Cyber Security Today: Cellphone company employees allegedly in on scam, the size of cyber crime, new exploit companies should watch out for

Cellphone company employees allegedly in on a scam, the size of cyber crime and a new exploit companies should watch out for

Welcome to Cyber Security Today. Monday May 13th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com. To hear the podcast click on the arrow below:

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Most cyber incidents suffered by organizations are carried out by attackers outside the firm, but sometimes employees help. An indictment released last week by the U.S. Justice Department is an example. Three people who worked for mobile phone companies face charges of helping a gang that stole the smart phone numbers of seven victims, reset their passwords and then looted their cryptocurrency accounts of $2.5 million. The scam is called SIM swapping, because someone at a mobile phone company swaps the SIM card number from a victim’s phone to one held by a gang. In this case the victims were likely targeted because the gang knew they bought big amounts of cryptocurrency. Probably they were interviewed in articles, or talked about their purchases in social media. Mobile phone companies try to ensure employees don’t unwittingly fall for scams like this. In this case it is alleged the three accused were paid off.

If you buy and sell cryptocurrency, keep it to yourself. And keep your cell phone number to yourself. Don’t use it to buy or sell cryptocurrency. Meanwhile, everyone should make sure they have a PIN number on their cell phone account so no one at your provider can make changes without it. You should also ask if your provider can put a note on your account that it can only be changed to a new phone in person. There’s a link to more FBI safety recommendations here.

If you want to get an idea of how big cybercrime is, you can look at the dollar figures put out by major police forces. Another way is to look at the volume of work of criminal groups. Security vendor Palo Alto Networks has a new report out that looks at Nigerian-based groups. It figures about 400 people around the world are involved in their activities alone. Over the past four years they have distributed over 51,000 pieces of malware to computers, mainly through email, and are responsible for 1.1 million cyber attacks.

Companies are being warned by the FBI and the U.S. Department of Homeland Security about a new strain of malware believed to be from a North Korean-based group. This malware, dubbed ElectricFish, allows Internet traffic to be siphoned out of an organization without being detected. It gets done by by-passing authentication safety measures. More details are available on the US-CERT computer emergency response team website here.

Finally, users of Nvidia graphics cards are being cautioned to update their display drivers. There are some bugs that could be exploited by attackers.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast