Public services continue to fall victim to distributed denial of service (DDoS) attacks with many industry experts, including Corero, predicting that this is going to get worse before it gets better. Our collective pessimism is being fuelled by dire warnings from government agencies that Nation State sponsored cyber-criminals are continuing to focus their efforts on penetrating critical national infrastructure systems, such as energy grids, nuclear facilities, transportation networks and even drinking water supplies. While motivations may not always be completely clear, the potential effect is an impact on security, economic stability, and even public health.
DDoS attacks can disrupt the availability of essential services we use as part of our everyday life. Previous reports have highlighted the dangers of infrastructure attacks, such as last October’s DDoS attacks against Swedish railway systems which disrupted travel. In addition, the WannaCry ransomware attacks in May last year demonstrated the potential volume and strength of cyberattacks on essential services and reduced people’s ability to access these services.
Only last month, a DDoS attack on Danish rail operator, DSB, paralyzed ticketing systems resulting in travel chaos.
The consequences of a successful DDoS attack against an enterprise can be dire – from financial costs to a negative impact on a brand’s reputation. However, when it comes to the systems that underpin our essential services, the impact from a successful attack can be devastating. For example, network downtime can have a serious economic impact as it can affect productivity, cause physical damage and could even endanger public safety.
Critical infrastructure systems at risk
In recent years, DDoS attacks have become more complex, with many combinations of different attack approaches, known as vectors, being used.
Indeed, the ability to take systems offline has never been easier as DDoS attack tools, whilst illegal in many countries, are readily accessible and inexpensive. So-called DDoS stresser or booter services are frequently enabled by large networks, known as botnets, of hijacked Internet of Things (IoT) devices.
Another serious concern is the number of Internet-connected systems and devices that either form part of or are connected to industrial control systems. As organizations become increasingly reliant on the convenience of Internet accessibility, the potential attack surface for damaging cyber-attacks, including DDoS, increases. As a result, organizations need to ensure they have adequate firewalls, access mechanisms and real-time protections in place to eliminate the Internet-borne threats to their control networks.
Critical infrastructure operators in energy, healthcare and transportation cannot leave DDoS attack resilience to chance. Corero’s recent Freedom of Information survey revealed that most UK critical infrastructure organisations (51%) are potentially vulnerable to these attacks. These organizations have failed to invest in technology that can detect and immediately mitigate short-duration DDoS attacks (i.e. those last less than 10 minutes) on their networks. Corero’s DDoS Trends Reports have long shown that these short duration, modestly scaled attacks dominate the threat landscape. Operators of essential services should not be complacent as even these short attacks can significantly impede service delivery.
NIS Regulations and best practices
On 10th May this year the EU NIS Directive became law in all 28 EU member states. The regulations require that operators of essential services “must take appropriate and proportionate technical and organisational measures to manage risks posed to the security of the network and information systems on which their essential service relies”. In the UK, the best practice guidance is stipulated by the National Cyber Security Centre (NCSC). The NIS Regulations arrive with a £17million big “stick fine” for those who fail. Hopefully, operators will see this as a “carrot” to upgrade their cyber-protection to defend against DDoS and other cyber-threats.
Contact us if you’d like to find out how Corero can help you prevent DDoS attacks impacting your ability to deliver service.
July 1st marks the beginning of a Civil War battle that many historians say is one of the most pivotal. And, as many historians also like to note, a love of pillaging Americans for their shoes supposedly is what drew pro-slavery forces arrogantly into Gettysburg on this date.
This topic of shaking-down hardworking Americans for their shoes is tied to General A. P. Hill. The man was a wealthy elitist who expected things for free (see also: slavery) and eagerly had abandoned his appointment in the U.S. Army to fight against freedom. To put it simply, Hill was committed to the violent expansion of slavery long after the practice had been abolished around the world.
Two decades before Hill was born, in 1807 the English already had abolished its slave trade. The idea of slavery became so unjustifiable in English society that by “1824 there were more than 200 branches of the Anti-Slavery Society in Britain“. No surprise then the agrarian state of New York abolished slavery 1827, England emancipated slaves in 1833, English Colonies 1838…but I’m getting ahead of myself here.
Mary Wollstonecraft, credited with helping found modern British feminist ethics, famously wrote against slavery in 1792,:
Is sugar always to be produced by vital blood? Is one half of the human species, like the poor African slaves, to be subject to prejudices that brutalise them, when principles would be a surer guard, only to sweeten the cup of man? Is not this indirectly to deny woman reason?
Wollstonecraft’s sentiment was shared in the colonies, believe it or not, and thus we see examples like the agrarian colony of New York debating how to expedite emancipation, two decades earlier than Wollstonecraft’s call for a boycott on slave-made goods:
Most of the Revolutionary leaders who came to power in New York in 1777 had anti-slavery sentiments, yet, as elsewhere in the North, the urgency of the war with Britain made them delay, and they restricted their activity to a policy statement and an appeal to future legislatures “to take the most effective measures consistent with public safety for abolishing domestic slavery.” This resolution passed in the state Constitutional Convention by a vote of 29 to 5.
Note the five dissenters. Obviously some in the 1700s were not quite convinced. And so by 1861 we have a treasonous General A. P. Hill taking up arms against his own country. In a nutshell, many white elitist men in America did not want to do hard work and believed their easy/lazy lives and financial inheritances (see also: people treated as property to be bought and sold) were threatened unless they could continue to enslave Americans and steal their goods.
Today you may be surprised to see the U.S. Army has named a fort after an infamously treasonous and foolish man like A. P. Hill. Given that he dedicated his life to killing American soldiers for personal profit, who thought this made any sense?
The installation was named in honor of Lt. Gen. Ambrose Powell Hill, a Virginia native who distinguished himself…
Please take special note of the fact that the U.S. Army doesn’t call the person they are honoring an American, because his treason to preserve slavery by killing Americans, killed his citizenship.
Also nice try U.S. Army with your Virginia reference. Obviously Hill was far from being a true native of Virginia.
That being said I must agree with the second part of the sentence, this treasonous man hateful of his own country certainly distinguished himself. The U.S. Army doesn’t mention it but his impatience, as well as lust for plundering Americans and putting people in chains, may have led to one of the greatest tactical blunders in U.S. military history. So distinguishable.
Also he contracted gonorrhea while a cadet at West Point, screwed around so much he graduated late, and became known for taking “sick leave” right in the heat of any major battle.
Now, to be fair to Hill being so distinguished, I must admit he shared poor decision-making with his pro-slavery General Heth on June 30th, 1863. Heth had ordered his pro-slavery General Pettigrew to enter Gettysburg and ransack it. Pettigrew had followed these orders at first but turned tail after he observed American cavalry and infantry already near the town.
In “The Civil War: A Narrative” there’s a scene where Hill approaches Heth and hears of Pettigrew’s reluctance. Hill, our man of the hour, then insists to Heth there can be no significant American forces present.
The narrative tells us Heth obediently then sends his Pettigrew back once again to plunder Gettysburg and “get those shoes!”
Narratives aside, by 5AM on July 1st, as Heth himself approached Gettysburg to damage it, he realized Pettigrew had been right, Hill was stupidly wrong, and significant numbers of American forces were present. Yet even that didn’t dissuade Heth, who continued ordering Pettigrew to march on.
Hill’s insistence that he conferred with Lee and there would be no resistance to plunder seems to be the real story here, shoes or not. There was an inherent desperation of Lee and his pro-slavery men to plunder America (see also: slavery), which on this particular day began the largest land battle in the western hemisphere, lasting 3 days and killing nearly 50,000 people, to the disadvantage of pro-slavery forces.
One of the stranger footnotes (no pun intended) to this story is that while Gettysburg had a lot of American forces defending freedom, it didn’t have any shoes.
These pro-slavery Generals, all of them, not only chose to be blind to the evils of slavery, they also were blind on two more levels. A particularly inhumane General with the ironic name of Early (infamous for helping to invent the “Lost Cause” view) had tried to pillage Gettysburg days before Heth had set his sights on it.
This means Americans living in Gettysburg already had been subjected to pro-slavery militia demanding ransom in 1,000 shoes and attacking the town.
No shoes were found, as you can plainly read here:
Had there been any shoes, they might have been the standard issue “Jefferson Boots”, named after Thomas Jefferson who is thought to have created an American fad for French ankle-high laced shoes by wearing them instead of previously common English ones with large buckles.
However, again I must say, NO SHOES IN GETTYSBURG.
So for those historians arguing pro-slavery forces really centered their offensive on shoes, maybe put a sock in it.
Is there any evidence that pro-slavery General Early told others that the town couldn’t cough up any Jefferson boots despite his violent demands? Lee and Hill both supposedly had scouts relaying information but perhaps it wouldn’t have made any difference what Early said, given how Pettigrew was rebuffed when he tried to explain the dangers of trying to plunder Americans on this day.
To put this in perspective, it’s not like in the days leading up to the Gettysburg battle someone could tell Lee or Hill that slavery is unjustified and they would listen; if these men wanted stealing to be in their plans, they were going to threaten and kill Americans until some damn things to steal were found or everyone was dead for refusing to see things the pro-slavery way.
Again, Hill quit the U.S. Army to plunder America in the most unjustified way to retain elite status. In that sense Gettysburg was simply another day of plunder to Hill and his men, whether stealing goods, separating babies from mothers, or perpetuating slavery to improve his own status at the expense of others.
Within three days pro-slavery forces had been destroyed at Gettysburg, which helped signal an end to their plans to use violence against fellow citizens to expand slavery practices into western territories (what the war was really about); 60 years after England had abolished slavery, and 30 years after slaves in America (if still colonies) would have been emancipated, the self-proclaimed “elite” white supremacists fighting to perpetuate obviously tyrannical practices of their former King were defeated (pun not intended).
Also, just as one final footnote, I think it is time for the U.S. Army to officially remove honors to Hill. I say that not only because Hill was a murderous traitor and terror to Americans, but also because we could say he finally got the boot he so desired.
Pete Blaber’s book “The Mission, the Men, and Me: Lessons from a Former Delta Force Commander” gets a lot of rave reviews about business practices and management tips.
It’s hard not to agree with some of his principles, such as “Don’t Get Treed by a Chihuahua”. This phrase is a cute way of saying know your adversary before taking extreme self-limiting action. Who would disagree with that?
But I’m getting ahead of myself. The book begins with a story of childhood, where Pete reflects on how he topographically mastered his neighborhood and could escape authorities. That gives way to a story of his trials and tribulations in the Army, where during training he was tested by unfamiliar topography and uncertain threats. It is from this training scenario that Pete formulates his principle to not jump off a cliff when a pig grunted at him (sorry, spoiler alert).
Maybe a less cute and more common way of saying this would be that managers should avoid rushing into conclusions when a little reflection on the situation is possible to help choose the most effective path. Abraham Lincoln probably said it best:
Give me six hours to chop down a tree and I will spend the first four sharpening the axe.
How should someone identify whether they are facing a Chihuahua, given their other option is to blindly climb a tree? Pete leaves this quandary up to the reader, making it less than ideal advice. I mean if in an attempt to identify whether you are facing a Chihuahua, wild pig or a bear you get mauled to death, could you sue Pete for bad advice? No, because it was a bear and instead of being up a tree you are dead.
Given the lessons learned in joining the Army, Pete transitions to even more topographical study. He masters mountain climbing with a team in harsh weather. It’s a very enjoyable read. I especially like the part where money is no object and the absolute best climbing technology is available. There’s no escaping the fact that the military pushes boundaries in gear research and keeps an open mind/wallet to technology innovations.
From there I can easily make the connection to the climax of the book, where he leads a team on a topographically challenging mission and minimizes their risk of detection. It really comes full circle to his childhood stories.
However, there are a few parts of the book that I found strangely inconsistent, which marred an otherwise quick and interesting read.
For example, Pete makes a comment about religion and culture that seems uninformed or just lazy. He refers to Cat Stevens as the “most renowned celebrity convert to Islam”:
I’m not claiming to be an expert in celebrity status or Islam, just saying it should be kind of obvious to everyone in the world that Muhammad Ali (nee Cassius Clay) is far more renowned as a celebrity convert to Islam. I don’t think Cat Stevens even breaks into top ten territory.
Afer winning the Olympics in 1960, the hugely popular Clay not only went on to convert he also refused serving US armed forces in Vietnam because a “minister in the religion of Islam”. As the FBI puts it in their release of surveillance files:
…famed Olympian, professional boxer and noted public figure. This release consists of materials from FBI files that show Ali’s relationship with the Nation of Islam in 1966.
Pete’s comment about Cat Stevens suggests that despite the no-holds-barred approach to piles of rock, he may lack knowledge in human topics essential to conflicts he was training to win. A quick look at discussion of Islamic celebrities backs up this point:
Pete was wandering on that flat line at the bottom while giant mountains of culture stood right above him, unexplored, despite his access to the best tools.
There are at least two more examples of this class of error in the book. I may update the post with them as I have time.
Graham Cluley Security News is sponsored this week by the folks at Recorded Future. Thanks to the great team there for their support!
Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the Web.
And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators - helping you use threat intelligence to help make better decisions quickly and easily.
Which means that you will be able to benefit from a daily update of the following:
- Information Security Headlines: Top trending news stories.
- Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
- Top Hackers: Organizations and people recognized as hackers by Recorded Future.
- Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research (“reverse engineering,” “proof of concept”) to malicious exploitation (“exploited in the wild,” “weaponized”).
- Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.
Infosec professionals agree that the Cyber Daily is an essential tool:
“I look forward to the Cyber Daily update email every morning to start my day. It’s timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions.” - Tom Doyle, CIO at EBI Consulting.
So, what are you waiting for?
Sign up for the Cyber Daily today, and starting tomorrow you’ll receive the top trending threat indicators.
If you’re interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.
Posted under: Research and Analysis
After considering the challenges of existing network security architectures (RIP Moat) we laid out a number of requirements for the new network security. This includes the needs for scale, intelligence, and flexibility. That’s all well and good, but how do you get there? We’ll wrap up this series by discussing a couple key architectural constructs which will influence how you build your future network security architecture.
But before we go into specifics, let’s wrap a few caveats around the architecture. Not everything works for every organization. There may be cultural impediments to some of the ideas we recommend. We point this out because any new way of doing things can face resistance from folks who will be impacted. Yo will need to decide which ideas are suitable for your current problems, and which battles are not worth fighting.
There may also be technical challenges, especially with very large networks. Not so much conceptually – faster networks and increased flexibility are already common, regardless of the size of your network. The challenge is more in terms of phasing migration. But nothing we will recommend requires a flash cutover, nor are any of these ideas incompatible with existing network security constructs. We have always advocated customer-controlled migration, which entails deciding when you will embrace new capabilities – not some arbitrary requirement from a vendor or any other influencer.
Access Control Everywhere
Our first construct to hit is access control everywhere. This is pretty fundamental because network security is about controlling access to key resources. Duh. We have been making pointing out that segmentation is your friend for years. But in traditional networks it became very hard to do true access control scalably, because data flows weren’t predictable, workloads and data move around, and users need to connect from wherever they are.
The advent of software defined everything (including networks) has given us an opportunity to more effectively manage who gets access to what, and when. The key is setting the policy. Yes, you start with critical data and who can & should access it from where to set your baseline. But the larger the network and the more dispersed employees and resources (including mobility and the cloud) are, the tougher it is. So you do the best you can with the initial set of policies, and then hit it from the other side. Your new network security should be able to monitor traffic flows and suggest a workable access control policy. Obviously you’ll need to scrutinize and tune the policy while comparing it against the initial cut you took, but this will accelerate your effort.
Returning to the need for flexibility, you should be able to adapt policies as needed. Sometimes even on the fly, within parameters defined by policy. That doesn’t mean you need to embrace machines making policy changes without human oversight or intervention, at least at first. In a customer-controlled migration you determine the pace of automation, enabling you to get comfortable with policies and ensure maximum uptime and security.
Applying Security Controls
With segmentation reducing attack surface by preventing unauthorized access to critical resources, you still need to ensure authorized connections and sessions are not doing anything malicious. But devices get compromised, so we can’t forget the prevention and detection tactics we’ve been using on our networks for decades. Those are still very much needed, but as described under requirements, we need to be more intelligent about when security controls are used. You have probably spent a couple million ($CURRENCY) on network security controls, so you might as well make the best use of that investment.
Once again we return to the importance of policy-based network security. Depending on the source, destination, application, time of day, geography, and about a zillion other attributes (okay, we may be exaggerating a bit), we want to leverage a set of controls to protect data. Not every control applies to every session, so the network security platform needs to selectively apply controls.
Before you start worrying about which controls to apply to which traffic, you need to make sure you can actually inspect the sessions. With more and more network traffic encrypted nowadays, before you can apply security controls you will likely need to decrypt. We wrote about this at length in Security and Privacy on the Encrypted Network, but things have changed a bit over the past few years.
The standard approach to network decryption involves intercepting the connection to the destination (called person-in-the-middle) and then decrypting the session using a master key. The decryption device then routes the decrypted stream to the appropriate security control per policy, and then sets up a separate encrypted connection to the destination server. And yes, our political correctness may be getting the best of us, but we’re pretty sure that network security equipment is not gender-binary, so we like ‘person’ in the middle.
Any network security platform will need to provide decryption capabilities as needed. But that’s getting more complicated, as described in the TLS 1.3 Controversy. Clearly a person in the middle weakens the overall security of a connection, because any organization (some good – like your internal security team; and some bad – like adversaries) could theoretically get in the middle to sniff the session. The TLS 1.3 specification addresses that weakness by implementing Perfect Forward Security, which uses a different key for each session to prevent a single master key which could monitor everything.
Obviously not being able to get in the middle of network sessions eliminates your ability to inspect traffic and enforce security policies on the network. To be clear, it will take a long time for TLS 1.3 to become pervasive; in the meantime your connections can negotiate down to TLS 1.2, which still allows person-in-the-middle. But we need to start thinking about different, likely endpoint-centric, approaches to inspecting traffic before it hits the encrypted network.
Assuming we can inspect traffic on the network, we want to implement a policy-centric security approach. That means identifying the traffic and determining which security control(s) are appropriate based on the specifics of the connection. Context helps ensure you are using the appropriate security controls, which both improves security posture and helps to optimize control capacity (as we’ll discuss below).
The best way to understand this is with a few simple examples:
- Ingress: In case of an inbound connection you want to protect against malware coming into the network, as well as application attacks. So you can set a policy that routes email traffic through an email security gateway and then a network-based malware scanner. Or maybe you take email from an email security service and then run it through your malware scanner or IPS to ensure any links in the message aren’t malicious. To protect application traffic first the connection goes through a WAF, but you can also run it through an IPS to detect more traditional attacks. Similarly you’d like to be able to leverage different controls if the session originates in a hostile country which demands more scrutiny.
- Egress: Looking at it from the other end, if you are dealing with outbound traffic you first want to decrypt an encrypted session and then send it through a web filter to will determine whether it is being misused, connecting to a malicious site, or showing patterns which may indicate command and control traffic. But depending on what kind of data is in the payload, you might also want that connection to run through a DLP device to ensure data is not misused. You’ll want to provide context for DLP inspection because it is very resource intensive.
These examples are deliberately oversimplified, but contextual protection enables you to use the controls you need to protect a specific connection.
As mentioned in our Requirements post, you don’t always have the luxury of upgrading network security controls at the same time as network bandwidth. Additionally, heavy-duty Deep Packet Inspection, as described in the examples of contextual protection above, may not be needed for all traffic – especially given the significant resources it requires. So when determining which controls are used on which connections, it’s important to make sure capacity is factored into the mix.
You don’t want to compromise security due to capacity. But a network security platform which can give you a sense of when specific security controls are at capacity, as well as potentially buffer connections so packets aren’t dropped, can provide a graceful way to manage network capacity.
For another example, if you recently upgraded your data center network to 100GB but don’t have the security budget to increase the speed of your internal segmentation firewalls, you can have a network security platform buffer traffic while the firewalls enforce policy. This is not a great answer because it impacts application traffic, but the alternative might be to either violate segmentation rules (which probably won’t sit well with the auditors) or drop packets.
Another example is intelligently routing connections to authorized SaaS applications, but through your security web gateway service rather than your internal DLP engine, because you already have a CASB monitoring activity in those SaaS applications. That can help your DLP device scale more effectively. Again, simple examples illustrate how intelligently selecting security controls per connection is useful.
The key here is to not get wrapped up trying to boil the ocean. You can start small, perhaps implementing an SDN in front of your egress security controls to apply the policies we discussed. Or possibly introducing a packet broker in front of a key application to make sure appropriate security controls are not overwhelmed in case of a traffic flood. You could start thinking about micro-segmentation in your virtualized data center, and map those capabilities to all new applications being deployed in IaaS (Infrastructure as a Service). Or you might be interested in a newfangled Zero Trust access control environment or a Secure Network as a Service offering for employee access, and roll out intelligent networks internally to provide access to some resources (which remote employees need), while segmenting everything else.
The possibilities for how to migrate to this kind of network security platform are endless, and there is no right or wrong answer. There is only the reality that your security controls cannot scale at the same rate as your networks, which means you need to apply intelligence to how security controls are deployed within your environment.- Mike Rothman (0) Comments Subscribe to our daily email digest
Sometime in the late 1980s I managed to push a fake “bomb” screen to Macintosh users in networked computer labs. It looked something like this:
There wasn’t anything wrong with the system. I simply wanted the users in a remote room to restart because I had pushed an “extension” to their system that allowed me remote control of their speaker (and microphone). They always pushed the restart button. Why wouldn’t they?
Once they restarted I was able to speak to them from my microphone. In those days it was mostly burps and jokes, mischievous stuff, because it was fun to surprise users and listen to their reactions.
A few years later, as I was burrowing around in the dusty archives of the University of London (a room sadly which no longer exists because it was replaced by computer labs, but Duke University has a huge collection), I found vivid color leaflets that had been dropped by the RAF into occupied Ethiopia during WWII.
There in my hand was the actual leaflet credited with psychological operations “101”, and so a color copy soon became a page in my graduate degree thesis. In my mind these two experiences were never far apart.
For years afterwards when I would receive a greeting card with a tiny speaker and silly voice or song, of course I would take it apart and look for ways to re-purpose or modify its message. Eventually I had a drawer full of these tiny “talking paper” devices, ready to deploy, and sometimes they would end up in a friend’s book or bag as a surprise.
One of my favorite “talking” devices had a tiny plastic box that upon sensing light would yodel “YAHOOOOOO!” I tended to leave it near my bed so I could be awakened by yodeling, to set the tone of the new day. Of course when anyone else walked into the room and turned on the light their eyes would grow wide and I’d hear the invariable “WTF WAS THAT?”
Fast forward to today and I’m pleased to hear that “talking paper” has become a real security market and getting thinner, lighter and more durable. In areas of the world where Facebook doesn’t reach, military researchers still believe psychological manipulation requires deploying their own small remote platforms. Thus talking paper is as much a thing as it was in the 1940s or before and we’re seeing cool mergers of physical and digital formats, which I tried to suggest in my presentation slides from recent years:
While some tell us the market shift from printed leaflets to devices that speak is a matter of literacy, we all can see clearly in this DefenseOne story how sounds can be worth a thousand words.
Over time, the operation had the desired effect, culminating in the defection of Michael Omono, Kony’s radio telephone operator and a key intelligence source. Army Col. Bethany C. Aragon described the operation from the perspective of Omono.
“You are working for a leader who is clearly unhinged and not inspired by the original motivations that people join the Lord’s Resistance Army for. [Omono] is susceptible. Then, as he’s walking through the jungle, he hears [a recording of] his mother’s voice and her message begging him to come home. He sees leaflets with his daughter’s picture begging him to come home, from his uncle that raised him and was a father to him.”
Is anyone else wondering if Omono had been a typewriter operator instead of radio telephone whether the US Army could have convinced him via print alone?
Much of the story about the “new” talking paper technology is speculative about the market, like allowing recipients to be targeted by biometrics. Of course if you want a message to spread widely and quickly via sound (as he’s walking through the jungle), using biometric authenticators to prevent it from spreading at all makes basically no sense.
On the other hand (pun not intended) if a written page will speak only when a targeted person touches it, that sounds like a great way to evolve the envelope/letter boundary concepts. On the paper is the address of the recipient, which everyone and anyone can see, much like how an email address or phone number sits exposed on encrypted messaging. Only when the recipient touches it or looks at it, and their biometrics are verified, does it let out the secret “YAHOOOO!”
A security breach has compromised the UK's customer database of one of the world's biggest ticket-selling giant Ticketmaster.
The online entertainment retail service has warned their UK customers that they could be at risk of fraud or identity theft after the group admitted around 5% of all Ticketmaster UK users were affected by this cyber attack.
The hackers may have accessed some of the private data that includes login information, users' payment data, addresses, name, and phone numbers. All customers are advised to change their passwords if they use the same password on other sites.
“UK customers who purchased, or attempted to purchase, tickets between February and June 23, 2018, may be affected as well as international customers who purchased, or attempted to purchase, tickets between September 2017 and June 23, 2018,” state Ticketmaster in their official notice. “Less than 5% of our global customer base has been affected by this incident. Customers in North America have not been affected.”
The company discovered malicious software their third chat widget powered by Inbenta Technologies, which is a third-party artificial intelligence tech supply, they have now disabled Inbenta chat for all its websites.
“As a result of Inbenta’s product running on Ticketmaster International websites, some of our customers’ personal or payment information may have been accessed by an unknown third-party. Information which may have been compromised includes name, address, email address, telephone number, payment details and Ticketmaster login details.”
However, Inbenta's CEO Jordi Torras refuted the claims that the breach happened from their end. He clarified that no other client has been ever affected by any kind of cyber attack.
Meanwhile, the forensic teams and security experts are working together to find out how data was compromised, and how many customers were affected by the data breach.