1-888-643-2217 Email ABEX
Keeping you updated

Tag Archives: hackers

How Hackers Can Control Your Car

CYBER CRIMEFiat Chrysler Automobiles is recalling 1.4 million vehicles—not for a manufacturing flaw or a faulty part, but for a vulnerability to hacking. The company deemed the recall necessary after two software programmers demonstrated how easy it was to remotely tamper with a Jeep Cherokee’s radio, air conditioning, dashboard display, windshield wipers, brakes and transmission.

This hack is an example of what the security industry calls a zero-day exploit—a vulnerability in a piece of software that the vendor is unaware of. In the case of Fiat, hackers, through wireless access gained via the Internet, sent commands through the vehicle’s entertainment system, taking control of any number of vehicle functions. This could, in theory, be performed from a laptop across the country.

But this type of vulnerability isn’t limited to Fiat vehicles, as most auto companies produce models that are susceptible to breaches. Industry leaders like General Motors, Ford and Toyota are atop a long list of auto makers believed to be the most susceptible to hacking.

As vehicles become increasingly connected, the risk of hacking becomes more apparent and no longer limited to select models. By 2022, an estimated 82.5 million automobiles worldwide will be connected to the Internet.

Since the hack, Fiat has taken strides to prevent remote manipulation by distributing USB drives to vehicle owners that they may use to upgrade vehicle software and deter hackers—but that may not be enough. While automakers are aware of cyber risks and are even taking steps to prevent attacks, experts say that the auto industry is far behind when it comes to cyber security and that current solutions aren’t yet strong enough to thwart hackers.



© Zywave, Inc. All rights reserved.

Employee Data Leaks a Major Cyber Risk

Bradley Manning-1297457129899_ORIGINAL

U.S. soldier Bradley Manning is escorted out of a courthouse during his court martial at Fort Meade in Maryland, August, 20, 2013. (REUTERS/Jose Luis Magana)

The case of Bradley Manning, the U.S. soldier convicted of the biggest breach of classified data in the US history by providing files to WikiLeaks, highlights how employees can pose a major vulnerability to the internet security. 

In 2010, Manning turned over more than 700,000 classified files, battlefield videos and diplomatic cables to WikiLeaks, the pro transparency website, in a case that has commanded international attention. Manning was sentenced to 35 years in prison on Wednesday and this sentence is unprecedented in its magnitude for providing secret material to the media. Please click on the link to read more in the Toronto Sun article:  Bradley Manning sentenced to 35 years in WikiLeaks case

This case shows how some of the most damaging cyber-attacks involving deliberate policy violations come from within the business, in ways that many employers overlook when it comes to their cyber security. It’s an employer’s worst nightmare—an employee is dissatisfied with his or her job and decides to defraud or steal from the company. Employees can cause enormous damage by committing these crimes.

According to a 2012 occupational fraud report by the Association of Certified Fraud Examiners (ACFE), the typical organization loses 5 per cent of its annual revenue to fraud. It also reported that the median loss caused by fraud was $160,000. For a small company, this could mean the end of the business. Small businesses are more at risk because owners inherently treat their employees like family, leading to complacency and lax security measures. Small businesses also tend not to have anti-fraud measures in place as many lack the knowhow and enforcement capabilities of larger businesses. Nearly half of victim organizations do not recover any losses that they suffer due to fraud.*

ABEX has partnered with WatSec to provide employee security awareness training as part of our Cyber Risk Management Program.  The security awareness training prepares every staff member with the critical skills necessary to work productively while being vigilant for potential security threats. 

Please contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.


*Source: ©2013 Zywave, Inc

Hackers Demand Ransom from Businesses after Stealing and Encrypting Their Information

hackerThank you to all who participated in ABEX / WatSec Cyber Webinar yesterday.  During the webinar, we touched on a few different examples of cyber attacks, one of the newest threats involving ransom attacks.

In ransom attacks, hackers steal information from businesses and encrypt it so that it can’t be read by anyone.  Data from backups can get encrypted as well.  Then hackers demand ransom from the victims in exchange for the encryption key that would allow the victims to access their own information. However, the hackers won’t necessarily decrypt the files even after the ransom had been paid.

There are many examples of ransom attacks happening, not only around the globe, but also here in Canada and more specifically in Southwestern Ontario and GTA.  These cases do not always reach the media, and thus do not get the deserved attention.  

One example includes some Dryden, Ontario residents who were struck by a combination of computer virus and Internet scam.  The virus would exhibit the logo of the RCMP, informing users they have violated copyright infringement or downloaded illegal pornography. It details the applicable money-wiring businesses users should use to pay their fine of $100 within 72 hours or risk being imprisoned from one to nine years or face a fine of up to $250,000.  Click here to read more.

Another example includes an Australian medical centre, Miami Family Medical Centre and The Surgeons of Lake County which all had a ransom demand after blackmailers broke into the organizations’ servers and encrypted their entire patient databases.  Click here to read more.

According to Norton’s Cybercrime 2012 report, 70% of online adults in Canada have been the victim of cybercrime at some point in their life. Cybercrime costs Canadians $1.4 billion per year. The average cost per crime victim is over $160, according to Norton’s report.

A security company, Trend Micro, has published an infographic: The Cybercriminal Underground: How Cybercriminals Are Getting Better At Stealing Your Money. The infographic explores what items are being traded in the cybercrime underground, how the underground is organized, and how users are affected. Click here to read more.

Please feel free to contact ABEX and WatSec for more information on how you can effectively manage your cyber risks.



Receive notifications of new posts automatically.


Like us on Facebook

Connect with us on LinkedIn