Cyber Newsround 2019

Cyber Newsround will no doubt be as busy as it was last year with the cyber threat landscape ever evolving and presenting new and daunting challenges to individuals and businesses.

May

15th May

Many Russian government officials have had their passport data posted on-line. It has been revealed that up to eight government websites have been compromised where data has been exposed.

A number of officials are understood to be high profile individuals with a total of approximately 300,000 leaked entries being at risk.

14th May

It has been announced that a zero-day vulnerability has been located on WhatsApp which has permitted hackers to listen into users groups.

Spyware was installed which allowed users chats to be exposed when microphone and cameras were accessed.

Facebook who own WhatsApp have now patched the software and have asked all users to update the app.

2nd May

Austrian construction firm Porr have suffered a cyberattack on its communication infrastructure where its telephone lines and-mails were severely disrupted.

It is believed that this was caused by a virus and an investigation is underway in order to determine how this managed to get through the firewalls of the organisation. 

1st May 

It is understood that that the German based IT services provided CityComp has been subject to a cyber attack which appears to have compromised clients data. 

The attack was ransomware based demanding a ransom of $5,000 which threatened to release this data. The financial information of clients such as Ericsson, Toshiba and BT are believed to be at risk.

The hacker seems to have had access to CityComps systems for over a month before they were discovered.The hacker has since published the dat on the Dark Web which includes names and e-mail addresses, meeting notes with clients and details of confidential projects.

April

20th April

It is understood that a number of employee accounts of Wipro have been hacked as a result of a phishing attack. Despite this the Company Secretary has reassured investors that no critical business operations have been impacted.

Wipro are an IT services provider appear to to have been subject to a systematic cyber attack over a period of months which was a zero day attack. The intrusion was discovered when a forensic investigation was undertaken on their computer network.

3rd April

A recent test of the cyber defence capabilities of U.K. universities has revealed that hackers are able to gain access to their computers within two hours which would put confidential data at risk.

The tests were able to access personal data finance systems and research networks. Penetration tests were carried out on over 50 universities. The attacks were carried out by ethical hackers working for Jisc (formerly the Joint Information Systems Committee) and the Higher Education Policy Institute which demonstrated 100% success in breaching the cyber defences that were in place.

Universities have been targeted in recent years with over 1000 attacks taking place in last year alone.

3rd April

It is believed that Iran have been responsible for cyber attacks undertaken against the Post Office and a number of local government networks.

The attacks occurred just before Christmas with in excess of 10,000 records being taken which included e-mail addresses, postal addresses and phone numbers.Other entities were affected varying from private businesses to banks . It is possible that the Revolutionary Guard group of Iran were behind these attacks.

1st April

Toyota have suffered a data breach where hackers gained access to their IT systems and sales information of over 3 million customers.

it is understood that Toyota have undergone an audit of their systems in order that they can analyse where improvements can be made to help avoid a reoccurrence of a further data breach.

March

28th March

ASUS, one of the world’s laregest computer makers has unbeknownly installed a malicious backdoor on many of its customers computers. 

This occurred last year when hackers compromised a server being used for their live software update tool. It is understood that the malicious file did have a legitimate certificate which made it appear to be an authentic software update.

It is believed that half a million users of Windows re dived the malicious code through the ASUS update server.

This is a good example of a supply chain cyber attack which is a growing concern to businesses.

21st March

The Police Federation of England and Wales (PFEW) the trade union for police workers has been subject to a ransomware attack. It is believed that the attack was not aimed specifically at the organisation but more of an opportunist attack.

The HQ in Surrey where the attack was discovered believe that no data has been compromised. The PFEW are however notifying the 120,000 individuals. The ICO have also been informed of this incident.

19th March

Norse Hydro who are one the biggest aluminium producers in the world have been hit by a ransomware attack that began in the US. It is understood that as a result of this attack a number metal extrusion and rolled plants were shut down.

The virus that caused this is known as LockerGoga which is new strain of ransom ware that encrypts the files of computers subsequently locking them and making s demand for a monetary ransom.

The company intends to restore the systems from their backup and it would that the ransom would not need to be paid. 

The cyber attack has impacted on the share price of the company which initially fell when this was revealed.

13th March

Kathmandu, the outdoor clothing retailer has been subject to a breach of its on-line shopping portal where customers personal data may have been compromised.

it is not known how the cyber attack occurred but an investigation is underway in order to ascertain how this took place.

6th March

Iran have been behind a series of cyber attacks over the past couple of years which have centred around the Middle East and the US affecting in excess of 200 companies.

Microsoft announced this news earlier this week with hackers stealing corporate information and wiping data from computers. No particular sector was targeted with a wide spectrum of businesses being impacted.The group behind these is thought to be Holmium which are an established hackering group.

6th March

It has been revealed that hackers from China have been targeting universities in the US in order to steal military information. Universities known to have been targeted have been Massachusetts and Washington.

The focus of the hackers was believed to be maritime technology being used for the military. Access was obtained by phishing attacks where the networks were compromised.

The hacking group behind these attacks are thought to be Mudcarp Leviathan APT40 or Temp Periscope.

5th March

North Korean hackers are believed to be targeting critical infrastructure in the US. McAfee have released a report recently which states that almost 80 US business have been targeted relating to telecoms energy and defence.

Interestingly this appears to have occurred during President Trumps summit with Kim Jong Un.The US have apparently been aware of this activity.

Banks have also been targeting which is believed to be to acquire funds due the sanctions currently imposed on the country.

February

13th February

The Bank of Valetta in Malta has been hit by a major cyber attack which resulted in the bank being shutdown. It is understood that cash machines, mobile banking and e-mail services were impacted by the attack.

Hackers tried to steal 13 million euros from the bank via transfers to other banks around the world. Despite this no customers have had their bank accounts compromised.

A number of local businesses were affected by the cyber attack who relied on the processing of bank card payments.

The bank is working to get their systems back up and running as soon as possible.

9th February

Hackers have gained access to the Australian Parliament’s computer network however it does not appear that data has been stolen.

All users have been asked to changed their passwords and an investigation is underway.

It is believe.d that a state actor may be behind the attack with China one of the potential countries as they have been attempting to influence Australian politics for sometime. With elections due to take place shortly Russia could also be considered as the country behind the attack in view of the rumours that circulated during the last American presidential elections.

1st February

Metro Bank has fallen victim to a cyber attack that we have not readily seen before.

It is understood that hackers tracked mobile phones remotely and intercepted SMS text messages used as 2- Factor Authentification in real time. They were then used to log into the users bank accounts and insert new sessions thus being able to steal data and track the indivuals movements.

The flaw was exploited in SS7 which is a protocol used by telecoms in order to coordinate how they route calls ans SMS messages.

Metro Bank have stayed that only a small number of customers have been affected by this new form of cyber attack.

January

30th January

Airbus have disclosed that they suffered a security breach which resulted in unauthorised access to data.

As a result of this personal data was accessed being mostly professional contact and IT identification details of their employees.

An investigation is underway so that the cause of the breach can be determined.

Airbus announced that there was no impact to its commercial operations. The ICO have been notified inacoordance with the GDPR regulations.

21st January

France’s data protection regulator the CNIL has fined Google E50million for non-compliance of GDPR regulations and is by far the largest fine issued under these new regulations.

The company did not provide enough information to its users about its data consent policies and did not give sufficient control about how the information was utilised.

It is understood that Google will make an appeal against this fine.

17th January

A fake BBC News webpage has been set up by hackers aimed to convince users to part with money.

The page shows a bitcoin themed documentary previously broadcast by Panarama last year inc,using links on the page directing visitors to site promising to make them millionaires. It is understood that the fake page is spread via e-mails sent from hacked accounts.

The City of London Police’s cybercrime team has warned consumers to be aware of such scams.

16th January

An Israeli network researcher Noam Rotem has revealed that travelers around the world were found to be susceptible to a security vulnerability on an on-line flight ticket booking system.This system allows hackers to access and amend their flight details and to access their frequent flyer miles.

The on-line booking system is Amadeus which is utilised by 141 airlines around the world today including a number of major airlines it is however understood that Amadeus has now fixed the issue with additional security measures being implemented.

8th January

Customer credit card and personal data has been stolen from individuals who bought Lenovo laptops or Motorola mobile phones as hackers published details on-line.

This is as a result of the company being hacked on New Years’ Eve, the attack was claimed by the New World Hackers. The reason behind the attack was to test the organisations cyber resilience.

The ICO are monitoring the situation and it data breach has taken place formal notification will need to be made.

7th January 2019

Personal data from hundreds of German politicians and public figures have been accessed and released on-line.

The information disclosed included private e-mails, telephone numbers, holiday photos of MP’s which and celebrities which found their way onto Twitter.

The data has been released over regular intervals since December but this was however only discovered recently.

It is not known who carried out the attack but Russia is suspected to be the source.

4th January 2019

It has been revealed that the website for Dublin’s tram system has been subject to a ransomware attack where hackers demanded one bitcoin ransom.

The Luas website was taken down by the IT company who services it so that they could try and resolve the cyber attack.

2nd January

Hackers have threatened to release data relating to the 9/11 attack on the World Trade Centre. These are confidential litigation documents concerning a number of high profile insurers.

The hacking group know as the Dark Overlord have documents which they have intimated that they will release on the “KickAss” dark web if their ransom demands are not met.

It is understood that 18,000 documents were stolen from a firm of US lawyers involving the insurer Hiscox. Hiscox have informed the policyholders of the incident.

Image : Shutterstock