Heartbeat spoofing and Rick Astley Ransomware. Just some of the ways McAfee is tackling cybercrime
Chris Price spends a day with McAfee Labs finding out how it plans to tackle cybercrime by showing organisations such as car manufacturers and the NHS just how easy it is to break into their systems….
Think McAfee and what springs to mind? Probably the anti-virus software that you buy – probably somewhat reluctantly – to protect your computer, in the hope that you won’t be hacked.
Or maybe, if you follow the news, you may have heard of John McAfee, the founder of the company who sought election for the Libertarian Party in the US Elections in 2016 and who as early as 2014 warned US citizens not to use smartphones because apps could be used to spy on their activities (at the time he was considered more than a bit bonkers, but I bet more people are taking him seriously now).
What you probably didn’t realise, and nor did I until I was invited on a trip with the company to Paris to find out more the company’s operations, is just how big McAfee has become. Now owned by chip manufacturer Intel, and headquartered in Santa Clara, California, it employs nearly 7000 employees worldwide and has over a $1 billion a year turnover.
Protecting the home
Nor is McAfee just about protecting your computer from being hacked. By 2020 it’s estimated that the average home will have 50 internet connected devices that could be vulnerable to attack from cyber criminals. These range from cameras designed to monitor your property or to keep an eye on small children to smart meters for managing your gas and electricity.
As a result, McAfee has recently announced its smart home cybersecurity solution which sits inside your home router to protect all of your home’s devices. Spain’s Internet Service Provider (ISP) Telefonica, which owns the UK’s O2 network, recently introduced McAfee’s solution for customers using its routers while both the D-Link AC2600 and Arris Surfboard also have the technology built in.
The idea is that by using a smartphone app or even Alexa’s voice recognition technology it’s possible to detect which of the internet connected devices are secure and which are vulnerable because, say, they are using the default user name and password.
It’s also possible to assign certain devices to individual family members and to limit internet access to various categories based on the user’s age. For example, you may decide that you don’t want a young child to access a dating website in which case the child will get a message telling them to speak to their parent.
Explains Raj Samani, McAfee Fellow and Chief Scientist: “It’s not just about protecting devices in the home, but protecting what matters to you including your children.”
“Antivirus isn’t just a commodity,” adds Marc Vos, McAfee Senior Manager, Worldwide Consumer Product Marketing. “The products may be commodities, but certainly not the intelligence that goes into them.”
Tracking criminals
One area that McAfee is heavily involved in, but currently doesn’t publicise a great deal, is how it uses its technology to gather intelligence in order to identify criminal activity. This information is then passed onto security services such as Europol.
According to McAfee’s research an astonishing 53% of all crime now uses some form of digital technology, whether that’s low level fraud or more sophisticated cyber crimes involving criminal gangs.
For example, McAfee was able to identify a cyber attack during the recent Winter Olympics in South Korea and in December 2017 helped Europol with the arrest of individuals suspected of infecting computer systems by spreading the CTB Locker malware – a form of file encrypting ‘ransomware’.
You can see Europol’s arrest of the cyber criminals in Romania in this YouTube video below:
In many cases, McAfee goes undercover to help identify the criminals taking part in the activity. One example that Raj Samani gives is how McAfee employees posed as students doing research in order to identify individuals carrying out cyber crime simply by using a survey.
“Most cyber criminals think they are going to get away with it, they think it’s risk free,” he explains, saying that many of them do it to pay off their debts rather than using it to fund a lavish lifestyle. Certainly, it’s less risky than traditional crimes involving physical crime against a person.
And while cryptocurrencies, such as Bitcoin, have definitely made it easier to launder money for criminal purposes, Mr Samani insists that banning them is not the answer. “Blaming Bitcoin for cyber crime is rather like blaming cars for armed robberies.”
Furthermore, although most hackers do it to make money, some organisations such as pro-Turkey hacking gang, Ayyildiz Tim (AYT), are more interested in cybercrime for ideological reasons.
In January of this year AYT was responsible for hacking the Twitter accounts of World Economic Forum President Borge Brend as well as those of former Fox News journalists Greta Van Susteren and Eric Bolling.
Heartbeat spoofing
Of course, hacking isn’t just carried out by sophisticated criminals. “An 11 year can go online and organise a ransomware attack,” reckons McAfee’s Samani.
In many cases, he claims, the problem is simply that companies are not taking the necessary precautions, often because they are using legacy systems such as Windows XP and aren’t updating with the necessary security patches.
Obviously, this was the main reason behind the Wannacry ransomware attack on organisations such as the NHS last year which may have affected up to 70,000 devices. “We were getting 400 messages an hour from customers when Wannacry happened,” claims Samani.
Worryingly, McAfee’s Samani claims claims that cybersecurity issues within the NHS are still rife and that it is able to compromise an ECG (Electro Cardiogram) so it looks like you are ‘flatlining a patient.’ This is a phenomenon known as heartbeat spoofing.
Nor are these issues confined to organisations such as the NHS. McAfee is constantly identifying security issues within company’s IT systems. “Once they are notified we give them 90 days’ notice to sort them out before going public,” adds Samani.
Rick on repeat
One recent example is a flaw that it found in the 2G modem of a Telmatics Control Unit (TCU) manufactured by Continental and installed in several vehicles including those of BMW, Ford, Infiniti and Nissan. Although it only affected the vehicles’ infotainment systems, McAfee was able to insert ransomware into vehicles so they played Rick Astley’s Never Going to Give You Up at full volume! Now that’s more than enough to make anyone hand over the money!
Currently in development in Hillsboro, Oregon is McAfee’s ‘hacking lab’ where it will carry out advanced threat research (ATR) on thousands of devices that can be connected to the internet including products in the home and many of the latest vehicles.
While being forced to listen to 1980s pop crooners is bad enough, imagine what it would be like if hackers took full control of your autonomous vehicle and were able to drive you to wherever they wanted. Now that really doesn’t bear thinking about.