Sections

ideals
Business Essentials for Professionals

World
20/05/2017

Sophisticated Ransomware And Fingerprint Reader Vulnerabilities Are New Hacking Threats




Sophisticated Ransomware And Fingerprint Reader Vulnerabilities Are New Hacking Threats
Experts warn there is more to come — including the ability to hack fingerprint readers, after a massive cyberattack that struck 300,000 computers in 150 countries earlier this month has begun to slow.
 
"It is going to get worse before it gets better because we've becoming more reliant [on technology]… More sophisticated attacks will be hard to prevent," said Stuart Okin, a senior vice president of product at 1E, a cybersecurity firm that helps companies keep software up to date.
 
Computers and servers are enabled to solve complex math equations that mine, or create, virtual currencies like Bitcoin by the virus of the latest hacking threats - WannaCry, a type of ransomware, and Advlkuzz malware. Ransomware locks up computer files and demands payment to get them back.
 
Malicious software that spreads from connected computer to computer without the user needing to click on a link or download a file, is described to be each malware known as a worm.
 
Consumers may face similar threats even though these threats are currently targeting businesses. According to Steven Grossman, vice president of strategy at Bay Dynamics, a cybersecurity analytics company, buying software from legitimate sources, installing updates, using anti-virus and firewall software, and back-up are the best protection.
 
"I don't think I would ever advise anybody to pay a ransom, but the reality is if you're caught losing your family photos, losing your financial information, and you have no backups, you may be in a difficult situation and try to pay it," Grossman said.
 
Hackers may be able to use vulnerabilities in smartphone fingerprint readers even though one might think their fingerprint to be unique.
 
Masterprints, digitally altered fingerprints that could match many people's fingers were discovered by researchers for New York University's (N.Y.U.) Tandon School of Engineering.
 
"If I have this glove or fake hand with these master prints on it then I can unlock say 25, 30, 40 percent of phones," Professor Nasir Memon of N.Y.U. Tandon said.
 
Most smartphones only use small partial prints, which make the sensors easier to fool even while each fingerprint is unique, the researchers said.
 
"When you take a small part of it, the uniqueness tends to go down," Memon said.
 
Most smartphones store multiple prints of various fingers, and give you a few tries to unlock further complicates the problem, according to Memon.
 
"It's as if I don't have to get in through one window, but 30 windows. Any one of them is left open, I'm in. To a security person, that's a problem," he said.
 
The team has used computer simulations and is yet to test the research on a real phone.
 
According to N.Y.U. Tandon School of Engineering researchers, four of the masterprints that will match many fingerprints.
 
"Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match…The probability of this happening is 1 in 50,000 for one enrolled finger...is much better than the…odds of guessing a typical 4-digit passcode," according to Apple’s Touch ID Security website.
 
"Fingerprints are very convenient. It's so nice that I just pick up a phone, I just put my finger on the start button and boom it unlocks," Professor Memon said. However, caution when using fingerprints for banking and large financial transactions was advised by him.
 
(Source:www.cnbc.com) 

Christopher J. Mitchell

Markets | Companies | M&A | Innovation | People | Management | Lifestyle | World | Misc