Posts

Cybersecurity Hazards Abound in Airports, Parking Lots and Conventions

Published with Permission by:
Lint, James R., “Cybersecurity Hazards Abound in Airports, Parking Lots and Conventions”, In Cyber Defense, 19 July 2017, Web, http://incyberdefense.com/james-lint/cybersecurity-hazards-abound-airports-parking-lots-conventions/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 In Cyber Defense and Contributor, In Homeland Security

With so much public attention to viruses, ransomware and cyberattacks, you might think that you’ve heard all the possible ways someone can attack your computers or mobile devices. But there are many bad actors who have devised devious ways to get your data through public charging stations, USB hub power stations and thumb drives.

Public Wi-Fi Poses a Cybersecurity Risk

Watch out for Wi-Fi hotspots that are not sponsored by an airport or your hotel. If you notice that the airport or hotel’s Wi-Fi service has a slight variance in the service’s name or has a #2 added to the actual name of the hotspot, that is a fake hotspot used by scammers. Others can access your computer or phone and use it as a launch pad for other activities.

Public Charging Stations Can Collect Your Private Data

For the convenience of travelers, airports offer free charging stations. However, “free” is not always good and it is easy for a tired traveler to make security mistakes.

A new way for hackers to access your data is through phone data cords plugged into “free” USB charging stations. These phone data cords can also be used to connect your phone to a USB port on your laptop. When you transfer data or pictures from your phone to your laptop, for example, that data or those images are vulnerable to a hacker.

Unfortunately, some USB charging hubs have more than just a charging capability. They can contain a hidden hard drive that can suck in your personal photographs, an important PowerPoint presentation or Word documents relating to your company’s business. This type of data is valuable and eagerly sought by hackers.

USB Hub Power Stations Could Also Be a Cybersecurity Risk

Be wary of public USB hubs with eight plug-in ports. When you plug your USB device into one of these ports, do you know the people around you who are also plugged into the ports? Your company’s competitors or your government’s enemy could be using those same ports.

That same hub could be configured to allow one port to pull data from the other ports by introducing a new motherboard or modifying the existing motherboard in the USB hub power station. Most of us have no idea of that potential for hacking when we blindly plug in our devices and are happy to get free power. Depending on the data loss you could incur, maybe that power is not really “free.”

USB Thumb Drives ‘Lost’ in Parking Lots

Penetration testers, hackers and espionage agents have another way to collect your data through what appear to be “lost” thumb drives. They will drop a couple of USB thumb drives in company or government parking lots. This process is called “seeding.”

Unwary employees pick up these thumb drives, take them into their office and plug them into their computer. Most of these people are Good Samaritans simply trying to identify the owner and return the thumb drive. Sadly, the thumb drive could contain a virus that attacks the organization’s networks and allows outsiders in to steal data.

This same seeding technique has worked at conventions and conferences. Convention display booth workers often hand out thumb drives that ostensibly feature their company’s products. But the same thumb drives can contain vulnerabilities that are a hazard to your network and data.

Cybersecurity Precautions to Take When You Travel

  • In airports or other public facilities, do not trust free USB hub power stations. Carry a second power pack, power cord or battery to power up your devices.
  • Be wary of Wi-Fi hotspots that have additional numbers or misspellings in their names.
  • Never pick up a “lost” USB thumb drive and stick it into your computer or mobile device. Turn it into your organization’s security office. If you have no other alternative, plug it into a stand-alone machine, not one that is connected to your organization’s network.

The common link to all of these types of cyberattack is the lure of getting something for free. As someone once said, nothing in life is free. Sometimes in cyber, free can be a hazard and cause disruption.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016, “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017, Secrets to Getting a Federal Government Job.”

Fileless Malware: A New Threat in the Cybersecurity Field

Published with Permission by:
Lint, James R., “Fileless Malware: A New Threat in the Cybersecurity Field”, In Cyber Defense, 29 June 2017, Web, http://incyberdefense.com/james-lint/fileless-malware-new-threat-cybersecurity-field/

By James Lint
Faculty Member, School of Business, American Military University
Senior Editor for
 In Cyber Defense and Contributor, In Homeland Security

Currently, threats to your computer often involve some type of virus or hostile file. But fileless malware is a new and growing hazard in cybersecurity. Consequently, it presents a danger to companies and individuals.

Fileless Malware Leaves Few Traces on Your Computer

What is fileless malware? Zeltser Security Corporation defines fileless malware as “malware that operates without placing malicious executables on the file system. Though initially fileless malware referred to malicious code that remained solely in memory without even implementing a persistence mechanism, the term evolved to encompass malware that relies on some aspects of the file system for activation or presence.”

The fact that there is no file to detect, similar to a virus, makes fileless malware difficult for your antivirus software to find. It also makes protection against malware more difficult, now and in the future.

Cybersecurity Community Becoming Aware of Fileless Malware Threat

In June, the Cyber Security Awareness Lunch and Learn event in Las Vegas hosted by MJ Computer Concepts featured a speaker from the US Secret Service (USSS).  This was the same Special Agent  who also hosted the USSS Electric Crimes Task Force (ECTF) in Las Vegas.  The speaker at the Task Force meeting was Dr. Anthony J. Carcillo on the topic of fileless malware.

The U.S. Secret Service has two major areas of responsibility. The traditional and best-known mission is the protection of senior executive branch leaders. The older mission for the USSS is financial crimes, which include the prevention and investigation of counterfeit U.S. currency, U.S. treasury securities and the investigation of major fraud. This second mission has the modern USSS involved with modern cybercrimes.

During the Lunch and Learn, by MJ Computer Concepts and the ECTF meeting with Dr. Cardillo both discussed the need to protect your computer system. Both of these speakers had similar comments on the criticality of software updates and backups. The information from Dr. Carcillo was thought-provoking because there is very little information in the public domain about fileless malware.

Staying Informed Is Your Best Protection against Fileless Malware

The United States Computer Emergency Readiness Team (US-CERT) regularly publishes information about cybersecurity threats. Reviewing the US-CERT website is a useful way to learn about current threats. Also, you can sign up for tips and emails on new cyber vulnerabilities.

Failing to Update Software Increases Vulnerability to Attack

Discussions at recent cybersecurity events have shown that there is a common reason why victims are selected and attacked. Hackers commonly exploit security weaknesses in computers with outdated software, because those computers are more vulnerable to attackers. In some cases, computer owners neglected to install software updates to protect their computers and data.

What You Can Do to Improve Your Security

There are simple measures you can take to protect your computer. CNN Money Tech stated, “First, install any software updates immediately and make it a regular habit. Turn on auto-updaters where available (Microsoft offers that option). Microsoft also recommends running its free anti-virus software for Windows.”

Another way to protect your files is to use a cloud-based storage service. Cloud storage companies normally keep all their systems updated with the newest software protection and backups in case of a problem.

There are other ways to protect your computer from an attack:

  • Use a backup program for your personal or business computer.
  • Buy two or more USB hard drives and use them to run incremental backups. Use one USB hard drive at a time and set it to back up your computer files for a week. Then, change to a different hard drive and conduct backups.

If you use multiple drives for backups, valuable files and pictures will remain safer, even if your current drive gets corrupted or attacked by ransomware. The more hard drives you have in your rotation, the more likely it is that your earlier files will not become corrupted.

  • Do not click on a link that you do not recognize or download files from sources you do not know.

Although updating your systems and backing up your files is time-consuming, these computer tasks are necessary to protect you from cyberattacks. With all of the problems that viruses, ransomware and malware create, simple protective measures are worth your time and money.

About the Author

James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. James has been involved in cyberespionage events from just after the turn of the century in Korea supporting 1st Signal Brigade to the DHS Office of Intelligence and Analysis as the first government cyber intelligence analyst. He has 38 years of experience in military intelligence with the U.S. Marine Corps, U.S. Army, government contracting and civil service.

Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded its 45th scholarship for national security students and professionals. James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. He has also served in the Department of Energy’s S&S Security Office after his active military career in the Marine Corps for seven years and 14 years in the Army. His military assignments include South Korea, Germany and Cuba, in addition to numerous CONUS locations. In 2017, he was appointed to the position of Adjutant for The American Legion, China Post 1. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” a book published in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea,” and a new book in 2017 Secrets to Getting a Federal Government Job.”