Page 50 - Cyber Warnings
P. 50
To accomplish this, Gugi superimposed a screen on top of the screen of the legitimate app
asking for information that would then be sent directly to the criminals without their victims’
knowledge.
Internet of things
The automobile sector is one of the most at risk. Investigators at the University of Birmingham
showed how they had succeeded in compromising the power door lock system of every vehicle
sold by the Volkswagen Group in the last twenty years.
Researchers Charlie Miller and Chris Valasek, who last year demonstrated how to hack a Jeep
Cherokee, took it one step further this year to show how they could manipulate at will the
throttle, the break, and even the steering wheel while the car was in gear.
Smart homes are also vulnerable to cyberattacks. Researcher Andrew Tierny showed a proof of
concept that he himself had elaborated to hijack a thermostat.
After taking control of the thermostat (inserting an SD card in it), he raised the temperature to 99
degrees Fahrenheit and required a PIN to deactivate it.
The thermostat connected to an IRC channel, giving the MAC address of as an identifier of
every compromised device. It demanded a bitcoin in exchange for the PIN, which changed
every 30 seconds.
Cyberwarfare
In the cyberwarfare sector, 2016 saw the United States go on the offensive and concede that it
is launching cyberattacks against Daesh targets. Robert Work, United States Deputy
Secretary of Defense, made this clear in statements to CNN.
In June, South Korean officials disclosed an attack originating from North Korea. The
attack allegedly began over a year ago, its primary target being 140,000 computers belonging to
organizations and government agencies, as well as defense contractors.
But up until February of this year the attack was not discovered. According to police statements,
more than 42,000 documents were stolen, of which 95% were related to defense, such as, for
example, documents containing plans and specs for the F15 fighter jet.
At the height of the United States presidential election, one of the most relevant incidents that
took place was the discovery of an attack on the DNC (Democratic National Commettee) in
which a stockpile of data was plundered, and was then leaked to the public.
Cybercrime
In June, a criminal dubbed “The Dark Overlord” put patient information from three US
institutions up for sale on the black market. He had stolen information from over 650,000
patients and asked for around $700,000 for its return.
50 Cyber Warnings E-Magazine December 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
