This week, Donald Trump clenched the title of president-elect of the United States. Though we may not have a clear picture of how Trump will address the country’s growing cybersecurity problems until he takes office on Jan. 20, this week’s Hacker Tracker will explore what we can expect from his cybersecurity platform.
While Trump’s campaign site does offer some insight into what the soon-to-be president has in mind to tackle America’s cybersecurity needs, Forbes noted that there are still a lot of blanks that need to be filled in over the coming months.
Trump’s policies call for “an immediate review of all U.S. cyberdefenses and vulnerabilities,” which will be conducted by a Cyber Review Team. The team will be made up of representatives from the military, law enforcement agencies and the private sector. The campaign also lays out plans to foster cooperation between federal, state and local law enforcement when responding to massive cyberattacks, as well as the development of more offensive capabilities to fight against hackers.
But where the campaign site falls short is in offering the specifics on how all of these initiatives will actually become a reality. As Forbes pointed out, Trump’s interview responses related to cybersecurity have resulted in more questions than answers. Though Trump was correct in his recent assessment that the country seems to be “toyed with by so many different countries,” he still did not provide a solid plan for better protecting our critical infrastructure.
Many are hoping Trump will do a better job safeguarding our nation from cybersecurity threats than his own hotel chain has fared over the years. The chain fell victim to a widespread malware attack that stole customer payment information for more than a year, from May 2014 to June 2015.
The impact of the breach could reach customers who used debit or credit cards at seven of the chain’s hotels, including: Trump SoHo New York; Trump National Doral in Miami; Trump International New York; Trump International Chicago; Trump International Waikiki in Honolulu; Trump International Hotel & Tower Las Vegas; and Trump International Toronto.
Hackers Lift $3M From Tesco Bank
It’s been a rough week for Tesco Bank and its customers. First, the bank’s fraud system detected suspicious activity, which led to thousands of customer cards being blocked from usage.
Just days later, the fraud scare actually became reality.
The bank reported on Tuesday (Nov. 8) that £2.5 million pounds ($3 million) was stolen from 9,000 customers in what cyberexperts said was the first mass hacking of accounts at a Western bank.
The bank had to suspend online transactions but quickly resumed full service after the theft.
“We’ve now refunded all customer accounts affected by fraud and lifted the suspension of online debit transactions so that customers can use their accounts as normal,” Tesco Bank CEO Benny Higgins said in a statement.
The National Cyber Security Centre (NCSC) in the U.K. said it’s working with investigators and Tesco to determine what went down in an attack the NCSC called “unprecedented.” The NCSC, along with the U.K.’s National Crime Agency, told Reuters they couldn’t think of a similar confirmed case in which hackers got away with large sums of money through accessing bank accounts.
The theft of the online banking accounts has prompted British authorities to warn other small banks that they may also be at risk for a cyberattack.
The report noted that smaller banks are more of an attractive target than their larger brethren because they don’t have the security in place like the bigger guys, making it easier for hackers to penetrate their networks.
“Smaller and medium-sized companies may be more vulnerable. Many of them have not invested properly in security measures, and an incident like this should stimulate them to think again,” said Sergio Romanets, cybersecurity expert at consultant Greyspark Partners in London, in the report. Customers have already been compensated, but restoring all of the online service at Tesco Bank will be harder to do.
Could Threat Intelligence Halt Data Breaches?
The latest data from Imperva’s “Combat Online Payment Card Attacks using Threat Intelligence” report found that the total value of online credit card transactions at risk by 2020 will be $19 billion.
Fraud at the point of sale is expected to shrink, but online payment card fraud on eCommerce and banking websites will continue to rise.
Major data breaches have made payment card data more accessible to cybercriminals than ever before. Hackers are able to use a technique called carding to monetize stolen cards in forums — selling data on the online black market for a little as $5 per card.
“Cybercriminals use bitcoin to anonymously purchase large packs containing thousands of stolen cards for approximately $10 per card. Criminals employ botnets to validate these cards in bulk by making small transactions of less than $1 on obscure donation websites,” Imperva said in a blog post.
“Once they identify the subset of payment cards that are still active and not blocked by the issuing bank, they sell those cards back to carding forums at $20 per card to double their profits within minutes of their original purchase.”
But threat intelligence could be the key to shutting down these automated attacks.
Imperva ThreatRadar intelligence services for the SecureSphere Web Application Firewall can help to stop cybercriminals from targeting payment and checkout pages with carding and cashing-out schemes.
The solution uses reputation intelligence, bot intelligence and crowdsourcing, as well as web application firewalls, to proactively detect and mitigate these specific attacks.