Threats Of The Week – 20/03/2015

Media Division | March 20, 2015

This week we found a few interesting stories on cyber threats that indicates security is essential for private, public and state authorities. The goal is to keep you updated about the latest security vulnerabilities businesses continue to face in different sectors.

So in case you were busy during the week and didn’t get a chance to take a look at what’s happening in the world of cyber crime, here’s a complied list of all the interesting happenings worth reading about:

TeslaCrypt malware targets gamers

TeslaCrypt made headlines this week after researchers stated that it targets video games and files in documents, photos, and iTunes. The malware was designed to discover files associated with gaming platforms from Value Steam and files related to game development tools including Unreal Engine and Unity3D. The main functionality of the malware is to encrypt gaming files, and then ask gamers for a ransom to unlock them.

A researcher from Bromium Labs, reporting on the malware, stated that the malware targeted over 40 gaming titles, including strategy games such as WarCraft and StarCraft II. The malware also targeted other popular titles like Resident Evil 4, Call of Duty, Half-Life 2 and Fallout 3. Specific companies like Bethesda have also seen their games targeted. Researchers are still trying to find out if there’s a way to decrypt infected files without paying the ransom.

Premera health insurer data breach

2015 has seen a number of health care data breaches and the trend continued last week with the breach at Premera. The latest data hack has been reported to have affected up to 11 million people. The data breach affected so many consumers because cyber criminals breached systems housing data about past and current customers, dating back to 2002.

The insurer sent out notification letters to people whose information was breached, as required by the state law. While the company is taking additional actions to strengthen the security, it needs proactive data breach detection solutions to prevent the damage in the future.

iPhone and iPad can be hacked with a little black box

It’s easy for anyone to get across the login screen and access the content on your iPhone with a specialist hardware, even if the iPhone has fingerprint security. The device, called IP-BOX, sells for £120, and functions by bruteforcing iDevice passcodes, guessing passwords repeatedly until it finds the right one. Even though the phone’s software is created to defend against such hacks, the IP-BOX can break through all barriers. It can work even after the software limits the number of password guesses, or the user changes the phone’s settings to delete the content after 10 failed password attempts.

It doesn’t even matter if the iPhone has Touch ID security enabled; that’s because the device can be unlocked with the passcode. The IP-BOX is free to guess passwords, and it features a light sensor that attaches to the iPhone’s screen to know whether the guessed password is wrong or right. The sensor monitors the light levels from the iPhone screen, and monitor changes. A change implies that the screen has been unlocked. Users can protect themselves by creating a passcode longer than four numbers, and the IP-BOX is also limited when it comes to guessing complex passwords. As a result, iPhone users are encouraged to use good password practices.

What do you think about these threats? Did we miss out on anything important? Feel free to leave comments.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.