Computer Security

         Everyone was surprised that the U.S. Federal Communications Commission (FCC) fined AT&T $25 million dollars for a customer data protection failure. No company was ever fined such a large sum for violating data security laws. This fine was imposed several months after the data was lost in and near Mexico, May 2014. The data contained confidential information, such as their  customer names, security credentials and other private information. There were data breaches between November 2013 and April 2014, they occurred at call centers in the Philippines, Mexico and Colombia. 

         The breach affected around 280,000 subscribers. The data was sold to phone thieves, the thieves needed this information so they can unlock stolen phones. The cause of the security breach was the misuse of the company’s credentials by employees within the call centers. The employees must of used the company’s logins to get customers’ personal information and then sold them to the phone thieves. Two employees confessed to being a part of these breaches and that they gave the data over to a third-party member named "El Pelon" (Spanish for Bald Man).

          Although AT&T were not directly involved in the breach, the FCC decided to fine them for this violation of data security laws. The breach occurred within one of their contract company that were to provide Spanish language customer support. AT&T is currently trying to reaffirm trust in the company and to make sure that their customers will not too affected by this breach. All existing contracts and agreements with the contract company have been terminated because of the breach. AT&T is taking steps to assure that this never happens again, they are updating their policies which are said to be more secure than ever. 

         The FCC must of fine AT&T to discourage companies making contracts with other companies without thoroughly checking them and their security throughout the time period of their contract, but $25 million seems a bit too much. Companies like AT&T must monitor all accounts that are being handled by contract companies to make sure that there are no security violations taking place. Hopefully the changes that AT&T made to their policies make their systems more secure and that they are more careful about who they signed contracts with. 

         This week, a security flaw in all Windows software and 31 other software products (Adobe, Apple, Oracle, and Symantec) were disclosed. The security flaw was a vulnerability called "Re-Direct To SMB" and it was discovered by Cylance SPEAR team researcher Brian Wallace. This vulnerability allows attackers to get the encrypted login credentials through Windows PC users. The attacker could gain the login credentials by a compromised web server, they can also gain the information by gaining control of network traffic and redirecting it to a malicious SMB-based server. 

        The security came from a bug discovered in 1997, which was never fixed by Microsoft. The bug lets an attacker get the credentials by using Windows Server Message Block (SMB). SMB is a Windows network protocol used in domain and network authentication, file shares, remote administration, and print-sharing. Instead of fixing the bug, Windows just added mitigation methods and their Extended Protection for Authentication feature. Windows are not creating a patch for this latest flaw because it needs several factors to even be used by an attacker. The bug is not just located in the SMB, but also in the Windows API library (API refers to a software library). 

         Those who use Windows, are going to have difficulty placing trust in this compromised software. This security flaw can affect iTunes, more specifically, Apple's Software Updater. After the attacker compromises the DNS record of Apple, they would just have to redirect the update requests to a malicious SMB server. Brian Wallace of Cylance SPEAR rates this security flaw as a 7 out of 10 because so far there hasn’t been Redirect to SMB attacks.  The best defense against these attacks is to disable SMB communications, blocking TCP 139 and 445 ports. 

          It is not surprising the Windows is not bothering to fix the security flaw. Windows does not see it as a major issue and since they’re a business, they are not going to spend a lot of money on security if it’s not needed. Even though Windows says that the attackers need several factors to use this flaw, attackers could adapt and make any extra features not needed. You’re not going to stop using Windows or iTunes, but you should at least disable SMB communications, this way you login credentials are more secure. 

         Since 2010, the police department in Erie County, New York has used a spy tool named ‘Stingray’ 46 without a warrant. The county seemed permission once, they asked for a court order instead of a warrant. A court order has a higher burden of proof and when the county sought this court order, they weren’t honest with their intentions. The county sheriff’s office is maintaining secrecy about their stingray records, after they signed a stringent gag order with the Federal Bureau of Investigation (FBI). This gag order requires  information on the devices, their affidavits, and how they gained evidence, to be withheld from documents filed with the courts. The FBI had the right to get involved in any case they see fit, such as dismissing the ones that could reveal the use of stingrays. 

         This spy tool is designed to sweep through and gained private information, even on those who are innocent and/or not involved in a particular crime. It is questionable that $350,000 is being spent on stingray equipment, and how this keeps people in Buffalo safe is unclear. Law enforcement agencies in the United States have gone great length to make sure that the public does not find out about stingrays. Stingrays can trick mobile devices and other devices that use a cellular network into thinking that they are a cell phone tower. When the device connects, the stingray is able to gain the person’s location, their movements, and their identification, they are able to do this because they have a stronger connection than actual cell phone towers. 

         There are many police departments that have signed similar non-disclosure agreements not with the FBI but with Harris Corporation. Harris Corporation is one of the top companies that produce stingray devices. The company doesn’t want any records on the devices to be released to the public and they don’t want people discussing them. In one case, US Marshals  seized records about the local police department’s use of stingrays in Florida, so the  American Civil Liberties Union couldn’t have them. In common practice that law enforcement agencies lie to the judges about their use of these devices so that the public doesn’t find out about them. 

         All 46 uses of stingrays were used under “judicial review” in criminal matters. That means that enforcement sought permission from the courts before they used them, but actually they only sought permission once. Another thing they did was lie to judges about the device, the records had them filed as a “pen register device”. The pen register devices are meant to record the numbers dialed from a specific phone, while stingrays are more invasive. Stingrays can track the location of a person through their cell phone. By describing stingrays as pen register devices, law enforcement was withholding information from the judges. Law enforcement has also lied about the capabilities of stingrays, such as their ability to disrupt cellular communication to any device in its range. It can also collect information within cellular devices, but law enforcement insist that this particular feature is turned off.

        Law enforcement is trying to keep us, the public, from learning details about these stingrays and although they have revealed some information about them, we don’t know if this information is correct. Judges are going to have to enforce some sort of system for these devices in police departments. There will probably be repercussions against those who lie to judges about stingrays. There should also be a separate third-party company to fully investigate the uses of these devices in law enforcement all around the United States. If things like this continues, we will probably see stingrays and other devices in the news again soon. 

        Those who are sympathetic to the Islamic State of Iraq and al-Shams (ISIS) are defacing websites that have the vulnerabilities that are known in the Wordpress at a mass rate. These Wordpress web site vulnerabilities that were exploited already have plug-ins (security updates) for them, although not many people have updated. The Federal Bureau of Investigation (FBI) is warning the public of these attacks and also alerting the public about ISIS sympathizers are creating fake government websites to collect personal and financial information from web users. They are not just targeting government websites, they are also targeting communication platforms of news organizations, commercial entities, religious institutions, and a variety of other domestic and international sites. 

        The FBI has also released a public service announcement (PSA) to their InfraGard members, who are a partnership between the FBI and private industry partners, about another attack. This attack is planned for April 15 - 16, on  Holocaust Remembrance Day, against Israeli and Jewish Web sites. These attacks will be perpetrated by extremist hacking groups, who have named their attack #OpIsrael. These attacker groups are most likely located in the Middle East and North Africa. 

        There is no known connection between the attacks and the web site defacements. If one runs into a web site that is powered by Wordpress, then one should check to see if their content management system (CMS) needs new patches and if there are new plug-in updates that haven’t been downloaded yet. The FBI has warned the public to be cautious of fake government web sites because they take advantage of search engine optimization techniques. These techniques help the fake government web site get in the search results of a user who is searching for government web sites. The purpose of these fake web sites is to trick the user into giving them their credit/debit data, their Employer Identification Number (EIN), their PII data, their birth certificate, driver’s license, employee badge, and social security numbers. They promise their victims that they need these things to complete their offered services. Before the victim notices the scam, their credit/debit cards have already been charged, and their information compromised. 

        The FBI advises web users to research any company and/or service before using them. You should also search for the companies’/service’s web site, their e-mail addresses, telephone numbers, or other searchable identifiers. A government or service web site that has very few or no reviews, is very likely to be a fly-by-night scam Web site. It is not that difficult to look up a company or service, one could use a  WHOIS Web site registration record search to see who they are, if you can’t find much information about them, do not use them.

        It is obvious that terrorist groups such as ISIS and their sympathizers are taking an interest in cybercrime. We can expect them to plan more attacks and defacements against government web sites. They will probably attack more web sites that are Israeli and Jewish. The best defense against these attacks is to keep our devices’ web browsers up-to-date, and to be cautious when searching the web. It is unclear what the FBI have planned to defend these web sites and the public, but they have warned the public on what to look for. 

        In October 2014, Home Depot had a major credit and debit card data breach. As a result of this breach, many U.S. financial institutions, that distribute credit and debit cards like Visa and MasterCard, started the process of making their cards chip-enabled, so that they’ll be more secure. These institutions, however, have noted that a lot of credit and debit transactions have been occurring in Brazil, a lot these transactions came from credit accounts that were stolen in the Home Depot breach. Another strange thing about these transactions was that they were recorded as chip-enabled transactions, despite the fact the institutions have yet to distribute the new cards. 

        These transactions could be explained as fraudsters were using “replay” attacks. In these attacks, fraudsters take the regular magnetic stripe transitions and push them through the card network as chip-enabled card transactions. This type of attack suggests that the fraudsters have control of a payment terminal. With this payment terminal, they are able to change the field for the transactions within that terminal. They intercept traffic from a chip-enabled transaction and replaces the data with stolen credit card data, while also change the name of the merchant and the bank account data. In a popular cybercrime forum, a software-as-a-service package called “Revolution” is being sold by a fraudster that specializes in skimming devices, he often helps hackers gain credit card data from ATMs and point-of-sale devices. This fraudster is also offering a list of U.S. financial institutions that don’t have the properly implemented systems for chip-enabled card transactions. 

         Chip-enabled cards are also called EMV (Europay, MasterCard and Visa), which are an international payment system. This system has been adopted by many financial institutions as a solution for the security problems with cards with just a magnetic stripe. The microchip in the EMV cards is meant to make the cards expensive and difficult to counterfeit. There are several ways that chip card transactions can be validated by the banks. The credit card information is encrypted in the chip. The chip also has a “cryptogram”, which lets the banks know whether or not the card or the transaction has been modified by a hacker. Another way to tell if the card’s data has been copied or has been stolen from a fraudster, the chip has an internal “counter” mechanism, this number value increases with each transaction. If the number skips or increases by a large number, the credit card data have been stolen by a fraudster. 

         The Hacker’s “Revolution” software has been designed to target those banks who have yet to finish creating a payment network for their EMV card transactions. Banks have not yet gotten a handle on their fraud control when it comes to EMV cards and are not properly checking the data, which is another reason fraudsters go after them. The software relies on Java card software, this allow the product to write into the chip and magnetic stripe based cards. The Java card software allows applets (Java-based applications) to run safely on small memory devices, like a smart card. Fortunately, banks are switching to static EMV security from dynamic security, this means that the data stays the same during each transaction and therefore more secure.

        It is interesting that the fraudsters are taking advantage of the security installed after a large credit and debit card data breach. The problem with this new security is that the banks have yet to catch up. The banks need to monitor EMV card transitions as closely as they do magnetic stripe cards. Fraud detectives have to keep a lookout for more cybercrime software that could be sold to other fraudsters. Since the banks are switching to static EMV security, we won’t have to worry as much about fraudsters changing the data within transactions. 

        On Wednesday, there was an executive order announced which allows the Secretary of the Treasury, Secretary of State and Attorney General to sanction laws against cyber attackers, ‘malicious cyber actors’, that hack the networks of United States companies and government agencies. The governments aim is to make it hard for hackers to get profit from their attacks. To do this they have to make it more expensive to hack and less profitable. This order came as a response to the attacks against Target, where 110 million of their customers had their credit card data stolen, and many other United States companies. Other companies include Home Depot, P.F. Chang’s, Staples, Michaels Stores, Anthem, and Neiman Marcus. Another breach that helped pushed the government into placing this order was the Sony breach back in November. The breach resulted in private emails and details about their movie “The Interview”  being revealed. The movie was about two journalists that go to North Korea to kill Kim Jong-un, who is the North Korea’s leader. The FBI believed the breach came from North Korea, even though North Korea themselves never admitted to it. During the last year, there have been 1,500 data breaches around the world, and since 2013, data breaches have increased by fifty percent. 

        The co-founder of cybersecurity company Crowdstrike, Dmitri Alperovitch, approved of the order and commented that the order will allow the government to put bad companies and individuals on the US government's Specially Designated Nationals List. Placing them on this list will let companies know that they are not allowed to do business with them. Since the beginning of 2015, President Obama has been paying more attention to cyber security. He plans on adding $16 million dollars to the 2016 budget, hoping this will aid cyber security. Obama signed an order that will create a system of which private sector companies and the United States government to be able to share information on cyber threats more easily back in February. The only problem with these laws is that they only really affect the threats in the United States, most of the threats come from China and Russia, who don’t have treaties with the United States. Although these sanctions have yet to placed into law, you can already see the effect of the government’s interest in cyber security. A month ago, the federal government had announced that they are closing in on those responsible for the JPMorgan attack that affected the contacts of 76 million households and 7 million small businesses.

        It’s great that the government is taking more interest in cyber security, since a lot of the laws we have now are outdated and need to be revised with the growing innovation. Technology is improving and many new devices are being brought onto the market, these devices have many vulnerabilities that hackers take advantage of. If a company is using these devices, they leave themselves open to attacks. Since the government is planning to make a list of companies and individuals who are involved with these threats, other companies can then avoid them and therefore be lest at risk. The reason why we have so many cyber attacks is because it is so profitable, a hacker can buy data cheaply from other hackers and then use this information to make more than they had spent. The United States can’t stop the Chinese and the Russians from hacking US companies, but they can at least warn each other of cyber attacks, which they are currently in the process of creating a system to help do so. 

        Companies are always trying to target their advertisements to people who are going to take an interest in their product. You probably noticed that the advertisements (ads) you see when you are viewing articles or watching a YouTube video always seem to relate to what you searched on the internet. Advertisers will now be able to tell how many people watched their ads. 

        Advertisers have to depend on Nielsen ratings, and target television shows rather than their audience, which is not a reliable way to get to their customers. Google is currently just doing trials with their TVs, within their project forum for Google Fiber. This trial will be available in selected cities, such as Kansas City. The ads will be based on the viewer’s location and viewing history. Google has not clarified what “viewing history” means in this situation, but Google is allowing people an opt-out. 

        Broadcast companies would never have it as pay per view advertisements because they wouldn’t get as much money from advertisers. The advertisers want to know how much their ads are being viewed, but the cable companies refuse to show those numbers. Since they refuse to show the numbers, we can assume that there is a very low view rate. Advertising is changing, advertisers have more options to reach their audience. Since most advertisers are using the web and mobile, it makes sense for the cable companies to offer statistics on viewership because it is better to make less money than to make no money at all. 

        There is this company called VisibleWorld who allows advertisers to target their audience by region and by demographic, and allow advertisers to edit their ads accordingly. VisibleWorld is so successful at what they do that Comcast has offered to buy them. NBCUniversal, with an idea based on Comcast’s set-top-box data, are creating their own audience targeting system. It’s not new that advertisers are using our own personal information to advertise to us. Sixty-four percent of United States citizens believe that the government should regulate what the advertisers gather on us.

        The idea that our televisions are gathering data on what we watch is unsettling. Advertisers have no concept of privacy, their only concern is money. Although I do not like the breach of privacy, it is understandable why advertisers are going to such lengths. The majority of people don’t even pay attention to advertisements on the televisions unless they are advertising something that we’ve been thinking of getting. Advertisers should be allowed to gather data for Marketing purposes, but they should keep that to a minimum and not observe us through our TVs. 

         It is not a surprise that the broadband companies have filed lawsuits against the Federal Communications Commission (FCC) over their new Net neutrality rules. The lawsuit was filed by a trade company called the USTelecom Association, they represent large Internet service providers. The lawsuit was filed in the US Court of Appeals in the District of Columbia. The companies are stating that the new rules concerning internet traffic, violate federal law and are  "arbitrary, capricious and an abuse of discretion."  

       The Net Neutrality rules allow the government to regulate the Internet as a public utility. The rules prevent broadband companies from slowing down traffic and blocking it on their wired or wireless networks. Internet server providers also can’t offer paid priority services, “fast lanes”, to customers when networks have too much traffic. If paid priority services were allowed, content companies would be charged a fee, such as Netflix.

       The USTelecom’s lawsuit has been filed prematurely, considering the FCC only published their new rules on March 12. The wait time to challenge new rules is 60 days after they have been published in the Federal Register. Since the lawsuit was filed prematurely, it will probably be dismissed. After the 60 day wait period, new lawsuits are sure to be filed in court. 

        The FCC's reclassification of broadband as a Title II telecommunications service under the 1934 Communications Act is the main new rule. This new rule changes how the internet was governed and it makes the FCC its new policing force. This rule originally allowed the FCC to set the rates of network access, and to make sure that everyone has equal access. Broadband providers now have to follow this rule, so the internet service providers don’t favor data. Verizon and Comcast have stated that these outdated rules that are now being applied to broadband industries will hurt innovation and will allow the government to apply new taxes.

        Broadband companies have been against the net neutrality rules proposed by the FCC long before they were published. The companies feel that this will stifle advancement and it is likely that they are going to be taxed. These rules also keep the companies from messing around with network traffic. USTelecom should have waited the 60 day period because although the FCC knew that they were going to sue, they now know the details of the lawsuit before it can be applied, meaning they will have more time to come up with a counter argument. 

        Apple has announced plans to provide a web-based TV service in the fall, with a package of 25 channels. This will add an enormous amount of pressure on current cable and satellite companies. Those companies will have to lower prices, offer smaller packages, and improve customer service just to compete with Apple. Since most TV providers also provide internet service to their customers, they might raise the prices of broadband-only subscriptions to prevent their customers from dropping their TV package. The price of cable service, between the years 1995 and 2013, has risen 188 percent. The cable companies claim that this is because their package quality has also increased.

        Many TV packages offer around 200 channels, but the majority of people watch less than 20 channels. Customers are paying money for channels that they don’t use, when they only want the major broadcasting channels. Although Apple’s TV package won’t let you just pay for the channels you want, they will contain major broadcasting channels such as ABC, CBS, Fox and ESPN. Apple had a conflict with NBC, so it is unclear whether or not the package will include NBC. Apple is selling HBO streaming services separately from their TV package. It has been estimated that the package will cost between $20 and $40 a month, the official price has not been announced. The package will not only work on an Apple TV, it can also stream to other Apple products. Fewer and fewer people are paying for TV from cable and satellite TV companies due to the fact that there are more sources for TV shows. People can now watch shows through Amazon, Hulu, and Neflix. Dish is already offering smaller packages, and Verizon is even planning to launch a web-based TV. Apple is not the only non-cable TV service that is getting involved, Sony is also planning to launch their own TV service. 

        Over the years, Apple has gained a good image and an overwhelming public support. Since Apple is offering people want they want, they are certainly going to cause a problem for other TV services. I feel that cable companies will probably sue Apple before they bother to change how they provide service. Apple certainly has the right idea by providing small packages with 25 channels that allow customers to pay mostly for the major broadcasting channels, instead of paying for a bunch of channels that they don’t use.  We won’t really know what type of an effect Apple’s TV service will have until the fall, but this might be the push that we need to get TV service providers to start improving their services and prices to their customers. 

        Apple Pay has made it extremely easy for cyber thieves to steal credit and debit card numbers. Before Apply Pay, credit card fraudsters would buy “dumps”, usually costs $10 - $30. These dumps are stolen credit and debit card data right off the cards’ magnetic stripe. This information was gathered from breaches in major store franchises, such as Target and Home Depot, using malware on point-of-sale devices. The data is input into new plastic cards and used in stores to buy big ticket items only to be resold in cash. If a credit card fraudster wants to get items online, they would buy “CVVs”, costs $1 - $5. These CVVs (card verification code) are taken from hacked online stores and are a reference to the three-digit code found on the back of credit cards. CVVs contain the credit card number, the card verification code, the expiration date, and the cardholder’s personal information, such as their name, address, and phone number.

       Apple Pay allows credit card fraudsters to get access to your credit information through your iTunes account. These accounts can be hacked and sold for a retail price of $8. It is difficult for Apple or banks to identify if a payment is being made by the cardholder or a fraudster. Apple needs to make Apple Pay identity proof to reduce credit card fraud. Banks could pressure Apple into making their customers take pictures of their card and upload it to the app before signing up with their data. Currently, most banks that are going online with Apple Pay are validating new users by using customer call centers. This is not a secure way to validate users because all the data needed to validate a user can be brought at a cheap price. Apple Pay has already been used to commit fraud, within Apple’s own stores. Even though the fraud occurred because of Apple’s product, banks ended up having to take care of the fraud cost. The banks didn’t bother to clear up the lack of transparency in how transactions are made and monitored before they got their customers to sign up for Apple Pay, which only added to the problem.

       Apple doesn’t care about the security of their product, rather they care about how much money they make. When Apple announced Apple Pay, it was predictable that there would be an issue with credit fraud, despite how much they insisted that it was secure. As technology advances, there are more and more security risks being discovered. The banks should have demanded more transparency before getting on board with Apple Pay. Even though I doubt that people will stop using it completely just because of its lack of security, Apple should upgrade the security anyway because it leaves them vulnerable as well.

        The FBI has issued a $3 million bounty for Evgeniy Mikhailovich Bogachev, who is believed to be the main creator of the Zeus banking Trojan. This Trojan was used to steal hundreds of million dollars from banks in the United States and Europe. He has also been accused of working along side with cyber gangs. These gangs are responsible for "infected tens of millions of computers, harvested huge volumes of sensitive financial data, and rented the compromised systems to other hackers, spammers and online extortionists."

           Evgeniy Mikhailovich Bogachev is also known by the nickname "Slavik". A gang of cybercriminals used the Jabber instant message server to communicate with each other and they were in contact with Bogachev. The gang hired him to design a Trojan, which later became known as "Jabberzeus". This trojan was designed to send a message to members of the gang when a someone with a large bank account logged into the bank(s) they targeted. Although Bogachev created the Trojan for them, he refused to make it undetectable to antivirus tools. 

        Later, Bogachev was selling the Zeus Trojan code to those with several thousand dollars. The code was what the Jabberzeus Trojan was built upon, so the code became basically a cybercrime kit. He was also building upon that Zeus Trojan code for buyers for an extra fee. By late 2009, there were dozens of Zeus control servers. These servers all were connected to his domain, and had names similar to his nickname like slaviki-res1.com,slavik1[dot]com, slavik2[dot]com, slavik3[dot]com, etc. 

          In 2010, Bogachev was selling to spammers the access to tens of thousands of hacked PCs and an email list of computer systems affected by his malware. Within the same year, 20 people who were connected to the Jabberzeus crime ring were arrested in the United Kingdom, 11 of which were charged with money laundering and conspiracy to defraud. Five members of the gang were also arrested in the Ukraine. Due to the arrests, Bogachev announced that he was leaving the business and gave him his code for Zeus over to “Harderman” , also known as “Gribodemon”, a hacker. This hacker created a competing crimeware kit called SpyEye. Later Alexsander Panin, 25-year-old Russian man, admitted to creating SpyEye.

        Although Bogachev said that he was out of the business, it's likely that he just stopped selling publicly and continues to build private Zeus based codes. The United States and European businesses were attacked by a “Gameover” Zeus in 2011, which caused distributed denial-of-service attacks (DDoS). These attacks occurred after a victim and their bank had their money stolen. In 2012, Microsoft took down dozens of Zeus and SpyEye powered botnets, in doing so, they were able to gather and release information of the Zeus creator and the Jabberzeus gang. The Justice Department then charged nine men associated with Jabberzeus, and then later placed a bounty on Evgeniy Mikhailovich Bogachev. 

        Considering all the damage that Evgeniy Mikhailovich Bogachev has done, it is not surprising how high the bounty is. So far, Bogachev has been very successful at avoiding authorities, it is unknown how long it will take for him to be taken into custody. It is unlikely that everyone involved with Jabberzeus will be caught and charged. As time progresses, we are likely to see more bounties and arrests being made due to cybercrime.

       A spam operation that has been occurring for four weeks has been discovered by ProofPoint, which is a security firm in Sunnyvale, California. The Spam attack is aimed mostly at users and organizations in Brazil. The phishers that are launching the attack send links to users that alter the settings on their routers. When they alter the settings, they are able to gain access to their banking information and other data. 

         They get users to click on these links by sending them spam email that looks like a notification for an unpaid bill. The link then leads them to a page that looks like a telecom provider page. A code is then downloaded and launches a cross-site request forgery attack. The attack is designed to target both UT Starcom and TP-Link routers, and use known vulnerabilities in them. The malicious website would then use the iframes that logged into the administrative page of the router using its defaults. After gaining access to the router, they would change the domain name system (DNS) settings. The attacker would make their DNS the primary server and the victim's DNS the secondary, on Google's public DNS. They can then redirect the victim onto a malicious site that mimics the site they thought they were on so that they can steal the victim's personal information. If the attacker's DNS is not working, the router will function like normal. 

        The reason that this is so dangerous is that it is not detected by antivirus software and other security systems for long periods. So far this is only being only transmitted through email. Today, many routers have built-in systems to defend against these attacks, such as Cross-site request forgery (CSRF) tokens. Modern defenses are not likely to stop these attacks because new vulnerabilities are being discovered and exploited constantly. You are more in danger if you keep your default settings unchanged.

        Since there is no proper defense against these types of attacks, one should check their settings to make sure they're not on the default. Changing your settings makes it harder for attackers to gain access to your router, but it doesn't completely protect it. Security firms don't have a solution for these attacks yet, but hopefully they will have them in the near future. We are likely to see more of these attacks, which will be more global instead of it being mostly Brazilian users and companies. 

        Google opposed the Justice Department earlier this week when they proposed giving themselves more access to computer files and changing how warrants are approved for electronic data. Google stated their concerns and said that this decision should be left to the congress not the Justice Department. Rule 41 of the federal rules of criminal procedure allows judges to grant search warrants only when the crime occurs within their judicial district limit. The Justice Department's plan is to let judges grant search warrants outside their judicial district limits and when they are not sure where the computer is located.

        The rule change is too vague, and Google thinks that this would allow millions of American systems to be searched at once. The reason that Google wants it to go through congress is that it allows them to see if there are any violations of the Fourth Amendment. The Fourth Amendment "prohibits unreasonable searches and seizures and requires any warrant to be judicially sanctioned and supported by probable cause." The Justice Department rebutted, stating that those opposed to the change simply misread/misunderstanding the rule change. That it is just a small change to the current law in placed, that they will not be allowed to seize or search or any remote search that is not already allowed by current law. 

        Google, the only major tech firm to oppose, says that the law should be carried out by the congress. Google has stated that the Justice Department should "leave the expansion of the government's investigative and technological tools, if any are necessary or appropriate, to Congress." American Civil Liberties Union and other Privacy and civil-liberties groups agree with Google that this rule change is a threat to the Fourth Amendment. In the next couple of months, the rules committee will be making a decision on Rule 41. After the decision is made, it will be reviewed by the Supreme court and then by Congress. The Congress will have seven months to act of the proposal, either "reject, modify, or defer the rules". If they do not act on the proposal, it will enact automatically. 

        The accusations that Google made against the new proposal is not too far fetch. It is not news that a government organization abused their power, so what is to stop the Justice Department and other agencies from abusing this and violating the Fourth Amendment. We should pay attention to the new proposal for Rule 41 and see if there are any changes made that will be a threat to our privacy. I hope that the Congress actually looks closely at this proposal and not just let automatically get enacted. 

        Social Security numbers, date of birth and health care ID of millions of children were stolen from Anthem Inc's Database. This information will be used against these children for decades, as well as their parents since their information is linked together. Children's social security numbers are not monitored by  credit reporting agencies because the children are not using them, this makes them more valuable to the hackers. They are more valuable because it will take years for someone to realize that their identity has been stolen, probably when they turn 18 and try to apply for a loan, only to realize their credit has been ruined. Hackers will then use these numbers and combine them with someone else's information (name, birth date, address) to create a new ID. 

        It is up to the parents to look out for their child's information, looking out for warning signs. Warning signs include getting calls to collect debt in your child's name, your child receiving "adult" mail (pre-approved credit card offers, jury duty notices or parking tickets), getting bills for medical procedures that your child has not done, and getting noticed by the IRS that your child's name and/or social security number is on tax returns. Parents should check their children's credit at least once a year until they turn 18. Major credit bureaus, Equifax, Experian and TransUnion, allow parents to do this for free. If you find out that your child has credit, you should freeze their account and work with the credit  bureaus to remove false information. After your child turns 18, you need to contact the credit bureaus to get the freeze lifted. 

        In response to this large scale of ID theft, Anthem is offering services, such as free credit monitoring and identity theft repair assistance. This is available for current and former customers for two years and made available through AllClear ID. ChildScan is also available for members with children under 18, it is a free service that helps those whose children's IDs were stolen.

         Even if you are not a member of Anthem, you should keep an eye on your child's ID. Hackers will go after any weak point in a database, they don't care that stealing the IDs of children is unethical. There will definitely be more large scale identity theft hacks in the future. After this breach, there should be more security placed on the IDs of children, until then parents should keep vigilant. 

        Sony was hacked a few months back, but it might not be North Korea behind it as the United States government claims. Although North Korea benefited from this hack, it's more likely that it was an ex-Sony employee that directed the hack. Norse, a cyber security firm, is extremely confident that North Korea wasn't behind the attack. The reason is that the malware had absolutely no Korean in it, and the malware already had Sony credentials, server addresses and digital certificates. From that, it is reasonable to assume that an ex-Sony employee took part. 

        The FBI still insists that North Korea was the sole attacker, even though there is nothing to suggest that. As a result of this attack, a movie release was almost cancelled and the United States has changed its policies against North Korea. President Barack Obama has placed economic sanctions, barriers on trade and restriction of financial transactions, on North Korean officials and companies. Those in the cyber security community haven't come to a common conclusion, some side with the United States government and others with Norse. The problem with this investigation is that there is a lack of evidence on both sides. Many former Sony employees believe that this was an inside job and have expressed that it is easy for an employee to walk off with data because their security was not secure. Since they had a huge layoff last Spring, it is easy to believe that this was done my an angry ex-employee. 

        Since North Korea doesn't have the technology to hack on their own, they have to hire Chinese hackers. This adds to the difficulty of discovering where the hack originated. It would be easy for former Sony employees to either hire similar hackers or to disguise their hack as though it came from there. What makes me believe that it was former employees and not North Korea is the reaction from the United States government. The FBI was so quick to blame North Korea without a formal investigation, that it is possible that this is just an excuse for the United States to take action against North Korea. 

        The largest banking breach occurred this weekend, hackers made off with 1 billion dollars. According to Kaspersky Lab (a Russian security company), the hackers have accessed over 100 banks in 30 different countries all over the world since the end of 2013. The hackers used phishing schemes and other methods to gain access to the banks, such as monitoring employees using their computers. Using the knowledge that they gained at the bank, they would steal money without alerting their security systems. They would set up ATMs to dispense money at specific times, and they would set up fake accounts and have money transferred to them. After they stole 10 million dollars from one bank, they would move on to another. 

        This banking breach is usual for two reasons, the first reason is that they targeted the bank instead of their customers, and  secondly they were not interested in information, just the money. Most of the bank breaches occurred in Russia, the United States, Germany, China and Ukraine. Since Russian banks were the main victims of the breaches, it is very likely that the criminals are Russian speakers. Due to these breaches and many others, the White House is now paying more attention to cyber security. The Financial Services Information Sharing and Analysis Center want the congress to make it a state law that the banks have a 30 day window period to alert their customers of any breaches in their systems that compromises personal information. 

         Since the hackers have not been caught, we can expect later bank breaches to occur from the same group in the future. It is impressive how a group of hackers stole 1 billion dollars in slightly over one year without getting noticed. The hackers stole money so efficiently that banks all over the world are going to have to upgrade their security and change how they run their systems. In the near future, there will be more laws being placed in order to protect our private information and finances. 

       As Samsung reveals their new Smart TVs, it has come to light that there are privacy issues. Their voice recognition records your private conversations and passes them to a third-party, to review and improve the system. The voice recognition is designed for you to control the television without having to push a button. Even though the third-party is in control of improving voice recognition, but I doubt it will be limited to just them. Samsung claims that they are not selling the data, but how long will it be until the government start pressuring them into selling. Certainly, if a suspect of a crime owns one of these TVs, the police could get a warrant to gain this data.

       Of course you can always turn off the feature and disconnect the TV from the internet, but then what's the point of buying it in the first place. One can hook up third-party services and devices themselves to the Smart TV, which means any third-party device you connect could also gain access to the microphone. As stated in Samsung's Privacy Policy, "Samsung is not responsible for these providers’ privacy or security practices. You should exercise caution and review the privacy statements applicable to the third-party websites and services you use." This is acknowledging that at some time, data is going to be stolen or abused, and Samsung is just putting themselves out of harms way (lawsuits).

        We have already seen cameras on laptops and other devices get hacked, what's to prevent the microphone on the Smart TV getting hacked? As time progresses, it won't surprise me if this becomes an issue, I'll be sure to look out for any attacks such as this. Customers are told not to worry if they are not doing anything illegal or don't work with sensitive information, but how long will it take to escalate.  As technology improves and the laws surrounding cyber privacy will have to improve as well, hopefully within the next 10 years.