MOSCOW -- Hackers are increasingly stealing directly from banks and other companies and helping organized crime to operate more efficiently, according to the chief of cybersecurity firm Kaspersky Lab.
Examples include infecting cash machines to dispense all their money to thieves and hacking operations-management systems at ports so drugs can be smuggled more smoothly and at less risk, founder and Chief Executive Officer Eugene Kaspersky said.
"Hackers have become capable of carrying out very advanced attacks," Kaspersky said. In many cases, "they infect corporate networks with viruses, which eventually -- via files exchanged between departments -- get into computers that handle money transfers," which are usually separate from the main network.
Among recent high-profile hacking victims is Home Depot, which suffered a data breach between April and September in which 53 million email addresses and details of 56 million payment cards were exposed. This month, it was reported that hackers with Wall Street expertise stole merger-and-acquisition information from more than 80 companies for more than a year.
"Everyone is spying on everyone, stealing information," Kaspersky said. "Edward Snowden was right, but he was speaking of the U.S. only. In reality, there are cyberattacks of different origin -- linked to native English speakers, to Chinese, to Russian-speaking programmers. There are also ones linked to France, Spain and Latin America."
This year, Kaspersky Lab identified Tyupkin malware used to attack cash machines. Hackers approached a machine from the back, where a camera couldn't see them, and rebooted it using a CD with a virus. Several days later, entering certain digits on the machine's keyboard, they could collect all of its cash, Kaspersky said.
Hackers are increasingly targeting banks and corporations instead of consumers, he said.
Hackers are also developing new methods to steal things offline, Kaspersky said. They are breaking into systems that control the loading of coal or wheat, creating false shipment figures so thieves can take the difference, he said. They also infect systems at filling stations, making them pour more fuel than indicated to certain clients and less to everyone else.
South American druglords smuggling cocaine in containers with other goods, such as bananas, have used hackers to infiltrate systems at European seaports to set certain containers aside so they can take drugs out, Kaspersky said. Those who produced and purchased the bananas may not even know that drugs have been traveling in their containers, he said.
Kaspersky's views echo comments from other computer-security firms at the Bloomberg Enterprise Technology Summit in London this week.
Companies seeking to shield valuable data from criminals and government spying should assume attackers have already penetrated their systems and should adjust defensive strategies, McAfee and Symantec executives said at the event.
"You must assume something is going on, and you have to start looking for it," Patty Hatter, chief information officer at Intel Corp.'s McAfee, said Tuesday. "Be paranoid -- it helps."
Hackers who have traditionally targeted computers using the Microsoft Windows operating system and smartphones with Google's Android are now writing more malware for Unix-based devices, Apple Macs and iPhones, and even the anonymous The Onion Router, or TOR, network, Kaspersky said. His company now has to develop anti-viruses for those platforms as well, he said.
Blackphone -- a smartphone that offers encryption -- is becoming popular as a method of adding extra protection, Kaspersky said. He uses a 7-year-old Sony Ericsson feature phone to avoid cyberthreats.
Business on 12/11/2014