1-888-643-2217 Email ABEX
Keeping you updated

Tag Archives: cyber risks

Cyber Risks in the Construction Industry

While you may think construction firms are not an attractive target for cyber criminals, the truth is no business is safe from cyber crime.

Regardless of how big or small your construction firm is, chances are you store valuable information—information cyber criminals can use for personal gain. Additionally, hackers are just as interested in proprietary information, and construction firms could lose their competitive advantage with just one data breach.

In order to protect your business and customers, it’s imperative to learn about the common cyber risks in the construction industry.

Loss of Files and Personal Information

In order to make their business more streamlined, almost all construction firms store some type of personal information. Because of this, the files and data they keep on hand is particularly vulnerable and a common target for hackers.

The average contractor stores and transmits sensitive information such as employee records, customer lists, bid data and financial records. Criminals can easily use this information to steal identities and credit card information. They could even ransom these files against a firm, blocking your access and demanding large sums for their release.

In addition, contractors often have login credentials for systems outside of their immediate control. If these contractors are hacked or decide to use their credentials for malicious purposes, your firm could be held liable.

Loss of Proprietary Data

One of the greatest assets a construction firm has is proprietary corporate data. At any given time, your organization could be holding valuable information related to privileged contracts, architectural designs and intellectual property.

In some cases, you could lose this information to cyber criminals without a breach ever occurring. This type of theft can occur through social engineering and phishing schemes, which are strategies criminals use to entice employees into transferring corporate funds or assets.

Infrastructure Exposures

As technology advances, buildings are becoming more connected. Smart technologies allow businesses and homeowners to automate processes that control a variety of systems, including heating, ventilation, air conditioning, lighting and security.

While these new advancements are a major leap forward and provide your clients with opportunities to lower their costs and increase their efficiency, they also create cyber exposures. When hackers gain control of a connected building, they can access things like IP addresses, security codes, automated building processes and camera footage.

In some cases, construction firms that provide smart technologies to their clients may be liable for any damage done by cyber criminals long after work is completed. At the very least, organizations that install products that negatively impact the privacy and security of customers could face serious reputational damage.

Be Proactive in Reducing Your Cyber Risk

In addition to the unique risks listed above, construction firms are subject to the same cyber exposures as the average business. Financial loss, business interruption and third-party liability are very real after-effects of a data breach, and your firm needs to be ready.

The best way to protect your firm from cyber exposures is with cyber liability insurance. These policies can and should be customized to meet your specific needs. Contact your broker today to learn more about cyber risks and what types of protection are available to you.

© Zywave, Inc. All rights reserved

Russian Teen Allegedly Sold Target Breach Software

Publication Date 01/19/2014
Source: USAToday.com 

targetA Russian teenager allegedly authored the malware behind the Target data breach during the holiday shopping season, a cyber security firm said Sunday, and the same malware may have also been involved in the Neiman Marcus attack, it says. 

IntelCrawler, based in Los Angeles, says Sergey Taraspov, with roots in St. Petersburg, authored the malicious software and reportedly sold it for about $2,000 to dozens of cybercriminals in Eastern Europe and other countries.

“The probability is rising that the perpetrator of the (Target breach) got the program from him,” says Dan Clements, IntelCrawler president.

The firm says Taraspov is “close” to 17 years old. The firm’s CEO did the first report on the malware, known as BlackPOS, earlier last year and Taraspov was identified then as the alleged author, Clements says. Taraspov allegedly is a well-known programmer of malicious code in the underground world, IntelCrawler says.

Target, the nation’s second-largest retailer, has apologized for the security breach, which it said affected up to 110 million shoppers. Neiman Marcus has not said how many customers were affected by its breach, though several security analysts have said they believe it was at least 1 million shoppers.

Officials at Target were not immediately available for comment Sunday.

Clements says IntelCrawler has uncovered six other breaches at retail stores, including two small clothing firms in Los Angeles and four mid-sized department stores in Colorado, Arizona, New York and California. The firm declined to name the retailers, but says it has forwarded information to law enforcement officials. 

The software reportedly enabled the thieves to remotely hack into the retailers’ computer systems and obtain customer credit card and pin numbers, which were sent back to a computer controlled by cyber thieves. 

State and federal officials, including the Secret Service, have launched an extensive investigation into the breaches.



Copyright 2014 USATODAY.com

Malware in Target stores breach crafted to avoid detection by all antivirus tools

targetLast weekend, retail giant Target finally disclosed that malicious software that infected point-of-sale systems at Target checkout counters was at least one cause of the data breach that occurred back in December.  The massive data breach exposed personal and financial information, including names, mailing addresses, phone numbers and email addresses of more than 110 million customers.

Target has taken considerable heat from critics who say the company waited too long to disclose the breach.

In an interview with CNBC on Jan. 12, Target CEO Gregg Steinhafel confirmed that the attackers stole card data by installing malicious software on point-of-sale (POS) devices in the checkout lines at Target stores.

Earlier this week, Seculert posted an analysis and reported: “First, the malware that infected Target’s checkout counters (PoS) extracted credit numbers and sensitive personal details. Then, after staying undetected for 6 days, the malware started transmitting the stolen data to an external FTP server, using another infected machine within the Target network.”

Thieves then use collected information to create cloned copies of the cards and use them to shop in stores for high-priced merchandise.

As Brian Krebs of Krebs on Security blog reports, he detected a network of underground cybercrime shops that were selling almost exclusively credit and debit card accounts stolen from Target stores. Those underground stores all traced back to a miscreant in Odessa, Ukraine.

Krebs continues: “Incidentally, in malware-writer parlance, the practice of obfuscating malware so that it is no longer detected by commercial antivirus tools is known as making the malware “Fully Un-Detectable,” or “FUD” as most denizens of cybercrime forums call it. This is a somewhat amusing acronym to describe the state of a thing that is often used by security industry marketing people to generate a great deal of real-world FUD, a.k.a. Fear Uncertainty and Doubt.”

These breaches underscore the importance of organizations continuously monitoring their systems for suspicious changes and unknown programs on their systems, as well as providing their employees with security awareness training.

Once the breach happens, it is imperative that a business continuity plan be executed in a timely manner and that the proper communication be established with the public. 

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.


Cyber Liability: Managing Password Threats

Online PasswordOrganizations trust passwords to protect valuable assets such as data, systems and networks. Passwords are versatile—they authenticate users of operating systems (OS) and applications such as email, labour recording and remote access, and they guard sensitive information like compressed files, cryptographic keys and encrypted hard drives.

Because passwords protect such valuable data, they are often a prime target of hackers and thieves. Although no method of password protection is 100 per cent effective, it is still important to understand and mitigate threats to password security so you can protect your company and its assets.

Types of Password Threats

Implementing security measures starts with anticipating security threats. There are four main ways that attackers attempt to obtain passwords: capturing passwords, guessing or cracking passwords, replacing passwords and using compromised passwords.

1.     Password Capturing

An attacker can capture a password through password storage, password transmission or user knowledge and behaviour. OS and application passwords are stored on network hosts (a computer connected to a network) and used for identification. If the stored passwords are not secured properly, attackers with physical access to a network host may be able to gain access to the passwords. Never store passwords without additional controls to protect them. Security controls include:

  • Encrypting files that contain passwords
  • Restricting access to files that contain passwords using OS access control features
  • Storing one-way cryptographic hashes for passwords instead of storing the passwords themselves

Hashes are the end result of putting data, like passwords, through an algorithm that changes the form of the original information into something different. For example, the password ‘default’ could be mapped as an integer such as 15. Only the network host knows that 15 stands for the password ‘default’. Read more >>

2.9 million Adobe customers affected by cyber-attack

security concept  with a lockThe cyber attack on Adobe is just another example in a wave of global attacks targeting personal and business financial data.

Adobe, the software company behind Acrobat, Photoshop and InDesign has experienced a data breach, potentially compromising the data of 2.9 million customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems,” said Brad Arkin, Adobe chief security officer in a Customer Security Announcement on October 3rd.

Adobe has reset passwords on customers’ accounts and recommended that customers change their passwords on any other website where they may have used the same user ID and password. The company has alerted the banks processing customer payments, as well as federal law enforcement.

Adobe also said it would give affected customers the option of enrolling in a one-year complimentary credit monitoring membership where available.

What’s the threat?

According to Brian Krebs, of the KrebsonSecurity blog, the threat is that the Adobe hackers could have hidden zero-day exploit code within a PDF document, or Flash animations, to create weaponised content.  They would then use a spear-phishing email to deliver the weaponised content to the targeted user. “When the user opens the attachment or watches the animation, the exploit code exploits the vulnerability to silently download malware on the user’s machine. The user isn’t aware that this download has happened. But this malware, often a Remote Access Trojan (RAT), enables the attacker to access sensitive data or even gain full control over the user’s machine” explains Krebs.

Lessons Learned

These breaches underscore the importance of organizations continuously monitoring their systems for suspicious changes and unknown programs on their systems, as well as providing their employees with security awareness training.

Once the breach happens, it is imperative that a business continuity plan be executed in a timely manner and that the proper communication be established with the public. 

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.



Receive notifications of new posts automatically.


Like us on Facebook

Connect with us on LinkedIn