Weekly Cyber Security News
Welcome to Astria’s blog and our Weekly Cyber Security News segment. Here we share some of the most interesting and relevant pieces of cyber security news that we find. This valuable resource is here to keep you informed of vulnerabilities and solutions for your business, as well as to discuss some cyber security concepts.
1. CSO Online: “Equifax hackers may have stolen more data than originally revealed.”
We all thought we were finally done hearing about the Equifax breach, but new details emerged this pas weekend. It seems that the attackers also had access to tax identification numbers, more driver’s license and credit card details, email addresses, and phone numbers.
The credit reporting company previously admitted to losing names, birthdays, Social Security numbers of 145.5 million people. But Equifax admitted in their recent submissions to the Senate Banking Committee that more details had been “accessed” by the hackers.
This includes credit cards, meaning the attackers may have the card numbers, expiration dates, and even CV2 security numbers. The list also includes driver’s license numbers, the state, and the issued date. All together, it amounts to quite a bit of personal information.
It is still unclear if this affects all 145.5 million people involved with the breach. Initially, only those who had previously signed up for credit monitoring from Equifax lost credit card info. But Equifax’s reporting on these matters has been unclear. The one thing that is certain is that we will still be hearing about this breach for a while.
2. Security Week: “South Korea Probes Cyber Shutdown During Olympics Ceremony.”
According to the article, internal internet and WiFi went out at about 7:15pm local time. Other sources cite that the Pyeongchang 2018 website went offline as well. The following day, Olympics officials had systems restored, and the 2018 Winter Olympics continued without any interruptions. Organizers still haven’t commented on the cause, but the issue is under investigation.
So was this caused by a cyber attack? And if so, who launched it? Many are quick to blame Russian and North Korean hackers, but at this point it is all purely speculation. The issues could have been due to heavy traffic or even hardware issues. But events like the Olympics are prime targets for hackers worldwide. They often seek fame and are eager to take credit for damages, so the Olympics may be a prize in some circles.
Whatever the case may be, it is worth noting that cyber criminals definitely use the Olympics in phishing schemes. Be on the lookout for scam emails offering tickets, coverage, or even gossip. Criminals create many of these emails to con people out of money and personal data, and may have malware attached as well.
Note: At the time of writing, Olympics officials had not confirmed a cyber attack. Since then, officials confirmed an attack was the source of the outage, but they still have not specified any perpetrators.
3. WeLiveSecurity: “US and UK government websites hijacked to mine cryptocurrency on visitors’ machines.”
Last weekend, over 4,000 websites were used in an attempt to steal a crypto currency from their visitors. The list of affected websites included the US courts’ portal, several of the UK’s National Health System websites, and many other high profile web pages.
How did this happen to so many websites? It seems that all of the pages were using Browsealoud, a third party plugin that suffered a hack. The plugin converts text to speech, reading web pages to visually impaired individuals. But recently criminals managed to add their own code, making thousands of websites farm digital currency.
Fortunately, the creators of Browsealoud repaired the plugin fairly quickly, and the compromise only lasted for 4 hours. Several websites were down for repairs for a few hours after the fix, but they did not find other issues.
This case does highlight the need to be vigilant about third party breaches. Partners and suppliers are a frequent source of breaches, so it is important to never take them for granted. Performing scanning of your website and of data partners provide you can often prevent issues such as these.