Tag Archives: Hackers

Marriott missed data of 500 million clients

Yesterday, famous multinational hospitality organization Marriott joined the company of Facebook, Uber and some other large corporations who failed to protect their users’ data privacy. As Marriott reported, the records of 500 million guests of its Starwood division were compromised by an unauthorized party and involved in a data breach.

Starwood’s hotel brands include W Hotels, Sheraton, Le Méridien and Four Points by Sheraton. Marriott branded hotels were not injured as they use separate reservation system.

According to the results of internal investigation, it was found out that hackers had access to the system since 2014 which gave them many opportunities to learn more about the system weaknesses or simply understand where the valuable data is. Stolen information includes some combinations of:

  • name
  • address
  • phone number
  • email address
  • passport number
  • account information
  • date of birth
  • gender
  • arrival and departure information

Some credit card numbers were also stolen as a part of the breach. Marriott says that this part of information was encrypted but attackers may have also compromised the decryption keys needed to unlock the data. This revelation marks one of the biggest corporate data breaches in history. It is the second behind one involving Yahoo.

Beginning Friday, Marriott is sending notification emails to impacted customers, warning them that criminals could send spam to their emails. It has also established a call center and breach notification website. Although, Marriott is trying to help all victims, there is still one unanswered question.

Marriott International management admitted that they were discovered the breach after an internal security tool alerted them in September. Why did it take them so long to figure out what data was accessed and why did they wait another two weeks before informing those affected? Unfortunately, it is a common problem when big companies try to hide such failures and do not reveal them as long as possible. Such irresponsibility must be accompanied by huge fines such as Uber was fined for concealing data breaches some days ago.

Marriott will continue its investigation but it is already clear that the problem of data protection is becoming one of the most important in the 21st century and needs serious actions from states and organizations.






Tagged , , , ,

The Future of Security – Highlights from O. Brodt’s speech at Masters&Robots Conference 2017

Oleg Brodt works at Deutsche Telekom Innovation Labs in Israel. He comes from the small city called Beersheba, also spelled Beer-Sheva, which also is the largest city in the Negev desert of southern Israel. In the end of October this year he spoke at Masters&Robots Conference in Warsaw, and I would like to present some of the highlights of his speech on cyber security.


1. Beersheba – as a Cyber Security Center of Israel

Israeli government decided that Beersheba is going to be a cyber security capital of Israel (being more than 4 times smaller than Warsaw). Therefore, all the cyber security units of military and other agencies were moved to this city. That is what made a great impact on Beersheba’s development and stimulated the inflow of human capital into the city. Nowadays there are 40 multinational companies located in Beersheba. There are also many accelerators, incubators, around 100 Start-Ups and the Ben-Gurion University, which is the only university in Israel offering a cyber security degree. Generally, there are around 400 Start-Ups focused on cyber security in Israel, furthermore, the country attracts 15% of global venture capital financing of cyber security projects.

Beersheba 2007

Beersheba 2017








2. Cyber Security Kids – Israeli Programs for Talented Pupils

In Israel children, who are good at math and IT, have a chance to become a part of the educational programs, which are aimed to prepare human resources for Israeli military units. Those are usually kids, who go to 9th grade. If the kid is cherrypicked, he or she attends the after school classes on cyber security twice a week during four years of high school and after this, he or she joins the army unit.

By the time a child finishes a school, he or she is already an expert in cyber security. Moreover, there is a 6-months gap between the kid finishes school studies and joins the military agency, and during that gap, a kid already works on military CS projects in IT labs. Those are the lowest qualified workers in Israeli IT Labs. The IT labs are being headed by professor Yuval Elovici, who is a known academic figure in the field of CS.

3. There are Different Kinds of Attackers in CS

  • Kids (“Script Kiddies”) – just children, who are bored, they have spare time and technical skills to hack you. They have some basic knowledge, and start to play around with CS, however, they are lowly qualified and normally can not do a lot of harm. Moreover, kids are hacking for “FUN”, there is no real money interest in it.
  • State Actors – governments, which hack each other or specific targets. They are extremely highly qualified, and if you are the target – it will be very difficult to defend. Also, they have “unlimited resources” to hack you, which means they are very dangerous and if they really want to hack you, it is a question of time.
  • Cybercriminals – revenue driven hackers, who aim to get a financial benefit from you.
  • Hacktivism – is the subversive use of computers and computer networks to promote a political agenda or a social change. Perhaps the most prolific and well known hacktivist group, Anonymous has been prominent and prevalent in many major online hacks over the past decade.
  • Terror Organizations – not very active in the field of CS yet, but are increasing their activity gradually.

4. Financial Models of Attackers

There are also different ways attackers might harm you and there are some of them:

  • Ransomware – a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.
  • DDOS-as-a-Service – a new service in the Darknet. If you want to attack your competitor in the internet (for example internet shop), you order such a service in the Darknet from qualified hackers, and than they attack the e-commerce platform of your competitor in a way that it gets too many requests and falls offline.
  • Crypto-Hacks – is something relatively new, and means that hackers attack bitcoins exchangers in order to still their money.
  • Darkweb hacking services – there are even whole price lists for certain violations in the Darkweb. For example, how much does it cost to buy a thousand credit cards, or to hack somebody’s Facebook account.

5. It Is Not Personal – When Hacking You is a Business

  • The hackers, who attack you because of financial motivation are interested only in getting the money. They really do not care who you are, they are not hacking you because you are you, they are hacking you because of your resources. And the most popular way to hack during last two years is ransomware. Due to its “commonness”, there starts to arise a commoditization of the services connected to ransomware, so to say. In other words, hackers, who attack you with ransomware have support centers! So, for example, if you get hacked, and your entire organization data in currently encrypted, you get a message that you have to pay a ransom in bitcoins, but you do not know what actually bitcoin is – you may address hackers’ customer service for help. Yes, you get a phone number on your screen, and if you call on this number – a nice customer service representative guide you through the whole process. Sounds nice, hah?
  • Organizations, which are specialized in negotiations with hackers arise. For example: you are being hacked, and the attacker wants you to pay 5000$ ransom for your files. But how can you know that after the transfer of the money the files will be released? That is where negotiations companies come into play. First, they try to establish a reputation of the hacker – they ask him questions like: “How do I know that you are not going to publish my files in the Darkweb?” or “How do I know that you are not going to sell my files to other organizations?” And what happens next is something surprising – hackers give lists of “previous customers” (people or organizations, which were hacked by them before) to convince the victim that the deal is safe. They also propose to refer to those “customers” to get a recommendation. So there exists so-called recommendation base for hackers, in which new negotiations companies are specialized.


  • https://en.wikipedia.org/wiki/Ransomware
  • https://en.wikipedia.org/wiki/Beersheba
  • Oleg’s Brodt Speech at Masters&Robots Conference in Warsaw (26-27 October 2017)


Tagged , , ,

Hacking, a new issue for insurance companies

Every year hackers are responsible for enormous losses in companies. No matter where the company is located, cyber-attacks can occur. This problem is not something new and has existed for the past 10 years. Nevertheless it is a growing phenomenon because of the ubiquitous nature of the Internet, which is present in almost every household and company in the Western world.


The lack of security presents opportunities for cyber attackers to penetrate your company and steel sensitive information’s. For this reason I invite you to read this article : 5 tips to protect your business from Hackers.


To measure the amplitude of those attacks, here are some major breaches occurring in this century:


  • In December 2006: Albert Gonzalez and 11 other hackers, has broken the security system of tjx companies (American apparel and home goods company). Tjx networks were not protected by any firewalls, which resulted in the exposure of 94 million credit cards.
  • April 20, 2011: 77 million Playstation networks have been hacked, additionally 12 million credit cards were unencrypted. Sony has suffered enormously after this attack as the site was shut down for a month.
  • July 2011: Estsoft a South Korean software developer has been the victim of the biggest theft of information of South Korea. This resulted in 35 million Koreans being exposed, which is the majority of the population. A lot of information has been stolen from millions of users, among others: birthdates, ID numbers, addresses etc.


The list of major breaches is longer and is growing every year (lien).


The problem faced by insurance companies does not lie in the providing of insurance for big enterprises but in the capacity of covering the total amount of losses in certain cases. For the most serious hikes, insurance increase deductibles but in some situations limit the refund to 100 millions of dollars, which means that sometimes only half of losses are covered or even less.

For companies that already experience some breaks, the renewal of their insurance costs them, in some cases, 3 times more than at the beginning.


However, these problems also offer new opportunities for insurers. Even if the level refunded by insurance corporations is often lower than the real loss caused by hacker attacks; those major events underline the importance of having protection.

As the demand for protection is rising, insurers raise their prices. According to pwc during next 5 years prices for cyber insurance market will rise to 7,5 billion dollars in US.

More here


The real problem is that while prices are skyrocketing, the insurance will not increase the security. Furthermore most policies will not work due to the lack of security. Perhaps companies should increase their preventive measures in order to avoid further attacks.

Tagged , ,