We have so many options for backing up our data nowadays: external hard-drives, CDs, USB memory sticks, SD cards, online storage (see http://Dropmysite.com to learn how to safeguard your website and database with automatic backups in the cloud), and multiple devices with vast memories – but it wasn’t always this way. retraces the history of backing up from the advent of ‘modern’ computing through to today’s supercomputers.
Recent Updates Toggle Comment Threads | Keyboard Shortcuts
The FBI is trying to determine if financial institutions funded a revenge strike on a cybercrime group in Iran, according to Bloomberg.
- Spotlight on JP Morgan
- Fear of the unknown
- Bloomberg’s sources & their message
- The question of the hack-back
- Counterattack is not a fix.
Spotlight on JP Morgan
The Federal Bureau of Investigation is currently trying to determine if any American banks organized or financially supported the breach of an Iranian hacking coalition that experts think was responsible for a 2013 hack wave against US financial firms. The news on this FBI case broke right at the end of December, first via the Bloomberg news service and subsequently by Damon Poeter in PC Magazine.
Bloomberg, which printed the story based on anonymous tips, did not list the names of individual banks but did provide a somewhat glaring hint, mentioning that JP Morgan leadership “advocated such a move in a closed meeting in February 2013.”
In response to claims, the financial giant has said that “no action was ever taken.”
Bloomberg argued that for-profit enterprises, increasingly targeted by data thieves, have started to ignore legal web restrictions in order to get access to the attackers’ systems and grab their information — although assumedly it is backed up in secondary locations — possibly also derailing the hackers.
Fear of the unknown
The possibility of being devastated with a humiliating and expensive hack, as occurred to Sony Pictures, is making security executives at Fortune 500 companies jumpy. Some organizations are irritated that the public sector isn’t stepping in to defend their data from theft.
Feeling that they have no other choice, enterprises are considering more “Wild West” tactics that step beyond protection into the realm of the counterattack.
Some firms are hiring computer security companies to help them develop strategies to render the hackers’ machines dysfunctional or to snoop within overseas servers to determine the extent of data and trade secrets taken by criminal syndicates.
These acts of revenge by corporations that have been infiltrated by outside groups are possibly already occurring, said Republican Congressman Michael McCaul of Texas, chairman of the Homeland Security Committee. These firms may be attacking hacker networks “without getting permission” from federal authorities, Rep. McCaul said.
Bloomberg’s sources & their message
The news service spoke with 12 different IT security experts and former federal agents who said that there is a growing, generally tacit sense of stress within IT departments following the Sony Pictures breach.
Many feel that law-enforcement officials have failed to respond appropriately as financial institutions, e-commerce sites, entertainment resorts, utilities, and production facilities have been invaded by overseas assailants. American for-profit organizations don’t have obvious avenues to “punch back” when they are blindsided by hackers.
Hacking represent a $575 billion expense for businesses and governments worldwide, per a June report from McAfee codeveloped with the Center for Strategic & International Studies. Counterattacks are a growing but atypical element of the climate that is still not a major focus for the data protection industry, which Gartner forecasts will achieve revenues of almost $80 billion in 2016.
The question of the hack-back
“The idea of hacker-on-hacker justice raises thorny questions,” explains Bloomberg, “including when U.S. companies can legally order international strikes on their behalf.”
Plus, it’s unclear what exactly the penalties would be for going after cybercriminals who are possibly funded, directly or indirectly, by the foreign governments of North Korea (Sony Pictures suspect), Iran (JP Morgan suspect), China (Anthem suspect), or Russia (US State Department suspect).
The concept of a counterattack was highlighted in the public eye when Obama said that the United States would go after North Korea’s technological infrastructure in response to the Sony incident – an attack that cleaned out proprietary information, including clips from released films and emails between top executives. The strike, which many believe was an occupation lasting over six months, came across as borderline demonic by including an image of a red skeleton on employee computers the day that the malware conducted its final strip-down of the studio’s systems.
Within the week, North Korea was having problems with web connectivity. The White House did not publicly confirm that the United States was involved. Keep in mind, all of this was caused by a truly awful movie that many people felt bad about watching.
“Sony represents a dramatic escalation — one so punitive in nature that I think it does change the equation,” argued Tom Kellermann, the top security executive at Trend Micro, a web security outfit headquartered in Japan. The company recommends that victims should NOT take retaliatory action when they get hacked.
Actually, JP Morgan is not alone if it’s true that they talked about countermeasures but did not actually launch an attack. Kevin Mandia, the head of hacking analysis firm Mandiant, noted that a sizable percentage of organizations talk about retaliation; but very few strike back, fearing that they could start a hacking war with the intruders.
Counterattack is not a fix
The notion of the street justice of a counterstrike might sound exciting. Tales of revenge are captivating, after all. However, the real concern is making sure that all data is safely secured in multiple locations.
Safeguard your website and database now with our automatic backups, featuring military-grade encryption and other enterprise-level protections.
RELATED: Global banks are getting frustrated for a reason: a multinational hacking group has successfully stolen up to $1 billion from them [link to “Report: Cybercriminals Make Millions with Malware & Mimicry”].
A new variant of router malware has been discovered by Ara Labs, and it is designed to inject ads and pornography into websites. The malware modifies the router’s DNS settings to intercept Google Analytics tags and replace them with malicious content.
The malware variant is easily finding its way into routers due to the fact that many owners do not change their router’s login credentials. It can also send unauthenticated configuration requests to certain #devices that are vulnerable to an #attack.
Proactive updates are the best protection – you should ensure that your router’s firmware is fully patched, and change your default credentials as soon as possible.
Toward the end of 2013, an ATM in the Ukrainian capital began to spit out money on various occasions – without any direct human input. People were seen on Kiev security footage gathering up the cash, but it appeared to be individuals who just happened to walk by at the time. That was not the case.
- The role of malware
- The role of mimicry
- Kaspersky highlights banks as criminal cash cows
- Getting the money – three scenarios
- Making sure your data is protected.
The role of malware
Experts from esteemed anti-malware company Kaspersky Lab were brought in to analyze the bank’s systems, and they revealed that the ATM was only the tip of the iceberg: “The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move,” reported the New York Times.
As with the breaches of Sony and Anthem, hackers were inside the bank’s system for months. Using the malicious application, they delivered video streams and photos to an international criminal enterprise consisting of Europeans (especially Ukrainians), Chinese, and Russians. The visual information allowed the hackers to better understand the institution’s day-to-day operations and security mechanisms.
The role of mimicry
Once the crime syndicate collected sufficient information, they began to mimic the behavior of the company’s personnel. Using these techniques repeatedly, they distributed payouts through ATMs and sent millions from banks around the world – the US, the Netherlands, Switzerland, Russia (the hardest-hit country), and Japan – to fraudulent accounts outside their borders.
As of February 14, the total take is estimated at between $300 million and $900 million, but they continue to accrue more cash every day.
Malicious software named Carbanak is standardly emailed to a target firm’s workforce. If an employee falls for the phishing scheme, the hackers are often able to access the admin server.
The malware subsequently loads additional applications onto the central machine, which expand the hackers’ surveillance methods with keyloggers and image-capturing capabilities, while making it possible to manipulate bank data via an external server.
The three methods used by the criminals to collect funds are:
- Sending cash to fake accounts
- Delivering cash to illegitimate foreign accounts through web money-transfer portals
- Directing cash machines to pour out money at preset times.
Kaspersky Lab provided information about the series of attacks to the Times before publishing an announcement and alert on its own site – explored below. Actually, the information on the Kaspersky site suggests that the thieves stole even more than originally estimated, a total of $1 billion from over 100 financial firms in almost 3 dozen countries.
NDAs prevent Kaspersky from revealing the banks that were breached by the hacker group.
A federal investigation will soon be underway in the United States. Both the President and the FBI have received detailed descriptions of the intrusions, but both offices have withheld comment until they have time to fully process the information and determine the extent of the damage.
Kaspersky highlights banks as criminal cash cows
According to a Kasperky post issued two days after the Times story, the anti-malware firm worked with Interpol, Europol, and various other agencies from around the world on its investigation. The brief noted that thefts of money have occurred over the course of the past two years. The crime syndicate, also (like the malware) referred to as Carbanak, benefited from a coordinated, integrated effort that drew on tactics from disparate breach efforts to refine its overall strategies.
“The plot marks the beginning of a new stage in the evolution of cybercriminal activity,” argues Kaspersky ominously, “where malicious users steal money directly from banks, and avoid targeting end users.”
Hackers have made away with as much as $10 million per incident. Typically the heists are stretched out over the course of 60 to 120 days, a timespan that starts with initial malware deployment and ends with the cash in criminal hands.
The hackers email bogus links to users, individually customized, to get them to provide their login credentials or download a fraudulent program – an increasingly popular, sophisticated version of phishing called spear phishing.
Getting the money – three scenarios
Once the banks complete the surveillance phase of the attacks, here is how they get the cash:
Scenario one – The hackers use web-based money transfer portals to shift the cash from the bank and into the external account they have established. Typically the funds are received by accounts located in the United States or China.
Scenario two – The hackers break directly into the bank’s bookkeeping program, bump up the dollar amounts associated with individual accounts, and then withdraw the money. For instance, they might boost an account with $20,000 to $30,000, then remove the extra $10,000. The bank customer who owns the account doesn’t sense a problem because the cash is stolen directly from the bank.
Scenario three – Cash machines are used as described above.
Making sure your data is protected
The alert from Kaspersky stated that the company “urges all financial organizations to carefully scan their networks for the presence of Carbanak and, if detected, report the intrusion to law enforcement.”
Banks are known for investing large amounts into security since protecting the funds of the institution is essential to their survival and success. This report demonstrates that they are far from immune to infiltration.
What if your own site is hacked? Safeguard your website and data now with our automatic backups that utilize military-grade encryption.
RELATED: Don’t worry. The banks aren’t sitting around twiddling their thumbs. In fact, they are counterattacking the hackers [Follow-up piece coming soon…].
An Uber log-in can not only be used to rack up fraudulent trips, but would also give access to the user’s travel history, exposing home addresses. An account also contains partial credit card information.
Uber said the log-ins might have been lifted by either breaking weak passwords, or by trying passwords exposed in other data breaches.
“This is a good opportunity to remind people to use strong and unique usernames and passwords, and to avoid reusing the same credentials across multiple sites and services,” Uber said.
The company’s data security has made headlines in recent months. In late February, it came out that the personal information of up to 50,000 drivers had been compromised during a May 2014 breach.
The 2014 hack is not related to the current rash of Uber log-ins for sale, the company said.
Contd…Hack Stats Hit All-Time High in 2014 – Trends & Analysis
The 2014 PandaLabs Annual Report looks at major hacks, such as Target and Adobe, to better understand the changing threat landscape – with a special focus on mobile.
- Hack stats for 2014
- Checkout lines, source code & EOL
- Special focus on mobile
- Time to get serious.
Hack stats for 2014
The rise was in the number of never-before-seen malware strains, which rose from 30 million to 75 million between 2013 and 2014. Looking at it historically, by the end of the year, 34% of all existing malware at that time was “born” during 2014.
The decline was in the worldwide rate of infection, which dropped from 31.5% to 30.4%. That lower percentage is a positive sign, but we must recognize that we live in an environment in which 3 out of every 10 computers are hacked.
Let’s look at some of the primary hacker trends and one option for data backup
Checkout lines, source code & EOL
The breach of Target used malware custom-built to go after the retailer’s point-of-sale (POS) systems. The first step, though, was tricking someone who already had access to the server. An employee at a third-party HVAC provider who had access to the Target internal environment appears to have fallen for a “spear phishing” email – one with a fraudulent link to a website resembling the genuine Target one (phishing) and personalized to the user to optimize effectiveness (spear phishing).
Many of the major hacks in 2014 followed that same basic pattern – conning someone with an email, followed by delivery of tailor-made malware with a single, straightforward job. “That job might be something as simple as compromising a DNS or exploiting a previously unknown flaw in a piece of software,” explains Steve Brooks of Business-Cloud.com.
The exploitation of previously discovered flaws is perhaps particularly disconcerting, as indicated by the ongoing assault on Adobe. Hackers got ahold of the source code of various Adobe applications when they entered its systems in 2013. For the criminals, it is a gift that keeps on giving: the company has been hacked repeatedly since the initial intrusion. Plus, “given the amount of time cyber criminals have had the source code,” says Brooks, “it is likely that what Adobe are patching is likely to be only the tip of the iceberg.”
Whenever a company’s source code is taken, it is truly devastating. With that vital, fundamental code on hand, attackers are able to slowly and methodically develop new invasive tactics.
Code theft is not the only thing at issue. More applications are falling into the “end of life” category simply by being around for a while and falling out of the developer’s support window. It’s common for businesses to operate with old Windows operating systems, particularly Windows XP and Windows Server 2003. Jump ship before hackers started to peck away at the carcass of a discarded OS.
Now let’s say your software has not been stolen and your software is up-to-date. You still have to worry about “bring your own device” (below section) and your suppliers. Yahoo had a hoarde of information stolen, and it was actually lifted from an external provider. That same issue was seen with Target, as discussed above. It’s becoming clear that suppliers represent the hacker-friendly “sweet spot” on a wide attack surface; they need to follow the same policies with your data as you do.
Hacks by employees (as with the Korean Central Bank case) and by outsiders using employee passwords (as with the eBay case) were prevalent in 2014 as well.
Special focus on mobile
Several security firms have noted the substantial increase in strains targeting mobile devices, particularly Android. “In one month alone,” Brooks reports, “PandaLabs reported that it detected four malicious apps on Google Play with anywhere between 300,000 and 1.2 million downloads in just over one month.”
Android malware is being distributed to different hacker organizations more rapidly as well. PandaLabs was studying the new strain Android/Koler when the researchers realized there was a second instance of it that was almost identical but originating from another server. Brooks believes this acceleration is partially because of how easy malware is to purchase (often including moneyback guarantees).
This situation also showcased the increasing sophistication of the malware industry: the only difference between the two strains was that they were going after users from certain nations, seeming to suggest that hackers are conducting geographical split testing to figure out where they can make the most money.
The increasing popularity of Apple products and the ignorance of many people who jailbreak their devices to steal copyrighted material has made the iPhone and iPad a playground for Chinese hackers.
Malware is sometimes preinstalled on devices as well.
Time to get serious
The Internet is expanding, with more and more connection points to the Web established every day. PandaLabs argues for taking proactive steps to stay ahead of cybercriminals. Act now to smartly and painlessly backup your data
Dropmysite has recently launched the new customizable email notification settings for its website and database management partners.
Using this service the partners of Dropmysite can now decide and control which emails would be sent to their end users from your reseller portal.
Login to your DMS reseller portal.
- We hope you have configured your SMTP settings by now. If not do configure your SMTP settings before you select the notification settings by clicking on Settings à Notification Settings.
- Click on settings à Notification Settings. Alternatively click on the below URL:
- You will see the below screen.
- Check the box saying I want notifications for my users if you want your end users to receive the below notification emails.
- Currently there are 10 notification emails configured here. Check the ones you want your end user to receive.
- If you want to view the email template please click on the button next to each email option. A popup will appear with the email template. Please note that this is just a template. The actual email that will be sent will have your details from the SMTP settings that you have configured.
- If you have selected the “Notify when out of storage” option and you have a specific URL that you want your end users to click for upgrading the plans, please put that URL in the text box saying “Upgrade URL”. Please leave it blank if do not have such a URL.
- Once you have selected your email notification options click on save. Congratulations: your email notifications are configured.
Resellers and partners are the core of Dropmysite business and with this philosophy in mind, dropmysite had launched it very powerful reseller portal through which the partners can now manage their users using and also provision dropmysite services to them. This email announcement was a new feature that was added to this portal in order to provide more flexibility to the partners of dropmysite.
Don’t have a reseller portal yet? Contact dropmysite at firstname.lastname@example.org and become a partner now.
As part of its global expansion strategy, Dropmysite Pte Ltd, a leading website, email, and mobile backup service, announced that it has signed and launched strategic reseller agreements with three new regional web hosting companies, including ReadySpace, a managed hosting provider servicing the Asian Pacific region, Europlanet, operators of the Easy brand of domain and email hosting services and one of the leading providers in Greece, and Winhost, a premium Windows hosting provider based in Pasadena, California. All three of these web hosting providers will now offer Dropmysite’s automated website and database back-up solution to their customers.
“Web hosting providers are recognizing the strategic importance of offering a comprehensive and fully automated website and database backup service to their customers,” said Ridley Ruth, COO of Dropmysite. “They see that standard back-up solutions are not sufficient given today’s vulnerabilities. Automation of recovery is key to bringing customers data back online quickly. These new partners are a testament to the capability our infrastructure has to deliver our comprehensive services worldwide and to a wide variety of webhosting platforms.”
Readyspace, Europlanet & Winhost are joining the expansive list of hosting companies across the globe now offering Dropmysite as part of their services offerings. Europlanet will offer a single platform of services and web applications that will include Dropmysite under a single powerful control panel its clients based in Greece. Serving other Asia Pacific region, ReadySpace will include a cPanel with its Web Host Manager Complete solution (WHMCS) for its users. Winhost will offer API integration with Dropmysite for its Microsoft developers located in the US.
“Partnering with Dropmysite was an easy choice for us as it was simple to integrate into our product offering and provides an opportunity to differentiate our service portfolio and add another incremental source of revenue to our business,” said David Loke, CEO for Readyspace. “Our customers who are running their important application in our servers will need data protection eventually. We have just made it easier by working with Dropmysite which is done within a few clicks.”
About Dropmysite’s Partner Program
As part of its global Partner Program, Dropmysite provides a white label or a co-branded option that allows resellers and other strategic partners to easily integrate Dropmysite’s cloud-based website, email, and database back-up service directly into their own product offering. To facilitate the integration process, Dropmysite offers a full range of APIs, plug-ins, and tools, email and phone support, and at its highest tier, full customization of the application to match a partner’s existing brand standards.
To join or learn more about Dropmysite’s Partner Program, click here.
Dropmysite is a comprehensive service that lets you backup your website and databases – automatically and easily. Dropmysite Pte Ltd, was founded in 2011. Dropmysite is a leading Internet backup company with a focus on backing up Cloud data, such as websites, emails, databases, mobile devices and more. The company has developed a comprehensive solution and launched three websites: http://www.Dropmysite.com, http://www.Dropmyemail.com and http://www.Dropmymobile.com.
For the second time in two months, hackers have attacked United States police databases, holding them hostage with #Cryptowall #ransomware ; each time they have been subsequently paid $500 in Bitcoins to decrypt.
After spending several days working with the FBI, the Department of Homeland Security, Massachusetts State Police, and two digital forensics and #security firms, they were unable to regain access without paying the ransom.
Read More: Click Here
Because the backup copies were stored on the same server, they were also locked and useless.
Unless you are backing up your important files to a separate location, you may have to face the choice of paying a ransom or losing everything if you are attacked.
Safeguard your website and database now with ‘s automatic backups.
Sign up for free 14 day trial at https://Dropmysite.com.
In the epic fight of good versus evil during the Information Age, the 2014 PandaLabs Annual Report reveals that the balance tipped in favor of the cybercriminals last year.
- Huge attacks dominate the news
- Tip of the iceberg – 2014 hack scope unprecedented
- Don’t panic like I just did
- Worst Nations for Hacking
- Best nations for hacking
- Setting yourself apart.
Huge attacks dominate the news
The demand for security, business continuity, and website backup solutions is higher than ever following a series of high-profile hacks – many of them politically motivated:
- The US State Department shut down its email system for a weekend in November to improve security and deny access to persistent hackers believed to be sponsored by the Russian government.
- An astronomical hack of Anthem, announced in February but underway for much of 2014, exposed the user data (but not the health records) of 78.8 million people – current and former customers, employees, and even non-customers. This attack was credited to government-affiliated “researchers” in China
- Sony Pictures was devastated by a slash-and-burn attack that released emails of top leadership; contracts and HIPAA protected health information (PHI) of celebrities; and even clips of movies that had not yet been released. The FBI pointed to North Korea, believed to be retaliating for its portrayal in the embarrassingly awful film The Interview.
- The credit card information of 56 million people and the email addresses of 53 million people were taken from Home Depot.
These attacks were of course preceded by a difficult 2013. That year, 40 million credit and debit cards were lifted from Target’s point-of-sale systems following a successful phishing attempt
Tip of the iceberg – 2014 hack scope unprecedented
Folks, that’s just the tip of the iceberg. The Internet is the Titanic. Takeaway: We need to keep the captain off the booze long enough to make sure this whole Information Age thing doesn’t turn into a disaster.
Why are these huge hacks just the tip of the iceberg? Let’s look at the statistics. According to a new report from Panda Security, the PandaLabs Annual Report 2014, “malware creation broke new levels with 200,000 new samples spotted every single day.”
Here are additional figures from the Panda analysis, with comparisons to the past, as compiled by Steve Brooks of Business-Cloud.com:
- It was a busy year for godparents of malware, with 75 million new strains born and deployed.
- The new malware strains number is up from 30 million in 2013, representing a stunning 150% increase.
- Looking at the entire library of malware monitored by Panda, fully one-third of it (34%) was first seen in 2014.
- Among types of newly created malware, 69.8% were Trojans, while only 12.3% were viruses. Worms represented 5.8% of newly detected strains, with adware and spyware at 3.1%.
- Those numbers were similar for individual infections of PCs and servers, with 65.0% of contaminations caused by Trojans (9.6% adware and spyware; 2.8 worms; 2.7 viruses).
Don’t panic like I just did
If you just wet yourself, you are not alone. These numbers sound awful. Well, they are awful. However, there is no reason to put on your antique World War II helmet and shut yourself in your bunker quite yet (I’ll cue you when applicable).
Why? There is one statistic that represents a huge bright spot – in fact, it suggests that some hacker patterns are becoming more recognizable even though they keep cranking out new threats: The rate of infection worldwide has actually gone down, from 31.5% to 30.4%.
Clearly that is excellent news considering all the massive hacks in the news and the increasing diversity of malware. However, we shouldn’t be throwing a celebration to find out that 3 out of 10 systems worldwide have again suffered at the hands of hackers.
Worst Nations for Hacking
Panda also looked at which nations had the highest incidence of infection. This list is almost identical to 2013, although Bolivia knocked Argentina off the list (like the big US hacks, many Bolivian infections are believed to originate outside their borders, in their case in Chile).
- China – 49.0% (54.0%)
- Ecuador – 42.3% (40.4%)
- Turkey – 41.5% (42.2%)
- Guatemala – 39.6% (36.4%)
- Russia – 38.8% (38.0%)
- Taiwan – 38.1% (38.0%)
- Bolivia – 37.5% (unlisted)
- Peru – 36.3% (39.9%)
- Poland – 35.1% (35.0%)
- Brazil – 34.1% (35.0%).
Best nations for hacking
Okay, let’s look at the 10 countries that are the safest from hackers, with the lowest rates of infection during 2014:
- Sweden – 20.0%
- Norway – 20.3%
- Finland – 21.2%
- United Kingdom – 22.1%
- Germany – 22.7%
- Switzerland – 23.1%
- Netherlands – 23.6%
- Japan – 24.8%
- Denmark – 25.3%
- Belgium – 25.4%.
Brooks speculates that the reason the infection rates are so low in these particular countries has to do with tactics users in these technologically literate nations are taking to protect themselves from malware: “The question is whether that level of awareness is enough to guarantee them a place on this list[.] It’s hard to know but these are also countries where sales of security products are also high.”
Setting yourself apart
Does Sweden deserve a blue ribbon because only 1 out of every 5 devices has been penetrated by malware? Not really. Although the spread of infection rates runs from 20% to 49% for major countries around the world, the fact that no nation is in the single digits shows malware is rightfully considered an international IT epidemic.
Let’s talk about you. You don’t want your website hacked and injected with malware. Nevermind the annoyance: it’s extraordinarily expensive. Three out of five small businesses that are hacked are out of business within six months (National Cyber Security Alliance).
Don’t lose everything. Get automated website and data backup today.
By Kent Roberts