Risk Radar Free Cyber Newsletter – Aug 09, 2016

Black Hat Continues to Break Records with Largest USA Show in 19-Year History
The big security conferences in Vegas have concluded and as you will see from the links below the need for security is alive and well. Black Hat’s press release highlights some of the major events at the conference.
ProjectSauron APT On Par With Equation, Flame, Duqu
A new Advanced-Persistent-Threat (APT) has been discovered that is similar to Equation, Flame, and Duqu. Project Sauron has been in use to spy on critical industries and government agencies since 2011. Researchers at Kaspersky Lab and Symantec have released information about Project Sauron. The methods of breaking into critical networks is still unknown, research continues into Project Sauron.

PLC-Blaster Worm Targets Industrial Control Systems
A proof of concept worm that targets Programmable-Logic-Controllers (PLC) was released at Black Hat. The attack (PLC Blaster) goes after Siemens PLCs, it is expected that this worm is not just limited to Siemens PLCs. Physical or network access can be used to infect PLCs with the PLC-Blaster worm. The Siemens PLC do have password protection that can block this worm, currently the password protection is turned off by default.

#DefCon: Thermostat Control Hacked to Host Ransomware
The Internet-of-Things (IoT) is an easy hunting ground for hackers (good and bad) right now. A proof of concept ransomware was shown at Defcon that infects thermostats. The thermostat company has not been disclosed, it is looking at the disclosed information now. The ransomware cranks the heat to 99 and asks for a pin that changes every 30 seconds, then a Bitcoin ransom is asked for. A bigger issue of this attack may be the use of the thermostat as a pivot point into the enterprise network.

Request the Ransomware Epidemic whitepaper from 4D5A Security for more information on how to defend against ransomware.

This ATM Hack Allows Crooks to Steal Money from Chip-and-Pin Cards
A team from Rapid7 showed at Black Hat that the Chip and Pin cards are not much more secure than the magnetic strip cards. The skimmer is put between the card reader and the cards chip, the chip information is sent a RaspBerry-Pi computer connected to the outside of the ATM. Chip information is then sent to a smartphone, the card is recreated and can be used to withdraw money from other ATMs. The card is replicated for a few minutes, but it is enough time to get money out of the victim’s account.
Hackers Could Break Into Your Monitor To Spy on You and Manipulate Your Pixels
Researchers have figured out a way to see and control what is on your monitor without hacking your computer. The monitors CPU and firmware are used to compromise the monitor. The attack is currently most effective on monitors displaying mostly static information.