Superdrug Customers Informed of Hack

Superdrug is reported to have advised online customers to change their passwords after it was targeted by hackers who claim to have stolen the details of approximately 20,000 Superdrug customers.

Hundreds Compromised – Could Be More

To date, Superdrug has confirmed that 386 customer accounts are known to have been compromised, but that it is still working to try to establish the exact number. It is possible, therefore, that the number could be many more.

Contacted By Hackers

Superdrug is reported to have been contacted by a person representing a hacking group and claiming to have hacked their systems, and this person provided stolen customer information as proof. Superdrug was able to confirm the authenticity of the information from their own record of customer email and log-in details. The hacker is reported to have claimed that the details belonging to 20,000 customers were stolen, and has asked for a ransom from Superdrug.

May Have Got From Elsewhere

Even though the assumption is that the mystery hackers got into Superdrug’s systems to get the customer data, Superdrug is claiming this is not the case and that the hackers got the customer login details from other websites and then used those credentials to access accounts on the Superdrug website.

What Kind of Details?

Superdrug has said that, of the compromised accounts that it knows about, names, addresses, some dates of birth, and some telephone numbers may have been stolen, but that no customer payment card details have been accessed.

Actions

Superdrug has said that it has contacted the Police and Action Fraud (the UK’s national fraud and cyber-crime arm) and is offering them all the information they need for an investigation.

Informed Customers

Those customers whose accounts had been compromised were sent an email by Superdrug explaining the situation, asking them to change their passwords, and advising them to change them regularly in future.

Anger Over Tweet

A tweet sent by Superdrug to confirm that the emails received by affected customers was genuine provoked anger, mostly because it failed to include an apology.

What Does This Mean For Your Business?

Although exact numbers of those affected and exact details of how customer data was obtained and accounts accessed have not yet been confirmed, the fact is that at least several hundred customers of a trusted high street brand have ended up being victims of crime, and Superdrug has (at the very least) a PR battle on its hands.

Sadly, Superdrug is one of many well-known companies with data breaches that have made the headlines, affected many customers, and damaged their own company reputations. For example, a Dixons Carphone breach from last year saw the theft of 10 million customer records.

Not just because of possible fines under GDPR, businesses and organisations should be putting customer data protection very high on the list of their business priorities, as strong data security policies, procedures, practices, and defences protect both the customer, the company and its reputation, and a vital and valuable bond of trust between merchant and customer, and send a message that customer security concerns are taken seriously.

Apple iPad Battery Gas Leak – Shop Evacuated

The leaking of vapours from a damaged iPad battery led to an Amsterdam shop being evacuated and 3 staff being treated for breathing problems caused by the released gas.

Fire Brigade Called

Although the fire brigade was called and attended, there were no reports of any actual flames / fire coming from the affected iPad. Staff had, however, initially reacted to the smoking iPad by putting it in a sand-filled fire bucket.

Incidents of Similar Faults

Reports online indicate that similar faults have occurred elsewhere since Apple had started its iPhone battery replacement programme e.g. as reported on the Apple news site 9to5mac. Some reports indicate Apple stores in Switzerland , Spain and Hong Kong have been evacuated and medical incidents being reported this year due to problems with combusting / fumes from iPhone batteries.

While details are patchy, the insinuation by some commentators has been that the incidents involved the batteries of phones that been brought into the shop as part of the battery replacement programme.

There have, for example, been reports from 3 years ago of old batteries giving off smoke if pierced during replacement, although it is not clear if this was the cause of the latest incident.
What Battery Replacement Programme?

Back in 2017, Apple apologised for intentionally slowing down older iPhones (Phone 6, iPhone 6s, iPhone SE and iPhone 7 models), perhaps with a view to encouraging upgrades. Since Apple’s actions were discovered, Apple owners with older models complained of facing huge costs for upgrading, and Apple highlighted how older batteries lose power over time. This led to Apple deciding to introduce a battery replacement programme. This means that Apple will offer anyone with an iPhone 6 or above a newer battery for just £25. This represents a £54 saving.

What Does This Mean For Your Business?

Apple phones are widely used and valued by business people and home users alike. The revelation of Apple deliberately slowing down phones to speed up the act of customers replacing their devices with the latest (and some would say expensive) versions, blotted what had been a relatively clean copy-book. The battery replacement programme appeared to be a practical way to perhaps gain customer trust back, say sorry, and legitimately solve some battery problems.

Like many phone makers, however, the at times unpredictable and potentially dangerous behaviour of some lithium-ion batteries can cause some very unwelcome incidents and publicity e.g. the Samsung Galaxy Note 7. These incidents illustrate how important it is that all aspects of the value chain in the creation and branding of premium products are right.

There may be real hope for phone manufacturers, however, since Norwegian scientists at IFE claim to have discovered a new wonder-material, ‘SiliconX’, for phone batteries that can stabilise silicon anodes for Li-ion batteries and offer five times the charge capacity.

Online “Pay-To-Watch” Now In Lead

The latest Office for National Statistics’ annual Internet Access and Use report has revealed that there has been a big rise in the number of people using commercial video streaming services.

Video Streaming Popular

The report shows a big jump from 29% of those watching online video-on-demand from commercial services in 2016 to 46% in 2018. The figures for 2018 refer to data collected in the January, February and April 2018 modules of the Opinions and Lifestyle Survey (OPN) conducted by the ONS.

The popular video-on-demand services referred to in the report include Netflix, Now TV, and Amazon Prime.

More Subscriptions To Online Video Steaming Than ‘Traditional’ TV

This supports Ofcom’s recent Media Nations report, which has replaced the PSB Annual Report and Digital Radio Report (and is based on BARB Establishment Survey data.), which shows that more people now subscribe to Netflix, Amazon and NOW TV than there to ‘traditional’ pay-TV services e.g. Sky, BT and Virgin.

The report showed that pay-TV subscriptions in the UK totalled 15.1 million, while the leading three on-demand video services totalled 15.4 million.

The Ofcom data showed that 39% of UK households (11.1m) have at least one on-demand streaming service subscription, and although Amazon Prime Video has a slightly larger year-on-year growth rate than Netflix, Netflix is the most popular subscription video-on-demand service, with subscriptions nearly doubling that of its closest rival – 9.1 million UK households Q1 2018.

Why?

The huge growth of popular video-on-demand services is the result of a number of factors including the fact that more than 80% of UK homes have a fixed broadband connection (90% of UK homes have some kind internet access), and 58% of these connections are considered to be superfast (30Mbit/s or higher download speeds), and that there has been a big rise in the number of people owning / using smart TVs and streaming dongles / boxes.

YouTube Popular Too

Google’s video social network platform YouTube has also seen a big rise in the number of people using the service – 62% in 2018, up from 47%.

Older People Using The Services

It appears that another reason for the rise in popularity of on-demand video-streaming services is that older people are now signing up. This is reflected, for example, in the fact that services such as Netflix are commissioning original shows pitched at more mature audiences.

What Does This Mean For Your Business?

Products / services that can be distributed via the Internet e.g. films and TV shows have almost inevitably increased in popularity at a time when most households have a broadband connection and when most people have a smartphone.

As consumers who are used to more choice and the ability to access more personalised offerings and experiences from businesses in a growing subscription economy, and who may have become used to ‘traditional’ pay-TV services, it is just a short jump to the greater choice and convenience of on-demand video services such as Netflix and Amazon. Just as more older people are populating social media platforms such as Facebook, older audiences are also now more used to technology and are finding it easier and beneficial to switch to video-on-demand from commercial services.

This increase in the popularity of such services means that the market for them is set to become more crowded (which is often good news for the consumer) as other players try to take advantage of the consumer viewing trends. For example, Sky is reported to be about to make all its content available online; Apple is expected to launch a TV subscription service soon;, and Disney may also soon be expanding the content available via its DisneyLife app.

IBM Makes Test Version of New Stealth AI Malware ‘DeepLocker’

IBM has announced that it has created its own stealth, ultra-evasive AI malware called ‘DeepLocker’ that can evade all traditional cyber-security protection, hide in normal applications, and only strike when it is sure it has reached its intended target.

Why?

Cyber-criminals are becoming ever-more sophisticated in their methods, and the resources available to them have increased e.g. as hackers have also worked in state-sponsored activities. Also, the world of Artificial Intelligence (AI) has come along leaps and bounds in recent years, and the fear is that cyber criminals could soon be deploying their own AI-powered malware. IBM has, therefore decided to create its own version in order to see how it works and behaves, and thereby gain valuable information which could help it to reduce risks, and find ways counter such attacks.

DeepLocker

One of the things that makes DeepLocker so different to other malware that tends to take a scattergun approach to infection is that it can hide itself and its intent until it reaches a specific target.

This is down to DeepLocker using deep neural network (DNN) AI model, a sophisticated computer system modelled on the human brain and nervous system. This DNN provides a kind of ‘black box’ that totally conceals the “trigger conditions”, and makes attack almost impossible to decipher and reverse engineer. DeepLocker’s AI can, therefore, even convert its own concealed trigger condition (which has been transformed into a deep convolutional network), into a “password” or “key” to unlock its own attack payload when it identifies its victim. In this sense, it contains three layers of attack concealment.

Hides & Identifies

According to IBM, DeepLocker can hide itself completely in normal ‘carrier’ applications such as video conference software. This enables it to fly completely under the radar and avoid detection by most antivirus and malware scanners. It also allows it to be spread widely and without providing any clues that there is a threat.

What Does This Mean For Your Business?

Malware attacks have cost businesses, organisations and whole economies vast amounts of money and untold disruption and problems in recent times. Evasive malware has been evolving for many years now as cyber-criminals try to find their way around better security measures and more sophisticated sandboxes. AI attacks using ultra-evasive, stealth methods of the nature of DeepLocker represent the next frightening wave of attack that organisations and businesses will have to face. It is a good thing, therefore, that IBM has tried to take the initiative and gain a march on cybe- criminals who will undoubtedly seek to weaponise AI, by creating its own version in order to learn lessons in advance that could provide at least some level of protection and recommendations for counter-measures.

Microsoft To Launch App-Testing Sandbox ‘InPrivate Desktop’ Feature

It has been reported that Microsoft is to launch InPrivate Desktop for a future version of Windows 10, a kind of throwaway sandbox that gives Admins a secure way to operate one-time tests of any untrusted apps / software.

Like A Virtual Machine

Although the new feature is still a bit hush-hush, and has actually been removed from the Windows 10 Insider programme, it is believed to act like a kind of in-box, speedy VM (virtual machine) that is then refreshed to use again after it has been used on a particular App.

Why?

The reason for the new feature in the broader sense , is that it fits with moves announced by Microsoft last June 2017 to introduce next-generation security features to Windows 10.

ATP & WDAG

Back in June 2017, Microsoft specifically mentioned the integration of Windows Defender Advanced Threat Protection (ATP) as one of the next-generation security measures. ATP, for example, was designed to isolate and contain the threat if a user on a corporate network accidentally downloaded malicious software via their browser.

A security feature that some commentators have likened InPrivate Desktop to, that was also specifically mentioned last June, was Windows Defender Application Guard (WDAG). Interestingly, WDAG isolates potential malware and exploits downloaded via a users’ browser and contains the threat using virtualisation-based security.

Spec Needed For InPrivate Desktop

Although the exact details of InPrivate Desktop are sketchy, we know that it is likely to be aimed at enterprises rather than individual users and that, as such, it is likely to need a reasonable spec to operate. It has been reported that in order to run the new feature / app at least 4GB of RAM, at least 5GB of free disk space, and two CPU cores will be needed.

When?

There is also still some speculation as to exactly when the InPrivate Desktop feature will make it to Windows 10. Some commentators have noted that it may not make it into Windows 10 ‘Redstone 5’, and looks likely to be rolled-out in a subsequent Windows 10 update which has been codenamed 19H1.

What Does This Mean For Your Business?

With support stopping for previous versions of Windows, and with all of us being forced into using Windows 10’s SaaS model, it makes sense that Microsoft adds more features to protect users, particularly businesses.

Adding malicious code to apps has been a method increasingly used by cyber-criminals to sneak under the radar, and having a secure space to test and isolate dubious / suspect apps will give Admins an extra tool to protect their organisation from evolving cyber-threats. It is extra-convenient that the testing feature / app sandbox will already be built-in to Windows 10.

Social Mapper Can Trace Your Face …

Trustwave’s SpiderLabs has created a new penetration testing tool that uses facial recognition to trace your face through all your social media profiles, link your name to it, and identify which organisation you work for.

Why?

According to its (ethical) creators, Trustwave’s SpiderLabs, Social Mapper has been designed to help penetration testers (those tasked with conducting simulated attacks on a computer systems to aid security) and red teamers (ethical hackers) to save time and expand target lists in the intelligence gathering phase of creating the social media phishing scenarios that are ultimately used to test an organisation’s cyber defences.

What Does It Do?

Social Mapper is an open source intelligence tool that employs facial recognition to correlate social media profiles across a number of different sites on a large scale. The software automates the process of searching the most popular social media sites for names and pictures of individuals in order to accurately detect and group a person’s presence. The results are then compiled in a report that can be quickly viewed and understood by a human operator.

How Does It Work?

Social Mapper works in 3 phases. Firstly, it is provided with names and pictures of people. e.g. via links in a csv file, images in a folder or via people registered to a company on LinkedIn.

Secondly, in a time-consuming phase, it uses a Firefox browser to log in to social media sites and search for its targets by name. When it finds the top results, it downloads profile pictures and uses facial recognition checks to try and find a match. The social media sites it searches are LinkedIn, Facebook, Twitter, Google+, Instagram, VKontakte, Weibo, and Douban.

Finally, it generates a report of the results.

What’s The Report Used For?

The report is designed to give the user a starting point to target individuals on social media for phishing, link-sharing, and password-snooping attacks.

For example, a user can create fake social media profiles to ‘friend’ targets and send them links to credential capturing landing pages or downloadable malware, trick users into disclosing their emails and phone numbers e.g. using vouchers and offers to tempt them into phishing traps, create custom phishing campaigns for each social media site, or even to physically look at photos of employees to find access card badges or to study aspects of building interiors.

What Does This Mean For Your Business?

In the right hands, Social Mapper sounds as though it could ultimately help businesses to improve their online security because it helps to create much better quality and more realistic testing scenarios on a larger scale that could uncover loopholes and shortcomings that current testing may not be able to fund.

The worry, however, is that in the wrong hands it could be used by cyber-criminals to quickly gather information about a target business and its employees, thereby enabling potentially very effective phishing and password-snooping campaigns to be created. This detailed information could also be shared among and sold to other criminals which could mean that individuals could be subjected to a number of attacks over time through multiple channels.

The obvious hope is, therefore, that enough checks and security measures will be put in place by its creators thereby not allowing the software to fall into the wrong hands in the first place and be used by criminals against the businesses and organisations that it was designed to help.

Each week we bring you the latest tech news and tips that may relate to your business, re-written in an techy free style. 

Archives