like Netflix and Hulu with a Google search, Mawudor thought he could do the same for DStv.

“Nobody knew what happened, I took it off quickly. I didn’t want anybody to see. Later I went to analyse the details,” Mawudor said.

Being an ethical hacker, Mawudor chose not to misuse the information he found as it would have done tremendous amount of damage to DStv’s business.

“I would have been able to use those credentials to log into the monitoring of live [sports] matches that were going on, [or] into the VPN and into the internal network,” he said.

He would have used this data to shut down systems, or changed live broadcasts if he so wished. While advising companies in regards to security Mawudor said:

“Organisations need to go beyond occasional penetration testing and do vulnerability management — frequently doing an assessment of all your systems, networks, and appliances to make sure they always screened for the latest vulnerabilities.”

Source: Mapletronics

In a time when billions of login credentials are floating around the internet, Google’s new Chrome extension aims to help.

Google’s new extension (currently only available for Chrome) will alert you if one of your username/password combinations is known to already be ‘out in the wild’, according to the company’s blog post.

The extension called Password Checkup, works in the background whenever enter your login details on a site. It compares the data against a large database with nearly four billion credentials that are known to be compromised over the years. If Password Checkup finds a match a red alert box appears and gives you a suggestion to change your password.

Google worked closely with cryptography experts at Stanford University to ensure that your credentials are not compromised while using Password Checkup. In its security blog, Google highlighted that Password Checkup scrambles all credentials with hashing and encryption as protection. Google also assures users that their login details are never seen by the company itself, either.

Don’t have Chrome? There are several other services available for free on the internet that can check to see if your credentials or other personal details have been compromised in a growing number of breaches. Check out Have I Been Pawned, Identity Leak Checker, or Firefox Monitor.

FNB backtracks on password decision

FNB recently announced a new online banking policy which prevented users from saving their passwords to their browsers.

However, the bank received a backlash from techsavvy users, who pointed out that using software to bypass this feature would create more vulnerability.

FNB head of digital banking Giuseppe Virgillito told MyBroadband that the bank had taken note of social media feedback.

“FNB recognises the valuable feedback from our customers regarding the measures to prevent auto-filling of banking passwords,” Virgillito said.

“We have found that a number of our customers save their banking passwords to their browsers. This places customers with stolen or unattended devices at considerable risk.

“As a consequence, we strongly discourage customers from storing their banking passwords in their browsers.

“The use of this type of software for your banking is strongly discouraged as it places the user at a high risk of introducing malicious software onto their device.

“Alternatively, it also places users at an increased risk of phishing. As a consequence, hereof, we have decided to revisit the decision to prevent auto-filling of passwords at this time,” Virgillito said.

FNB users should now be able to log in to their online banking as normal, using password managers or auto-fill passwords.

IT managers inundated with cyberattacks

A recent Sophos survey has found that IT managers are struggling to cope with the volume and magnitude of cyberattacks.

The following key findings relate to South Africa:

  • Cybercriminal tactics have evolved into using multiple attack methods and often multiple payloads to maximize profits
  • Software exploits were the initial cause of 17percent of incidents and used in 23 percent of cyberattacks, demonstrating how exploits are used at multiple stages of the attack chain
  • Phishing emails impacted 47 percent of those hit by a cyberattack
  • Ransomware impacted 38percent of attack victims
  • 39 percent of attack victims suffered a data breach
  • Only 16 percent consider supply chain a top security risk, exposing an additional weak spot
  • Nation state adversaries have proven how successful supply chain attacks are, which means common cybercriminals are likely to adopt the attack method
  • Supply chain attacks are a launch pad to emerging automated, active-adversary attacks
  • IT teams spend 27 percent of their time managing security, yet still struggle with a lack of expertise, budget and up to date technology
  • 74 percent said recruiting people with the cybersecurity skills they need is challenge
  • 65 percent said their organization’s cybersecurity budget is below what it needs to be
  • 73 percent believe that staying up to date with cybersecurity technology is a challenge

Ghost employees could cost you your business

The occurrence of ghost employees on a company’s payroll system ranks as the most difficult type of payroll fraud to detect, particularly in larger companies where no proper controls exist. Over time, this can pose a serious threat to the organisation’s profitability and sustainability, declares CRS Technologies general manager Ian McAlister.

“A ghost employee is a fictitious person on the company payroll who does not actually work for the organisation,” he explains. “It could be someone who left the company or passed away, or even a fictitious person with a fake ID number but valid bank account into which a salary is paid each month. The holder of the bank account is usually the perpetrator of the ghost employee fraud.

“Another example is when a real employee appears twice on the payroll. This is done by using a different ID number to create a clone of someone. The employee’s salary is then split between the two identities but only one identity receives a tax certificate, enabling the perpetrator to declare less than what he/she actually earns to the tax collecting authority.”

It goes without saying that failure to detect ghost employees can result in considerable financial loss over time. Consequently, McAlister says companies should seriously consider implementing a robust automated payroll solution that will reduce opportunities for creating ghost employees.

“The payroll solution should feature ID number verification so that if someone tries to enter a ghost employee on the system, it will immediately reject the ID number as invalid. The CRS solution, for example, incorporates ID numbers which are attached to each employee. Each number is unique and cannot be duplicated. This means that an employee cannot appear twice on the same system.”

Audit and risk management policies that facilitate the development of controls to aid in the prevention and detection of any type of payroll fraud are also extremely important, McAlister continues. He recommends carrying out audits at least once a quarter to ensure that the number of employees on the payroll actually exist and equal the number of people employed.

“Perform frequent spot audits to check that employees’ earnings, allowances and other remuneration additions are correct and in accordance with their employment contracts. Any changes to an employee’s earnings must be approved by a senior manager and not the payroll administrator. If possible, a multiple-party approval process should be followed to mitigate collusion. It is also advisable to run comparison reports between various payroll periods. Any variance of more than a predefined percentage occurs should raise a red flag.”

McAlister points out that ghost employee fraud does not have to be perpetrated by the person who controls the entire payroll system. “Mostly it is done by the individual who authorises payroll payments or controls the addition or deletion of employees from the system. Once the ghost is created, payments are generated to the ghost without the need for additional action or review by the payroll team. All the perpetrator has to do is sit back and collect the payments.

“This being said, an indication that some type of payroll fraud is being committed could be when the payroll manager or administrator always arrives early and leaves late, and never goes on holiday or takes sick leave. Being away from the office will force them to give their work over to someone else, who may discover their crime.”

For businesses that cannot afford the luxury of an internal audit department, McAlister recommends entrusting their payroll to a third-party professional. “CRS’s outsourced payroll services includes multiple levels of accountability where different people manage different payroll duties. Fraudulent activity is further prevented by rigorous internal controls.”

“Payroll is often a business’s biggest expense. Organisations need to understand the potential devastation ghost employees and other types of payroll fraud can cause and take the necessary steps to safeguard against it,” McAlister concludes.

First National Bank (FNB) has announced that users will no longer be able to save their online banking passwords in their browsers.

Going forward, whenever a user wants to log into their account they will have to do so manually.

This forces users to keep their banking passwords secure.

“All stored passwords on your device can be viewed during a malware attack. Passwords can be easily accessed on your unattended/unlocked/stolen device,” FNB stated in a MyBroadband article.

FNB advises that users do the following to keep their passwords safe:

  • Do not share login details with anyone
  • Always use a different password for different websites. Avoid using the same one over and over
  • Report any fraudulent activity immediately to the FNB Fraud Centre: 087 575 9444
  • This change may interfere with various third-party password lockers such as LastPass

By Kaye Wiggins for Bloomberg / Fin24 

Barclays, Citigroup, HSBC, JPMorgan and three other banks are set to be fined by EU antitrust regulators in coming weeks for rigging the multi-trillion dollar foreign exchange market, two people familiar with the matter said.

JPMorgan Chase & Co. and UBS Group AG are among five banks being sued over allegations of foreign-exchange rigging in a class-action lawsuit seeking more than £1bn ($1.2bn or just over R17bn).

Barclays, Citigroup and Royal Bank of Scotland Group are also among the targets of the United Kingdom suit that will say pension funds, asset managers, hedge funds and corporations lost out because of market manipulation between 2007 and 2013 and should be compensated.

The lawsuit centers on collusion on foreign-exchange trading strategies, for which the European Commission fined Barclays, RBS, Citigroup, JPMorgan and Mitsubishi UFJ Financial Group, a total of €1.07bn in May. UBS escaped a fine because it was the first to tell regulators about the collusion.

JPMorgan and UBS declined to comment. The other banks didn’t immediately reply to calls or emails seeking comment.

Traders ran two cartels on online chatrooms, the European regulator said. Many of them knew each other, calling one chatroom “Essex Express n’ the Jimmy” because all of the traders but one met on a commuter train from Essex to London. Other names for rooms were the “Three Way Banana Split” and “Semi Grumpy Old Men.”

It’s the latest development in a case that’s already triggered regulatory probes around the world, and billions of dollars in fines as well as $2.3bn (R32.69) in settlements in the United States last year.

“The message is really clear – we want markets to work fairly,” said Michael O’Higgins, a pension fund chair who’s spearheading the UK suit. “People involved in markets will argue the case for free markets. They’ve got to make sure they’re fair as well as free.”

The case will be filed in the Competition Appeal Tribunal in London by Scott+Scott Europe, whose US arm Scott+Scott Attorneys at Law led the class action that ended with $2.3bn in settlements.

O’Higgins, who chairs the Local Pensions Partnership, a UK public sector pension fund, and the Channel Islands Competition & Regulatory Authorities, said that on a conservative estimate the banks may have to pay out £1bn (R17.5bn) if he wins.

The lawsuit could take three to five years, he said, and thousands of institutional investors could be in line for payouts if it succeeds.

It’s one of the first cases to be brought under 2015 UK legislation that paves the way for US-style collective actions. The Consumer Rights Act rules mean any UK based investors who lost out will automatically become part of the claim. Investors based outside of the UK – except those in the US, Canada and Australia – can opt in.

City Power hit by virus

Johannesburg residents using pre-paid electricity have been left in the dark after a computer virus hit City Power, rendering users unable to purchase electricity.

The utility’s spokesperson, Isaac Mangena, was cited on News24 as saying “the virus had attacked its database and other software, impacting on most of its applications and networks”.

This resulted in City Power customers being unable to upload pre-paid electricity to their meter boxes.

The City Power website is also affected by the virus.

Mangena also stated that City Power hoped to have resolved the problem by midday on Thursday.

By Warwick Ashford for Computer Weekly

The cost of a data breach has risen 12% over the past five years to £3.2m on average globally, with a 10.56% increase in the UK in the past year alone to £2.99m on average, a study reveals.

In the UK, the average size of a data breach has increased 3.6% and the per capita cost per lost or stolen record is £119, which represents an increase of 9.69% from 2018 and has nearly doubled in the past ten years, according to the annual Cost of a data breach report conducted by the Ponemon Institute and sponsored by IBM Security.

The rising costs are representative of the multiyear financial impact of breaches, increased regulation and the complex process of resolving criminal attacks, the report said.

The report based on in-depth interviews with more than 500 companies around the world who suffered a breach over the past year, including 45 in the UK, and takes into account hundreds of cost factors including legal, regulatory and technical activities to loss of brand equity, customers, and employee productivity.

The study found that data breaches in the US are the most expensive, costing $8.19m (£6.6m), or more than double the average for worldwide companies in the study, and that the cost for data breaches in the US has increased by 130% over the past 14 years from $3.54m (£2.8m) in the 2006 study.

The financial consequences of a data breach, the report said, can be particularly acute for small and midsize businesses. Globally, companies with fewer than 500 employees suffered losses of more than £2m on average, which is a potentially crippling amount for small businesses, which typically earn £40.1m or less in annual revenue.

The report also examined the longtail financial impact of a data breach, finding that the effects of a data breach are felt for years. While an average of 67% of data breach costs were realised within the first year after a breach, 22% accrued in the second year and another 11% accumulated more than two years after a breach.

A co-ordinated global cyber attack could have an economic impact of up to $193bn, an insurance industry-backed report claims.

Most businesses are not applying common encryption tools effectively to contain the fallout and costs of data breaches, research shows.

Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds.

The longtail costs were higher in the second and third years for organisations in highly regulated environments, such as healthcare, financial services, energy and pharmaceuticals.

“Cyber crime represents big money for cyber criminals, and unfortunately that equates to significant losses for businesses,” said Wendi Whitmore, global lead for IBM X-Force Incident Response and Intelligence Services.

“With organisations facing the loss or theft of over 11.7 billion records in the past three years alone, companies need to be aware of the full financial impact that a data breach can have on their bottom line –and focus on how they can reduce these costs,” she said.

The report found that malicious breaches are the most common and most expensive, with 51% of data breaches in the study in the UK and globally resulting from malicious cyber attacks (up from 42% globally in the past six years) and costing companies £805,000 ($1m) more on average than those originating from accidental causes.

However, the report said inadvertent breaches from human error and system glitches were still the cause for nearly half (49%) of the data breaches in the report, costing companies £2.8m ($3.5m) and £2.6m ($3.24m) respectively.

These breaches from human and machine error represent an opportunity for improvement, the report said, which can be addressed through security awareness training for staff, technology investments, and testing services to identify accidental breaches early on.

One particular area of concern is the misconfiguration of cloud servers, which contributed to the exposure of 990 million records in 2018, representing 43% of all lost records for the year, according to the IBM X-Force Threat Intelligence Index.

“Mega breaches” the report said, typically lead to “mega losses”. While less common, breaches of more than one million records cost companies a projected £33.8m ($42m) in losses, and those of 50 million records are projected to cost companies £312m ($388m).

For the 9th year in a row, the study found that healthcare organisations had the highest cost of a breach of nearly £5.2m ($6.5m) on average, which is more than 60% greater than other industries in the study.

The report notes that the past 14 have shown that the speed and efficiency with which a company responds to a breach has a significant impact on the overall cost.

This year’s report found that the average lifecycle of a breach was 279 days, with companies taking 206 days to first identify a breach after it occurs, and an additional 73 days to contain the breach.

Incident response
The study shows that companies with an incident response team that also extensively tested their incident response plan experienced £990,000 ($1.23m) less in data breach costs on average than those that had neither measure in place. While companies that were able to detect and contain a breach in less than 200 days spent £965,000 ($1.2m) less on the total cost of a breach.

This appears to be an area that needs some attention in the UK, where the mean time to identify the data breach increased from 163 to 171 days from 2018 and the mean time to contain the data breach increased from 64 to 72 days.

Globally, the study found that companies that had fully deployed security automation technologies experienced around half the cost of a breach (£2.1m on average) compared with those that did not have these technologies deployed (£4.15m on average).

Extensive use of encryption was also a top cost saving factor, reducing the total cost of a breach by £289,000, the study shows.

Breaches originating from a third party – such as a partner or supplier – cost companies £297,000 more than average, the report said, emphasising the need for companies to closely vet the security of the companies they do business with, align security standards, and actively monitor third-party access.

The Shoprite Group is fighting crime by investing heavily in sophisticated security and other measures to make its shopping space secure, reduce the number of criminal incidents and increase the number of arrests.

This is in the wake of the retail industry experiencing significant crime incidents in which the Shoprite Group had to contend with 489 armed robberies and burglaries in its 2018 financial year.

Its investments in crime prevention, including a centralised Command Centre and anti-crime team, gives the Group the ability to monitor stores and vehicles, remotely trigger security devices, follow up on crime incidents and ensure suspects are arrested.

Through an extensive intelligence network, the Command Centre receives live information on strikes, protests and other incidents. This information can be used to react and take necessary measures to safeguard the Group’s fleet on the road as well as staff and customers in its stores.

Shoprite’s efforts to keep its customers and staff safe are reflected in a reduction of contact (violent) crime incidents and increased prosecutions. “It is a work in progress,” says Group Loss Prevention Manager, Oswald Meiring. “Incidents of violent crime and robberies are coming down, and we will continue to do everything we can to make us a harder target.”

Arrests have increased by 200% as a result of the Group increasing its capability to identify, trace and arrest suspects. Recently the Group was also able to assist with the arrest of two suspects after the manager of its Worcester branch was shot and killed in a robbery. A third suspect has been identified and arrest is imminent.

“We continue to focus on creating a safer environment for customers and staff. That is our first priority and we will go to any length to prosecute whoever is committing these crimes.”

The Group works closely with the South African Police Service (SAPS) and the National Prosecuting Authority (NPA) to affect the necessary arrests. It shares intelligence with them to ensure that bail is successfully opposed and that prosecution of criminals is successful.

In addition to tracking devices, the Group installed cameras and electronic locks on trucks which are managed from the Command Centre. Trucks can be remotely opened and closed, with alarms triggered if trucks are stationery for a certain length of time, or if unusual driving behaviour is detected. Since these devices were installed, there have been no incidents in transit on these vehicles.

It has also employed an in-house investigation team made up of experienced investigators. It has a team of Data and Crime Analysts who utilise predictive and historical analysis of all the crime data, to identify which stores or areas should be focused on. The Group has also employed an expert criminal lawyer to assist with the successful prosecution of criminals.

Follow us on social media: 

               

View our magazine archives: 

                       


My Office News Ⓒ 2017 - Designed by A Collective


SUBSCRIBE TO OUR NEWSLETTER
Top