Category Archives: STUDIES REPORTS PAPERS

Oversight of Australia’s intelligence agencies

The Parliamentary Joint Committee on Intelligence and Security has today fulfilled one of its key statutory oversight responsibilities with the tabling of its review into the administration and expenditure of the Australian intelligence agencies for the 2015–16 financial year.

The Committee concluded that the six agencies making up the Australian Intelligence Community are overseeing their administration and expenditure appropriately.

On presenting the report to the Parliament, the Committee Chair, Mr Andrew Hastie MP, highlighted the changing security environment in which the agencies work. This includes ongoing challenges in relation to terrorism, communal violence, border integrity, espionage and foreign interference.

“Agencies have continued to respond to the changing security environment”, Mr Hastie said. “The Committee has previously noted its concerns about the constant resourcing pressure on agencies as they carry out their work to secure the Australian people and our interests.”

He added, “During the period, agencies benefited from additional funding under a range of new funding measures. As the Committee notes in its report, both ASIO and ASIS were provided with additional funding by the Government to support their operations and strengthen their capacity to meet strategic priorities. These measures are welcomed by the Committee as they will offset some of the resourcing pressures on the agencies. The Committee will continue to monitor the resourcing of both agencies in future reviews.”

The six agencies of the Australian Intelligence Community are the Australian Security Intelligence Organisation (ASIO), the Australian Secret Intelligence Service (ASIS), the Office of National Assessments (ONA), the Australian Signals Directorate (ASD), the Australian Geospatial-Intelligence Organisation (AGO), and the Defence Intelligence Organisation (DIO).

Through its review, the Committee received comprehensive submissions and conducted private hearings with each of the agencies. The Committee also took evidence from the Australian National Audit Office and the Inspector-General of Intelligence and Security.

Further information about the inquiry, including the Committee’s report, can be accessed via the Committee’s website at http://www.aph.gov.au/pjcis.

www.ozrural.com.au

Henry Sapiecha

Survey: Aussies concerned about online privacy yet don’t use privacy tools

Despite growing concerns over online privacy, Australians are not using readily available methods to protect themselves online, according to the Australian Information and Privacy Commissioner.

This finding was revealed through the 2017 Australian Community Attitudes to Privacy survey, which found that 69 per cent of Australians felt more concerned about their online privacy than they did five years ago.

It also found 83 per cent of participants believed privacy risks are greater online than offline.

However, despite these concerns, the survey found Australians are not using existing privacy tools to adequately protect themselves online.

Australian Information and Privacy Commissioner Timothy Pilgrim said both individual responsibility and better business practice both played a part in ensuring best privacy protection.

He said although more Australians are aware of the privacy risks, this awareness need to shift into action where already available tools are used to safeguard personal information.

“While 61 per cent of us check website security, our results found that over 65 per cent of Australians do not read privacy policies, and half do not regularly adjust privacy settings on social media, or clear their browsing history,” Pilgrim said.

“These are options that we can all use to better protect our privacy. If you are shopping or socialising online, I encourage you to take the time to protect your privacy first.”

Pilgrim said more can be done by businesses to make privacy easy for customers to manage.

“Those long-winded privacy notices and complex settings need to be replaced by clear language and point-in-time notifications,” he said.

“Some are doing this well, but others need to lift their game, because our survey shows the majority of Australians have decided not to deal with a business due to privacy concerns.”

The survey found Australians believe the biggest risks to privacy are online services including social media (32 per cent), identity fraud and theft (19 per cent), data breaches and security (17 per cent) and risks to financial data (12 per cent).

It also showed participants are uncomfortable with businesses sharing their personal information with other organisations and concerned about companies sending their personal information overseas.

www.scamsfakes.com

www.crimefiles.net

Henry Sapiecha

US wiretap numbers still don’t add up, and nobody knows why

Verizon, AT&T, T-Mobile, and Sprint reported almost three-times the number of wiretaps that were listed in the government’s official report.

Red vintage telephone, metaphor/symbol for a wide variety of concepts. Copy space.

There’s a huge difference between the number of wiretaps reported by the US courts and the number of wiretaps responded to by US phone companies.

Last month, the US Courts’ Administrative Office said the number of wiretaps authorized in 2015, which allow the authorities real-time access to communications, stood at 4,148 wiretaps, up by 17 percent from a year ago. Not a single wiretap request was rejected during the year.

But that figure doesn’t make sense when you look at how many government data demands were processed by the big telcos.

Verizon, AT&T, T-Mobile, and Sprint responded to 11,633 wiretaps during the year — almost a threefold increase over the government’s annual wiretap report. (T-Mobile alone said in its latest transparency report that it received hundreds more wiretaps than the government’s official tally.)

And that’s just the cell networks — the difference is likely far larger when you account for landlines and internet companies.

So how many wiretaps were authorized last year? Nobody can explain the discrepancy.

upload-wiretaps-chart-graph image www.intelagencies.com

This isn’t even the first time the numbers come under scrutiny.

Albert Gidari, a former leading privacy lawyer who now serves as director of privacy at Stanford Law School’s Center for Internet and Society, was first to notice a difference in the numbers. In the previous 2014 wiretap report, he noticed a twofold inconsistency between what the courts reported and what the cell giants reported.

In a blog post a year ago, he analyzed the numbers. Even taking into account the complexities of run-on and extended wiretaps, Gidari said the numbers still don’t add up.

He told me on Tuesday — a little over a year later — he still can’t figure it out.

“No one seems to have an adequate explanation,” he said.

When reached for comment, a spokesperson for the Administrative Office explained, “numerous wiretap authorizations are not reported… in the year they expire because investigations are ongoing.” The spokesperson also said it’s possible that “one wiretap order can include multiple devices, therefore, the total number of devices tapped is likely to be greater than the number of orders issued.” Also, if wiretap applications are granted but require an extension, the courts will not report the orders until after they expire.

That might apply to a few stray wiretap requests, but Gidari said that it wouldn’t come close to explaining the threefold margin of error.

“It is inexplicable even considering that carriers may each have received an order that covered four different devices on four different carrier networks,” he said. “But for that to explain it, every order would have to have at least three devices covered on three carrier networks to explain the numbers.”

“Transparency is supposed to be about making it clearer, not more obscure or obtuse,” he said.

Beautiful_Russian_4_300_250

Henry Sapiecha

Hidden ‘backdoor’ in Dell security software gives hackers full access

The critical flaw gives an attacker ‘full control’ of all connected devices

backdoor-black-white i9mage www.intelagencies.com

Security researchers are warning Dell security management software admins to patch their systems after finding six high-risk vulnerabilities.

One of the highest-rated “critical” flaws involves a hidden default account with an easily-guessable password in Dell’s Sonicwall Global Management System (GMS), a widely-used software used to centrally monitor and manage an enterprise’s array of networked security devices.

The vulnerability could allow an attacker “full control” of the software and all connected appliances, such as virtual private networking (VPN) appliances and firewalls.

The flaws were detailed in an advisory posted by researchers at Digital Defense, a Texas-based firm that has a commercial stake in the vulnerability scanning business.

However, there’s no evidence to suggest the flaws have been actively exploited by attackers, the researchers said.

Dell acknowledged the flaws affect the most recent versions of the GMS software — versions 8.0 and 8.1 — and issued patches. In a security advisory, the company said it “highly recommends” that admins install the hotfix, available from its support pages.

A Dell spokesperson was unavailable for comment.

XCC

Henry Sapiecha

 

Top secret 9/11 report released into Saudis involvement in September 11 terrorist attacks

UNDER wraps for 13 years, the US has released once-top secret pages from a congressional report into 9/11 that questioned whether Saudis who were in contact with the hijackers after they arrived in the US knew what they were planning.

The newly declassified document, with light redactions, names people the hijackers associated with before they carried out the attacks, killing nearly 3000 people in New York, Washington and on a plane that crashed in Pennsylvania. It identifies individuals who helped the hijackers get apartments, open bank accounts, attend local mosques and get flight lessons. Fifteen of the 19 hijackers were Saudi nationals and several were not fluent in English and had little experience living in the West.

Later investigations found no evidence that the Saudi government or senior Saudi officials knowingly supported those who orchestrated the attacks. But politicians and relatives of victims, who don’t think all Saudi links to the attackers were thoroughly investigated, campaigned for more than 13 years to get the final chapter of the 2002 congressional inquiry released.

top secret pages from a congressional report into 911 image www.intelagencies.com

A section of one of the 28 pages from the once-top secret pages from a congressional report into 9/11 that questioned whether Saudis who were in contact with the hijackers after they arrived in the U.S. Picture: AP

Saudi Arabia has called for the release of the chapter since 2002 so the kingdom could respond to any allegations and punish any Saudis who may have been involved in the attacks.

“Since 2002, the 9/11 Commission and several government agencies, including the CIA and the FBI, have investigated the contents of the ‘28 pages’ and have confirmed that neither the Saudi government, nor senior Saudi officials, nor any person acting on behalf of the Saudi government provided any support or encouragement for these attacks,” Abdullah Al-Saud, Saudi Arabia’s ambassador to the United States, said in a statement. “We hope the release of these pages will clear up, once and for all, any lingering questions or suspicions about Saudi Arabia’s actions, intentions, or long-term friendship with the United States.”

“Saudi Arabia is working closely with the United States and other allies to eradicate terrorism and destroy terrorist organisations,” he said.

Flight 175 closes in on World Trade Center Tower 2 in New York, just before impact image www.intelagencies.com

FAmerican Airlines Flight 175 closes in on World Trade Center Tower 2 in New York, just before impact. Picture: AP

House intelligence committee Chairman Devin Nunes said that while he supported the release, “it’s important to note that this section does not put forward vetted conclusions, but rather unverified leads that were later fully investigated by the intelligence community.”

However, others — including Former Florida Senator Bob Graham, the co-chairman of the congressional inquiry — believe the hijackers had an extensive Saudi support system while they were in the United States.

Mr Graham has said that the pages “point a very strong finger at Saudi Arabia as being the principle financier.”

Former US President George W. Bush classified the chapter to protect intelligence sources and methods, although he also probably did not want to upset US relations with Saudi Arabia, a close US ally.

Two years ago, under pressure from the families of those killed or injured on September 11, and others, US President Barack Obama ordered a declassification review of the chapter.

Director of National Intelligence James Clapper conducted that declassification review and transmitted the document to Congress, which released the pages online a day after Congress recessed ahead of the national political conventions.

Several investigations into 9/11 followed the congressional inquiry, which released its report — minus the secret chapter — in December 2002. The most well-known investigation was done by the 9/11 Commission, led by Republican. Tom Kean and Democrat Lee Hamilton.

Smoke billows from World Trade Center Tower 1 and flames explode from Tower 2 as it is struck by American Airlines Flight 175, in New York image www.intelagencies.com

Smoke billows from World Trade Center Tower 1 and flames explode from Tower 2 as it is struck by American Airlines Flight 175, in New York. Picture: AP

Mr Kean and Mr Hamilton said the 28 pages were based almost entirely on raw, unvetted material that came to the FBI. They said the material was then written up in FBI files as possible leads for further investigation.

They said the commission and its staff spent 18 months investigating “all the leads contained in the 28 pages, and many more.”

The commission’s 567-page report, released in July 2004, stated that it found “no evidence that the Saudi government as an institution or senior Saudi officials individually funded” al-Qaeda. “This conclusion does not exclude the likelihood that charities with significant Saudi government sponsorship diverted funds to al-Qaeda.”

Some critics of the commission’s work say the commission failed to run down every Saudi lead and say various agencies obstructed its work. Mr Kean and Mr Hamilton also complained that various government agencies withheld relevant information.

Saudi minister says 9/11 report exonerates kingdom

RTJYT

Henry Sapiecha

Australia’s bungling spies dialled wrong numbers and bugged wrong phones

red phone off hook image www.intelagencies.com

ASIO bugged the wrong phone line during an exercise but realised the error after seven minutes.

Australia’s secret intelligence organisations made a string of bungles during the past financial year, according to the annual report by their watchdog.

In one case, the domestic spy agency ASIO bugged the wrong phone, while other officers risked penalties for impersonating Commonwealth officers when trying to give themselves so-called “light-cover” stories to hide their real jobs.

ASIO agents handed out the wrong phone number to the targets of search warrants executed on numerous homes across Sydney last year.

Margaret Stone, former federal court judge who has delivered her first report on Australia's spy agencies as the new Inspector General of Intelligence and Security image www.intelagencies.com

Margaret Stone, former federal court judge who has delivered her first report on Australia’s spy agencies as the new Inspector General of Intelligence and Security. Photo: Tanya Ingrisciano

In separate incidents, Australia’s foreign spy agency, ASIS, sent private information about Australian citizens to foreign intelligence organisations without permission. It also spied on Australians without ministerial authorisation, had officers fire weapons they were not authorised to do and was chided about official record keeping.
Advertisement

The report is the only view the public usually gets inside the secretive agencies known collectively as the Australian Intelligence Community unless there is a specific inquiry.

The annual snapshot was delivered by the new Inspector of Intelligence and Security, Margaret Stone, a former Federal Court judge. Ms Stone has replaced Dr Vivienne Thom, who has finished her five-year contact.

It shows that there were 496 complaints received across the agencies. Of those, 473 were about delays in visa-related security assessments by ASIO. The number was down slightly on the 2013-2014, when there were 504 complaints, of which 487 were related to visa-related security assessments.

Reviewing the highlights of the year, the report said the IGIS had designed and implemented new oversight programs as a result of the federal government’s national security legislative reform program, which has given the intelligence agencies new powers.

“The changes required a re-prioritisation of our work program and a comprehensive revision of existing inspection methodology to focus on the use of the new powers and higher risk activities,” the report said.

Dr Thom spoke at the International Intelligence Review Agency Conference in London in 2014 about how oversight regimes needed to be more transparent to enhance public credibility.

The annual report said that many agencies had since moved to develop outwardly-focused media strategies and explore ways of informing the public about their work. However, “the challenge of ensuring that oversight is transparent continues in Australia”, the report said.

The report revealed a target of an ASIO entry and search warrant had complained that ASIO had given the household the wrong phone number and after an investigation ASIO confirmed that an “incorrect phone number was inadvertently given to individuals at all the Sydney addresses where search warrants were executed on that date”. ASIO later corrected the error.

ASIO also bugged the wrong phone line during an exercise but realised the error after seven minutes. The report found no communications were intercepted or recorded and ASIO has established more stringent procedures and advice for staff to stop any future errors.

A major inquiry into its sister agency ASIS found it had sent intelligence information to foreign spy agencies without permission and without the application of privacy rules on seven separate occasions. It was also found to have spied on two Australians without the required ministerial authorisation.

There was also a deficiency in training for ASIS officers regarding firing of weapons in training without approvals.

“A very significant number of ASIS officers had fired weapons they were not authorised for, either once or on several occasions … indicating a widespread lack of understanding about the legal requirements.”

The report said that ASIS senior management had accepted a raft of recommendations and “demonstrated a strong commitment to reform”.

An inspection report into the so-called “light cover” used by ASIO and ASIS officers to conceal their employment identified four areas of potential concern: risk of penalties for impersonating a Commonwealth officer when using an alternative government department as their cover; court appearances; dealing with police; and obtaining private insurance policies.

Since the report ASIO has finalised its light-cover policy and both ASIO and ASIS have “sought to identify suitable life insurance options for their staff”

Read more: http://www.smh.com.au/national/wrong-number-wrong-phone-australias-bungling-spies-20151217-glqjjy.html?eid=email:nnn-13omn656-ret_newsl-membereng:nnn-04/11/2013-news_am-dom-news-nnn-smh-u&campaign_code=13INO010&et_bid=25741951&promote_channel=edmail&mbnr=MTA5MTAwMDU#ixzz3uobjFOpV
Follow us: @smh on Twitter | sydneymorningherald on Facebook

WHITE PAPER SECURITY DOCUMENTS FOR YOU TO DOWNLOAD HERE

dossier-blog

 

ooo

Henry Sapiecha

 

AUSTRALIAN GOVERNMENT REPORT ON BIG TIME FRAUD & SCAMS IN AUSTRALIA

AUSTRAC’s 2014 typologies report is the eighth in the report series.

typ14-cvr image www.intelagencies.com

The 2014 report includes 20 real-life case studies showing how legitimate services offered by Australian businesses have been exploited for criminal purposes, including international drug smuggling operations, people smuggling and human trafficking syndicates and sophisticated overseas tax evasion schemes. By highlighting past examples of criminal activity, the report educates businesses on their money laundering and terrorism financing risks and helps them recognise and mitigate these risks.

Check it out here >>typologies-report-2014

ooo

Henry Sapiecha

Typologies and case major crime studies report 2013 in Australia

 AUSTRAC takes action against three reporting entitiesAUSTRAC has taken enforcement action against MoneyGram, FNF First National Finance and Canberra Southern Cross Club.

MoneyGram

A record fine against MoneyGram, one of the world’s largest remittance network providers, was issued for systemic contraventions of Australia’s anti-money laundering and counter-terrorism financing laws.The fine brings the total fines paid by MoneyGram to almost half a million dollars.The fines were for providing money remittance services through unregistered remittance businesses.

Read the MoneyGram media release.

FNF First National Finance

The cancellation of Sydney-based remitter, FNF First National Finance, was issued due to significant money laundering or financing of terrorism risk. FNF was identified through the Eligo National Taskforce, which focuses on alternative remittance services and serious and organised crime. AUSTRAC plays an important role in the taskforce alongside other agencies.

Read the FNF First National Finance media release.

Canberra Southern Cross Club

AUSTRAC has required Canberra Southern Cross Club Limited to appoint an external auditor to assess and help improve its compliance with anti-money laundering and counter-terrorism financing laws. The notice follows an assessment by AUSTRAC that the club had extensive, longstanding, systemic and serious non-compliance with the AML/CTF Act and AML/CTF Rules. AUSTRAC’s concerns included that CSCC had:

  • an inadequate AML/CTF Program
  • no transaction monitoring program
  • significantly deficient customer identification procedures.

Read the Canberra Southern Cross Club media release.

AUSTRAC CEO, Paul Jevtovic reinforced the stance that AUSTRAC takes its role in combating money laundering and terrorism financing very seriously and we will not hesitate to take enforcement action where appropriate.


 Real estate agents and lawyers vulnerable to money laundering riskAUSTRAC has released two new reports to help Australian businesses identify money laundering methods used through real estate agents and legal practitioners.

AUSTRAC is Australia’s primary source of financial intelligence, providing expertise and global leadership on financial intelligence matters.

The reports provide information about money laundering methods, business vulnerabilities and indicators that a person is laundering the proceeds of crime.

Criminals are drawn to real estate investment in Australia because it can be purchased in cash, offers reliable financial returns and its ownership can be disguised.

Lawyers can also be used to facilitate the movement of illicit funds through their trust accounts and to invest in real estate.

AUSTRAC shares knowledge of money laundering methods and associated indicators to help businesses detect and mitigate attempts to launder the proceeds of crime.

Suspicious Matter Reports (SMRs) are an important tool in detecting, disrupting and deterring crime.

Businesses concerned that a person might be undertaking a suspicious transaction can lodge an SMR with AUSTRAC or call the AUSTRAC Contact Centre on 1300 021 037.


 Case Study: AUSTRAC information helps unravel $30 million construction fraudAUSTRAC information assisted law enforcement to investigate a network involved in defrauding a university of over AUD30 million.

Directors of construction companies and managers at the university were complicit in a large fraudulent invoice scheme. The managers approved the payment of highly inflated invoices from the construction companies, as well as approving invoices for work that was never undertaken.

Directors of the construction companies laundered the profits from the fraud by purchasing racehorses and property.The managers at the university were repaid with kickbacks or direct shares in racehorses.

AUSTRAC assisted law enforcement by investigating international funds transfer instructions (IFTIs) undertaken and received by associates of the suspects.

The associates were identified as accounting firms.It was discovered that funds were sent to many countries including New Zealand, Canada, Hong Kong and the USA.

The accounting firms also received a large number of IFTIs from various overseas entities that were similar in value to the amounts the firms had sent overseas. Authorities suspected that the accounting firms were laundering the funds on behalf of the suspects as part of a professional money laundering syndicate.

Authorities also believed that the money laundering was an attempt by the directors of the construction company to hide or disguise the ownership of property.

The directors distanced themselves from the racehorses by having the ownership of the horses held in the names of associates. The associates then returned any profits generated by the horses back to the directors.

The members of the network were arrested and convicted on a variety of charges, including conspiracy to defraud, obtaining property by deception, theft, aiding and abetting receipt of a secret commission and furnishing false information.

Ultimately, law enforcement laid more than 2,000 charges against the suspects. The suspects received penalties ranging from fines to six-and-a-half years imprisonment.

 Case Study: AUSTRAC information helps unravel $30 million construction fraudAUSTRAC information assisted law enforcement to investigate a network involved in defrauding a university of over AUD30 million.

Directors of construction companies and managers at the university were complicit in a large fraudulent invoice scheme. The managers approved the payment of highly inflated invoices from the construction companies, as well as approving invoices for work that was never undertaken.

Directors of the construction companies laundered the profits from the fraud by purchasing racehorses and property.The managers at the university were repaid with kickbacks or direct shares in racehorses.

AUSTRAC assisted law enforcement by investigating international funds transfer instructions (IFTIs) undertaken and received by associates of the suspects.

The associates were identified as accounting firms.It was discovered that funds were sent to many countries including New Zealand, Canada, Hong Kong and the USA.

The accounting firms also received a large number of IFTIs from various overseas entities that were similar in value to the amounts the firms had sent overseas. Authorities suspected that the accounting firms were laundering the funds on behalf of the suspects as part of a professional money laundering syndicate.

Authorities also believed that the money laundering was an attempt by the directors of the construction company to hide or disguise the ownership of property.

The directors distanced themselves from the racehorses by having the ownership of the horses held in the names of associates. The associates then returned any profits generated by the horses back to the directors.

The members of the network were arrested and convicted on a variety of charges, including conspiracy to defraud, obtaining property by deception, theft, aiding and abetting receipt of a secret commission and furnishing false information.

Ultimately, law enforcement laid more than 2,000 charges against the suspects. The suspects received penalties ranging from fines to six-and-a-half years imprisonment.

LOT MORE HERE BELOW OF BIG TIME SCAMS & FRAUD-CLICK ON typ13_full

The 2013 report includes 23 real-life case studies showing how legitimate services offered by Australian businesses have been exploited for criminal purposes, including for drug trafficking, child exploitation, fraud and tax evasion. By highlighting past examples of criminal activity, the report educates businesses on their money laundering and terrorism financing risks and helps them recognise and mitigate these risks.

The full case study (#5) is available in the typ13_full. It includes a diagram of the different money laundering methods used in the case. 

VIEW EARLIER RPORTS HERE BELOW

Typologies and case studies report 2012

View the report below or download the full PDF here:

AUSTRAC typologies and case studies report 2012 (PDF, 2.3MB)

AUSTRAC’s 2012 typologies report is the sixth in an annual series of reports produced by the agency.

The 2012 report includes 21 real-life case studies illustrating how legitimate services offered by Australian businesses have been exploited for criminal purposes. By highlighting these past examples of criminal activity, the report educates Australian businesses about their money laundering and terrorism financing risks and helps them recognise and mitigate these risks.


Typologies and case studies report 2011

View the report below or download the full PDF report here:

AUSTRAC typologies and case studies report 2011 (PDF, 3.6MB)

AUSTRAC’s 2011 typologies report is the fifth in an annual series of reports produced by the agency.

The 2011 report includes 20 real-life case studies illustrating how legitimate services offered by Australian businesses have been exploited for criminal purposes. By highlighting these past examples of criminal activity, the report educates Australian businesses about their money laundering and terrorism financing risks and helps them recognise and mitigate these risks.

If you have any feedback about AUSTRAC’s typologies and case studies reports, or ideas for future topics, please email INTEL_TYPOLOGIES@austrac.gov.au.

Typologies and case studies report 2010

View the report below or download the full PDF report:

AUSTRAC typologies and case studies report 2010 (PDF, 4MB)

The AUSTRAC typologies and case studies report 2010 is the fourth in a series of reports AUSTRAC has produced to educate Australian businesses about their money laundering and terrorism financing risks, and assist them to recognise and guard against these risks in the future.

The 2010 report includes 31 real-life case studies illustrating how Australian businesses have been misused by criminals to commit a range of serious offences, including drug importation and trafficking, identity fraud, and money laundering.

If you have any feedback about AUSTRAC’s typologies and case studies reports, or ideas for future topics, please email INTEL_TYPOLOGIES@austrac.gov.au.

ooo

Henry Sapiecha

Cyberattacks Increasingly Rapid and Deceptive: Symantec

Aspire-Hero-image www.intelagencies.com

In 2014, cybercriminals, using increasingly rapid and deceptive attacks, targeted the financial sector to stole massive amounts of data from major institutions, according to Mountain View, Calif.-based Symantec’s Internet Security Threat Report.

Other highlights: Twenty percent of financial, insurance and real estate companies were at risk of spear-phishing attacks in 2014, similar to the 2013 rate; 30% of finance workers were targeted with spear-phishing attacks, where emails were frequently sent requesting payment by credit card or the completion of a wire transfer; and, financial information was the fourth most common type of information exposed in 2014.

“Attackers don’t need to break down the door to a company’s network when the keys are readily available,” Kevin Haley, director, Symantec Security Response said in a release. “We’re seeing attackers trick companies into infecting themselves by ‘Trojanizing’ software updates to common programs and patiently waiting for their targets to download them—giving attackers unfettered access to the corporate network.”

In a record-setting year for zero-day vulnerabilities, Symantec research revealed that it took software companies an average of 59 days to create and roll out patches. That was up from only four days in 2013. Attackers took advantage of the delay and, in the case of Heartbleed, exploited the vulnerability within four hours.

Meanwhile, advanced attackers continued to breach networks with highly-targeted spear-phishing attacks. What makes last year particularly interesting is the precision of these attacks, which used 20% fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits.

Email remains a significant attack vector for cybercriminals, but they continue to experiment with new attack methods across mobile devices and social networks to reach more people, with less effort.

In a separate announcement the Department of Homeland Security, in collaboration with Interpol and the FBI, released a Technical Alert to provide further information about the Simda botnet that has compromised more than 770,000 computers worldwide with a self-propagating malware since 2009. A system infected with Simda may allow cyber criminals to harvest user credentials, including banking information; install additional malware; or cause other malicious attacks. The breadth of infected systems allows Simda operators flexibility to load custom features tailored to individual targets.

Recommended actions to remediate Simda infections include use and maintain anti-virus software, change, keep operating system and application software up-to-date, and use anti-malware tools.

ooo

Henry Sapiecha