Insider Attacks a Real Threat in Enterprises, Survey Finds

Today’s topics include a research study highlighting the rise in insider attacks; Volvo and Uber’s self-driving car partnership; the North Korean Lazarus Group now hacking in the mobile realm; and Microsoft adding new HDR and on-screen input options to Windows 10.

According to the 2018 Threat Report released Nov. 20 by Crowd Research Partners, most damaging security threats surprisingly do not originate from malicious outsiders or malware, but from trusted employees inside their own organization.

Of the 472 cyber-security professionals surveyed, “About half … experienced an insider attack during the last 12 months,” said Holger Schulze, founder of Crowd Research Partners. “This report reveals the latest trends and provides actionable guidance on addressing threats as well as showcases how organizations are working to protect their critical data to prevent and mitigate inside threats.”

The report also suggests that 90 percent of organizations believe they are vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges, an increasing number of devices with access to sensitive data and the increasing complexity of information technology.

Announced Nov. 20, Volvo Car Group has agreed to sell Uber tens of thousands of self-driving cars from 2019 to 2021. The two companies have been working together in tests in Pittsburgh, San Francisco and Phoenix for the last few years.

Volvo said the agreement is non-exclusive, meaning that both Uber and Volvo could find other partners with whom to work in similar applications. A Volvo spokesperson said Volvo will use the same base cars for the development of its own autonomous car strategy, with its first fully autonomous car expected to be released in 2021.

An Uber spokesperson told eWEEK, “In our nearly two years of working together, we have built a sizable fleet of prototype vehicles on the Volvo XC90 platform. … This deal puts us on the path toward mass-produced self-driving vehicles at scale.”

McAfee on Nov. 20 indicated that the North Korea-based Lazarus Group hacking gang, implicated in the 2014 Sony Pictures attack and this year’s WannaCry ransomware attack, has now moved into the mobile realm.

Previously using many forms of desktop and server malware in its campaigns, "This is the first instance of this actor group using the mobile platform," Raj Samani, chief scientist at McAfee, told eWEEK. In its most recent attack, the Lazarus Group made a fake copy on Google Play of a legitimate app for reading the Bible in Korean.

While there have been only approximately 1,300 installations of the real app, the number of malicious installs and potential victims are currently unknown. "Predictions are of course fraught with challenges, but it is not inconceivable that further attacks on the mobile platform will be something we will have to contend with,” Samani said.

Windows 10 users with monitors capable of displaying high dynamic range content will soon have new settings that improve the quality of non-HDR visuals. New in build number 17040 of Windows 10 is the ability to adjust the brightness of standard dynamic range content. Labeled "Standard dynamic range white level," the feature only appears on systems equipped with an HDR-compliant display.

Also new are cursor thickness, touch feedback and pointer customization settings in the Ease of Access section. In addition, users of the SwiftKey-like "shape drawing" feature can now swipe their way to full words and sentences on the standard "wide" keyboard. Users who would rather jot down their ideas now have new gestures that they can use in the system software's handwriting panel.