Cybersecurity Roundup: Online Attacks Bigger US Threat Than Terrorism, Facebook Risks and More
The FBI says online threats could soon surpass terrorism and become the number one national security threat; Facebook apps for Android and iOS expose sensitive user information; Forbes publishes a list of hacker prices for OS exploits; and more.
By Constantine von Hoffman, CIO
: Speaking at the GovSec Conference, Ralph Boelter, assistant director of the counterterrorism division at the FBI, predicted “You’ll see a greater prevalence of cyber-related offenses, including cyber-terrorism.” Last month FBI Director Robert Mueller said that, “in the not too distant future, we anticipate that the cyberthreat will pose the No. 1 threat to our country.”
Facebook logins easily stolen from mobile phone apps: Facebook’s apps for Android and iOS do not encrypt users’ login credentials, according to The Register. These apps leave information unprotected in a folder that can easily be accessed by malware. “A problem compounded by Facebook’s idea of ‘temporary’ as lasting beyond the year 4000. In the case of iOS, one can even lift the data from a backup, enabling the hacker to attach to a Facebook account and access Facebook applications for fun and profit.” Facebook has promised to fix the problem.
Are Anonymous and Lulzsec now trying to do financial damage?: A study from Imperva reports a change in hacktivist behavior, with an increasing number of attacks aimed at stealing and exposing company data instead of defacing websites or knocking them offline. The study says hackers used local- and remote-file inclusion attacks in 21 percent of all recorded incidents from June to November 2011. All though there is no direct link between the increase and the activities of Anonymous and LulzSec, they have initiated many similar attacks in the past.
Forbes publishes price list for software exploits: Want to crack Apple’s iOS mobile software? It won’t be cheap. Hackers are charging between $100,000 and $250,000 for hacking exploits that take advantage of secret vulnerabilities in iOS. That’s nearly twice the amount requested for information on breaking into Windows and five times as much as the Mac OS.
World’s most popular websites infected 10 million visitors in February: Weaknesses at 25,000 of the most popular websites in the world infected 10 million users in February, according to a study by Barracuda Labs. The company ran an analysis of the most popular websites as ranked by Alexa to find whether each URL was serving malicious content and distributing exploits to browsers or extensions. They found that on average at least two of the top 25,000 sites were putting out malicious content every day.