The Briefing on Cybersecurity
The latest news, trends and data from the cybersecurity industry
Cybersecurity News in Numbers
The number of US Department of Homeland Security (DHS) employees whose data has been exposed in a breach by a former colleague. The former department employee was found to be in possession for Social Security numbers, dates of birth and employment-related data for 247,167 current and former DHS workers as part of an ongoing criminal investigation.
The amount in rubles hackers attempted to steal from Russian state bank Globex in December. Using the SWIFT international payments messaging system, cybercriminals attempted to steal equivalent to $940,000, but were thwarted, with customer funds remaining unaffected, according to Globex President Valery Ovsyannikov.
The amount it has emerged ride-sharing company Uber paid to hackers that stole data on 57 million drivers and riders in October 2016. Uber paid the money as part of its bug bounty service, which is typically used to reward white hat hackers for discovering security flaws in its software, in return for the deletion of the data.
The value of bitcoin stolen from Slovenian cryptocurrency mining marketplace NiceHash, in a hack at the start of December. NiceHash has said that it believes the attack was likely made from a non-EU IP address. The attack is the latest in a string of bitcoin hacks over the last few years, with one of the most high-profile occurring in 2014 leading to the collapse of the target, then the world’s largest bitcoin market Mt Gox.
The number of American households detailed on a cloud-based data repository left unsecured online, according to research published in December. The database did not contain names, but did include home addresses and contact information, mortgage and financial details and highly specific purchasing behavior. The data, which was originally created by Experian, was owned by Alteryx.
Threats You Need to Respond To Now
Check Your Chips
If your company or home contains computers or other electronics with chips from Intel, AMD or ARM – the vast majority of devices – you will need to check for and run any available updates, after a security flaw was identified that could allow hackers to bypass security systems to access passwords.
Review Your Passwords
With the new year upon us, now is an excellent time to review your passwords, and update any that are used frequently or have not been changed in some time. Focus on using passwords that are strong but easy to remember, such as a combination of easy to remember words or the first letter of every word in a phrase.
Be Wary of Bluescreens
A scam product that mimics a bluescreen before claiming your computer is missing .dll files and prompting you to spend $25 to purchase the fictional software Windows Defender Essentials is finding its way onto computers via cracked software installers. Known as Troubleshooter, the malware can be removed by following instructions on Malwarebytes.
This Month's Cyber Warfare News
Watershed Attack on Middle Eastern Plant
A watershed attack on a plant in an unnamed Middle Eastern country has been blamed on hackers working on behalf of an as-yet-unknown nation state. The attack targeted industrial safety technology Triconex, which is developed by Schneider Electric, and is the first reported safety system breach at an industrial plant, supporting warnings that hackers are increasingly turning their attention to such infrastructure.
North Korea Denies US WannaCry Claims
The North Korean Foreign Ministry has denied that the country is behind the WannaCry ransomware attack that caused widespread chaos in the summer of 2017. The denial was in response to a statement made by the US earlier in the week that blamed the North Korean state, citing evidence provided by both US and foreign intelligence agencies.
US Government Bans Kaspersky Labs
The US Government has banned the use of Russia-based security firm Kaspersky Labs’ products in federal agencies, amid concerns that the firm has links to state-sponsored spying programs. However, Kaspersky has asked the ban to be overturned, arguing that there is no concrete evidence of a link, and that the ban is damaging their US business.
Vietnam Unveils 10,000 Strong Cyber Unit
Vietnam has announced that is deploying a vast cyber warfare unit to combat what the government describes as “wrongful views” that are proliferating online. The unit, Force 47, has 10,000 employees and is focusing on online content that is critical of the Vietnamese government, including YouTube videos and posts on social networking sites such as Facebook.
Share this article