Know Who You Owe Your Digital Safety To

Know Who You Owe Your Digital Safety To

Daniel Kaminsky. He was a security researcher who found a significant security flaw in the internet over a decade ago. He died last week of a diabetic condition. Let’s unravel his story and understand some basics of world wide web security along the way.

Crux of the Matter

Who Is Daniel Kaminsky?
An American computer security researcher, he was the co-founder and scientist of HUMAN, a firm specializing in detecting malware activity via scripting language.

How Did It All Start?
When he was 11, his mother received a government call stating that Kaminsky had used penetration testing to intrude into military computers, and they will cut off the family’s Internet. His mother responded by saying if their access was cut, she would publicize the fact that their security is so weak that even a kid can break it!

What Happened Next?
A 3 day Internet timeout was negotiated for Kaminsky. In 2008, after he found and coordinated a fix for a fundamental DNS flaw, the government administrator thanked him.

What Was He Known For?
Amongst computer security experts, he was majorly known for his work on DNS cache poisoning, and for helping out in the 2005 Sony BMG virus which infected 568,000 devices.

What Was The Sony BMG CD Scandal?
When inserted into a computer, each CD installed software that modified the operating system to interfere with CD copying. One of the installed program was a “phone home” that spied on user habits.

Does DNS Sound Familiar?

What Can Go Wrong In DNS Cache Poisoning?
When a DNS server receives the wrong IP and caches it for performance optimization, it is ‘poisoned’, as it returns false data to users or diverts traffic to an attacker computer.

Past Major Cyber Attacks

Curiopedia
  • Reaper is considered to be the first anti-virus software. It was assigned to delete the creeper virus from computer systems.

StrandHogg is here to plunder your phone's data!

Strandhogg

Cybercriminals have hit the jackpot with a risky vulnerability that breaches Android devices without rooting their operating system. Going by the name of StrandHogg, it allows
 malicious apps to overlay fake login screens on legitimate apps.First reported by Norwegian cybersecurity firm 
Promon and later confirmed by their partner firm Lookout earlier this month, the cybersecurity wing of Ministry of Home Affairs is worried how it will target Indian users.

Crux of the Matter
  • Researchers have discovered a new Android vulnerability that allows malware to pose as a popular app and ask for various permissions, potentially allowing hackers to listen in on users, take photos and read and send SMS messages.
  • This breach in security came into the top firm’s scanner when several banks in the Czech Republic reported money disappearing from their customer accounts.
  • 36 malicious apps or dropper apps, which pretended to have the functionality of popular apps and bypassed the Google Play Protect, were removed from Google Play Store.
  • BBC News reported on Monday that Google is investigating the origin of the loophole because this further highlights the weakness in the multi-tasking system of Android OS. Currently, Users are just advised to be alert towards any suspicious app permissions.
Curiopedia

StrandHogg originates from the old Norse myth for a Viking tactic who loots and holds people for ransom in coastal raids. The Vikings had already developed spy networks from their many commercial encounters with vicus. These spies informed them of the local customs, the dates of religious feasts, helped with translation and indicated places to plunder and personalities to be removed. The term is used in Iceland till date. More Info

U.S Treasury Department Takes Action Against Dridex Malware

U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) stepped up and took action against Evil Corp which is a Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware which has resulted into more than $100 million of theft across 40 countries.

Crux of the Matter
  • Dridex malware is used to infect computers and harvest login credentials from banks and financial institutions.
  • This action was carried in coordination with the United Kingdom’s National Crime Agency (NCA). 
  • Department of Justice also charged two of Evil Corp’s members and announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader.
  • Steven T. Mnuchin, Secretary of the Treasury said, “This coordinated action is sanctioning Evil Corp as part of sweeping action and will disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group.”
Curiopedia

Evil Corp is the Russia-based cybercriminal organization run by a group of individuals based in Moscow. They are responsible for the development and distribution of Dridex malware. Dridex also is known as Bugat and Cridex is a form of malware that specializes in stealing bank credentials via a system that utilizes macros from Microsoft Word. The targets of this malware are Windows users who open an email attachment in Word or Excel, causing macros to activate and download Dridex, infecting the computer and opening the victim to banking theft. Once a system is infected, Evil Corp uses compromised credentials to fraudulently transfer funds from victims’ bank accounts to those of accounts controlled by the group.  As of 2016, Evil Corp had harvested banking credentials from customers at approximately 300 banks and financial institutions in over 40 countries mostly in the US and UK.

IIT Kanpur and TalentSprint Announce Programme in Cyber Security

Indian Institute of Technology, Kanpur (IIT Kanpur) has announced an Advanced Certification Program in Cyber Security and Cyber Defense in partnership with TalentSprint. The program is designed for current and aspiring professionals who are keen to explore and exploit the latest trends in cyber security technologies. 

Crux of the Matter
  • The Advanced Certification Program in Cyber Security and Cyber Defense being launched by IIT Kanpur, in partnership with TalentSprint, is designed for current and aspiring professionals who are keen to explore and exploit the latest trends in cyber security technologies. 
  • The programme will equip and enable 1000 Cyber Security Professionals in coming years.
  • It will have a Hybrid Executive Format with Bootcamps at IIT Kanpur and Live Online Sessions 
Curiopedia

IIT Kanpur, established in 1959, is widely recognized as a global trailblazer in computer science research and education. Most recently, IIT Kanpur has taken the lead in cyber security by setting up the Interdisciplinary Centre for Cyber Security and Cyber Defence of Critical Infrastructures (C3i). The mission of C3i is research, education, and training, and also spawn startups to create technological safeguards to protect critical national infrastructure. The centre collaborates with other global centres of excellence and is positioned to become a world leader in cyber security. More Info