IoT Hackers plead guilty and get no jail time!

Darkreading.com reported that after substantial cooperation with the FBI that the three “…men charged with creating and managing the Mirai botnet have pleaded guilty to conspiracy to violate the Computer Fraud & Abuse Act and have been sentenced to a five-year period of probation and 2,500 hours of community service.” The September 19,2018 report entitled “Mirai Hackers’ Sentence Includes No Jail Time” included a link to the Department of Justice News Release “Hackers’ Cooperation with FBI Leads to Substantial Assistance in Other Complex Cybercrime Investigations” which included these comments from U.S. Attorney Bryan Schroder:

Cybercrime is a worldwide epidemic that reaches many …

The perpetrators count on being technologically one step ahead of law enforcement officials. 

The plea agreement with the young offenders in this case was a unique opportunity for law enforcement officers, and will give FBI investigators the knowledge and tools they need to stay ahead of cyber criminals around the world.

The News Release identified the three young men as: “Paras Jha, 22, of Fanwood, N.J.; Josiah White, 21, of Washington, Pa.; and Dalton Norman, 22, of Metairie, La.”

Unfortunately I think we will continue to see young people commit other cybercrimes.

Silent Cyber Growing (lack of cyber insurance coverage)!

My friend Judy Greenwald reported for BusinessInsurance.com that “Silent cyber, cyber losses that affect insurance policies not specifically designed to cover cyber risk” was significant and that a “survey of close to 700 participants from more than 100 insurance companies found that in 2017, fewer than half of respondents estimated the silent cyber risk to be greater than one cyber-related loss for every 100 non-cyber related losses.” The September 17, 2018 report entitled “Threat of silent cyber grows significantly: Willis Re” was based on a “survey 2018 Silent Cyber Risk Outlook, issued by Willis Towers Watson’s reinsurance unit” and included these comments:

In 2018, 60% to 70% of respondents estimated the silent cyber risk factor was greater than one in every 100 noncyber-related losses in all lines of business apart from workers compensation.

Actually this report is hardly a surprise!

Cyberattacks in Germany cost $50 billion!

Reuters reported about “Bitkom surveyed 503 top managers and security chiefs from across Germany’s manufacturing sector” and reported that “Two thirds of Germany’s manufacturers have been hit by cyber-crime attacks, costing industry in Europe’s largest economy some 43 billion euros ($50 billion),…”. The September 13, 2018 article entitled “Cyber attacks cost German industry almost $50 billion: study”included these details:

German security officials have long been sounding the alarm about the risk of well-resourced foreign spy agencies using cyber attacks to steal the advanced manufacturing techniques that have made Germany one of the world’s leading exporters.

The survey identified risks across the spectrum, with a third of companies surveyed reporting mobile phones had been stolen and a quarter saying they had lost sensitive digital data.

There was evidence cyber criminals were also using other techniques to hobble their German competitors, the survey found, with 19 percent of those polled saying their IT and production systems had been sabotaged digitally, and 11 percent reporting tapping of their communications.

What do you think about this alarming news?

Good news for Blockchain -EU not in a hurry to regulate!

The-Blockchain.com reported that  as “…blockchain technology has the potential to transform the business landscape and make its mark across many different sectors, it is imperative that policymakers become more accommodating with the development and adoption of blockchain technology.”  The September 11, 2018 article entitled “EU Holds Off on Crypto Regulation” was not limited to cryptocurrencies and that:

EU Finance ministers who gathered in Vienna last week have agreed to slow down and not act hastily in regulating the emerging crypto markets in Europe.

The article also included these comments from Nicolas Gilot (Co-CEO of blockchain-powered gaming distribution platform Ultra):

Legal regulation will always postdate technological innovation, and with differing national frameworks, the EU is treading carefully.

Imposing early regulation on member states could prove difficult with many countries militating the effects and consequences it could have on blockchain development and its potential to stifle crypto adoption.

Further insight and research into cryptocurrencies and blockchain is needed before a clear and coherent set of regulations is implemented, and we will have more clarity as to the appropriate solution in the coming years.

In time, regulatory compliance will prove hospitable for blockchain innovation and will attract good actors to the European crypto market

I think this is good news that the EU is patiently deciding about regulating Blockchain, what do you think?

Cyberattack on BA customers compromises 380,000+ credit cards!

Reuters reported that “British Airways was forced to apologize on Friday after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the most serious attack on its website and app.”  The September 6, 2018 reported entitled “BA apologizes after 380,000 customers hit in cyber attack” included the comments:

The airline discovered on Wednesday that bookings made between Aug. 21 and Sept. 5 had been infiltrated in a “very sophisticated, malicious criminal” attack, BA Chairman and Chief Executive Alex Cruz said. It immediately contacted customers when the extent of the breach became clear.

Around 380,000 card payments were compromised, the airline said, with hackers obtaining names, street and email addresses, credit card numbers, expiry dates and security codes – sufficient information to steal from accounts.

At least BA is admitting the cyberattack unlike what happened last year as I explained in my June 2017 blog Cyber attack probably caused BA to strand 75,000 passengers, but BA claims it just lost electricity! Haha!