Supply Chain Attacks: Shipping the Exploits

Illustration: Supply Chain Attacks: Shipping the Exploits - Authentic8 Blog

Malware inserted along the business supply chain can be far more effective than directly compromising a single company’s network. Local browsers, used by vendors and customers alike, open the door for attackers.

*
What do banks and airlines, law firms and software makers, shipping companies and concert ticket sellers all have in common? Their day-to-day business depends on tightly integrated networks of service providers and product vendors.

Without functioning IT, most of these supply chains would break down. Network breaches can - and with increasing frequency do - result in significant damages.

A different kind of box office hit

Two recent incidents illustrate the broad spectrum and impact of web-borne third-party risks. Vendor vulnerabilities pose a growing threat not only to digital commerce but also to traditional sectors, such as the global shipping and logistics industry.

  • The first example, from June, involved online box office Ticketmaster. The incident highlights the vulnerability of the digital economy to exploits introduced into the software supply

How to Prevent Browser “Cryptojacking”

Illustration: How to Prevent Browser “Cryptojacking” - Authentic8 Blog

If you thought your “secure” browser is blocking all these cryptojacking attempts (perhaps you even installed a cryptoblocker extension), think again. Cryptominers are using other people’s browsers to make bank while getting better at evading detection. What have they been up to recently?

*
For readers of this blog who don’t already know, cryptojacking is the process in which a machine’s resources are hijacked and used to mine cryptocurrency. This type of attack can take place in various ways, usually involving the local browser and JavaScript. For more details, check out our “Cryptojacking 101” here.

Lately, cryptojackers have found more ways to hog their victims’ computing resources. Chrome browser extensions offered through the Chrome Web Store were discovered to contain mining code. Ubuntu’s own Snap Store has been supplying software with “miners” built in.

One-two punch: ransomware+cryptojacking

Even garden-variety malware now usually comes equipped with miners. A new variant of the Rakhni ransomware now contains a cryptocurrency miner.

Interview: Pitfalls of BSA/AML Research on the Web

Illustration: Interview: Pitfalls of BSA/AML Research on the Web - Authentic8 Blog

The pressure on financial services organizations of all sizes to comply with federal Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) regulations is steadily increasing. Banks and investment firms are facing stiff regulatory fines, civil penalties, and industry disbarment for compliance violations.

Industry observers point out that many cases resulting in enforcement action follow a common pattern. Often, the entities found in violation neglected to file Suspicious Activity Reports (SARs) about suspicious transactions.

Then, to make matters worse, during a subsequent investigation they also “failed to promptly produce certain documents” as requested by investigators (PDF).

Online Research as BSA/AML Compliance Bottleneck

Research indicates a direct correlation between the negligence of affected financial institutions to sufficiently investigate, report and document suspicious transactions, and the lack of a compliance-friendly and compliance-ready browsing environment at the disposal of their BSA/AML specialists. Check out the Authentic8 white paper Secure AML Research: Cracking the Efficiency Code (PDF) on this problem and how financial firms are

How the PageUp Hack is Highlighting HR's Data Protection Problems

Illustration: How the PageUp Hack is Highlighting HR's Data Protection Problems - Authentic8 Blog

The recent data breach at global Human Resources services provider PageUp may have impacted millions of job seekers, the firm announced last week. Following such incidents that affect HR records, it’s often IT that gets the blame. Are HR firms and departments generally too lax at handling confidential data?

*

HR professionals have been found to be especially vulnerable to cyberattacks or user error. HR data breaches have severe consequences for individual employees and the whole organization. In 2015, confidental information of more than 22 million current and former federal employees and contractors was stolen when state-sponsored hackers hit the Office of Personnel Management (OPM), the U.S. government’s HR department.

Since then, employees have started suing their employers over other incidents, as in the case of an HR data breach at Seagate, and more law firms are lining up to take their cases. Lamps Plus was slapped with a class action in California federal court, accusing it of failing to

DOD Looks to the Cloud for Browser Security

Illustration: DOD Looks to the Cloud for Browser Security - Authentic8 Blog

The US Department of Defense just published its cloud browser strategy. What's yours?

*

On June 5, 2018, the Defense Information Systems Agency released an unclassified request for information (RFI) outlining its intent to procure a cloud browser for 3.1 million Department of Defense (DOD) employees.

The operators of the most-targeted network in the world have concluded that they'd be more secure and efficient if they kept all public web code off the department's network.

This is significant for the entire cybersecurity market, not just the DOD. With this RFI, an arguably niche, disruptive security solution becomes mainstream. Cloud browsers are now something any organization concerned with online security must consider.

DOD personnel use the web for mission-related activities, support and logistics functions, and morale and well-being. With more than 4 million users worldwide, and with many people operating out of sensitive government facilities, the DOD is also a compelling target for cyberattack. The volume of attacks the department must deal with