Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label High Tech Method. Show all posts

'Inception' Attack: Enhanced Due Diligence Measures Essential

In March, 3CX disclosed a supply chain attack that surprised researchers investigating it. They discovered that the attack had an unusual and alarming origin: another company's supply chain attack. This revelation in the "Inception" attack has caused concern among information security professionals. 
 
It has highlighted the unsettling reality that the security of their software may be far beyond their control, even when they follow best practices. In a world with extensive interdependencies, the implications of such attacks are troubling. They can spread like a virus, starting from one point and infecting connected communities. This raises concerns about the hidden presence of malicious actors deeply embedded in one's environment. 

Why such attacks are concerning? 

What made this attack particularly concerning was its origin, which was traced back to another company's supply chain attack. It signifies that even when organizations take all the necessary precautions and follow security best practices, their software's security may still be compromised due to factors beyond their control. 

Such an attack has significant consequences, revealing the complex connections within the digital world. Software and systems depend on various parts from different vendors and suppliers. If any of these parts are compromised, it can have a domino effect throughout the entire supply chain. 

This puts many organizations and their customers in danger of security breaches. In simpler terms, an attack on one component can harm the entire system, affecting multiple businesses and their customers. This incident underscores the challenges faced by information security professionals in maintaining the integrity and security of their systems. 

It reveals that no matter how diligent an organization is in implementing security measures, the actions of external entities can still pose a significant threat. It also raises concerns about the presence of malicious actors operating covertly within interconnected environments, highlighting the need for heightened vigilance and robust security measures at all levels of the supply chain. 

Expanding Threats have Outpaced the Development of Cybersecurity Talent 

A study conducted by (ISC) in January 2022 highlighted a global shortage of 3.4 million cybersecurity professionals. Another survey found that more than four out of five companies have less than five in-house security analysts, which is insufficient to run their security operations center. 

Due to this shortage, organizations have turned to external vendors to fulfill their cybersecurity needs. The attack on 3CX software highlights how vulnerabilities can emerge in an enterprise's software supply chain. 

According to a survey by the Neustar International Security Council, about 73% of information security professionals believe they or their customers are somewhat or significantly at risk due to increased reliance on third-party providers. 

 What is a Supply Chain Ecosystem? 

A supply chain ecosystem is like a big interconnected network that includes all the different parts involved in getting a product from where it is made to the person who uses it. It's made up of businesses, vendors, suppliers, partners, people, processes, data, and resources that all come together to make the supply chain work. 

Third-party Providers Increase the Exposure to Risks 

In simpler terms, there are not enough cybersecurity experts to keep up with the growing digital threats. Many companies have very few in-house security analysts, so they rely on external vendors for cybersecurity services. 

The attack on 3CX software shows that weaknesses can occur in the software supply chain. A significant number of security professionals feel that integrating with third-party providers increases their exposure to risks. 

To Minimize Risks in the Supply Chain Ecosystem, Enterprises Can Take Several Steps: 

 1. Assess security controls: Ask potential partners about their security practices through standardized questionnaires to understand their level of security. 

 2. Seek third-party evaluations: Engage third-party evaluation services during due diligence to gain additional insights into the security capabilities of potential partners. 

 3. Hold suppliers accountable: Include regular audits, at least annually, in contractual agreements to ensure suppliers meet defined security standards. 

 4. Maintain ecosystem awareness: Continuously monitor and understand the partner ecosystem to stay aware of potential risks and vulnerabilities. 

 5. Implement preventive measures: Enforce security standards that align with or exceed the organization's own practices, ensuring partners adhere to them. 

 6. Develop a strong response strategy: Establish a comprehensive plan for detecting, mitigating, and responding to compromised systems, including those introduced by supply chain partners. 

 7. Employ layered security solutions: Utilize advanced security solutions for endpoints, networks, and protective DNS to actively monitor and block suspicious activities or communications from compromised systems. 

Reducing supply chain risk requires cooperation and shared responsibility among stakeholders. Traditionally, the burden has been placed on individual enterprises to protect themselves, rather than on the parties responsible for releasing insecure software. New strategies should aim to shift the burden onto software vendors, promote secure development practices, and encourage collaboration between vendors and clients to enhance cybersecurity.

Vehicles Stolen Using High-Tech Methods by Criminals

 


Over the past 20 years, the number of cars stolen in the United States has been reduced by half. However, authorities are now seeing an increasing number of break-ins associated with high-tech techniques being used in these break-ins. 

There has been evidence to suggest that some employees at the Immigration and Customs Enforcement Agency (ICE) misused law enforcement databases to spy on their romantic partners, neighbors, and business partners. 

According to a new dataset obtained through records requests, hundreds of ICE employees and contractors have been under scrutiny since 2016 because they attempted to access medical, biometric, and location data without permission. There are more questions raised by the revelations about ICE's rights to protect sensitive information. 

Local intelligence agencies have found that in the current period, criminals are using sophisticated technology to target high-end luxury cars equipped with keyless entry systems and emergency starting features to commit theft. 

It was noted that the group identified three main methods criminals use to gain access to and steal vehicles with these features across the nation.

There was a video that was captured by Michael Shin of Los Angeles two years ago, where he captured the image of a man opening his car while holding just a backpack. As Shin explained, the man was not prepared to break into the car, as he had no break-in tools in his possession.  An NICB official affirmed that 35 vehicles were tested using this type of system by the NICB. As a result, 18 test cars were opened, started, and driven off by the team, with no problems at all. 

Morris said it was believed that professional criminals have discovered how to build their versions of the devices that the NICB used for its break-in tests. Morris explained that the NICB used devices supplied by a company that works closely with law enforcement on security testing for these tests. 

With criminals discovering how to hack into vehicle security systems and defeat them, car owners must be vigilant to protect their vehicles. As Morris pointed out in his statement, this is a serious reminder of the risks associated with today's cars that function as essentially "computers on wheels." 

In a recent study, ESET researchers discovered that there is a significant amount of sensitive data contained within old enterprise routers. The company purchased an old router and analyzed it, discovering it had login details for the company VPN, hashed root admin passwords, and details of the previous owner. The old routers contained login details for the company VPN and other valuable information. As a result of the information available on the router, it is easy to impersonate the company that sold it previously. Passkeys are going to take over all your passwords in the future, but a messy phase is beginning to emerge in the race to replace all your passwords with them. Getting new technologies off to a good start is among the biggest challenges in introducing them to the market. 

The fact that authorities have been puzzled by this type of break-in in the past has been a source of puzzlement for several years now but insurance investigators now believe that criminals are using key fobs - the little authentication devices you use to access newer models that are “keyless” - to start and unlock cars remotely by simply pushing a button. 

As a result of tests conducted by the research and development team, the group found that the vehicle's computer-controlled systems are being exploited by thieves carrying out highly sophisticated cyber-attacks.

It is important to note that a combination of CAN attacks, FOB relays, and key cloning attacks are among these attacks. 

  • When a CAN Attack occurs, high-tech electronic equipment is used to gain entry to the vehicle's Control Area Network and then access the computer system to start the engine using remote access software. As a result, the vehicle begins working as soon as the engine is started. 
  • By utilizing advanced receivers and transmitters aimed at remote reading the vehicle's security key, Fob Relaying is possible, allowing an attacker to unlock and begin the vehicle even if it is in the owner's possession. 
  • In the third method, a variety of sophisticated techniques and equipment are used to disable the vehicle's alarm system and then clone and steal the security key for the vehicle after the vehicle has been forced entry.