Cyber Security Roundup for October 2018

Aside from Brexit, Cyber Threats and Cyber Attack accusations against Russia are very much on the centre stage of UK government’s international political agenda at the moment. The government publically accused Russia’s military ‘GRU’ intelligence service of being behind four high-profile cyber-attacks, and named 12 cyber groups it said were associated with the GRU. Foreign Secretary Jeremy Hunt said, “the GRU had waged a campaign of indiscriminate and reckless cyber strikes that served no legitimate national security interest“.

UK Police firmly believe the two men who carried out the Salisbury poisoning in March 2018 worked for the GRU.

The UK National Cyber Security Centre said it had assessed “with high confidence” that the GRU was “almost certainly responsible” for the cyber-attacks, and also warned UK businesses to be on the alert for indicators of compromise by the Russian APT28 hacking group.  The NCSC said GRU hackers operated under a dozen different names, including Fancy Bear (APT28), had targetted:
  • The systems database of the Montreal-based World Anti-Doping Agency (Wada), using phishing to gain passwords. Athletes’ data was later published 
  • The Democratic National Committee in 2016, when emails and chats were obtained and subsequently published online. The US authorities have already linked this to Russia.
  • Ukraine’s Kyiv metro and Odessa airport, Russia’s central bank, and two privately-owned Russian media outlets – Fontanka.ru and news agency Interfax – in October 2017. They used ransomware to encrypt the contents of a computer and demand payment 
  • An unnamed small UK-based TV station between July and August 2015, when multiple email accounts were accessed and content stolen


Notable Significant ICO Security Related Fines

Last month’s British Airways website hack was worse than originally reported, as they disclosed a second attack which occurred on 5th September 2018, when the payment page had 22 lines of malicious Javascript code injected in an attack widely attributed to Magecart.  Another airline Cathay Pacific also disclosed it had suffered a major data breach that impacted 9.4 million customer’s personal data and some credit card data.

Morrisons has lost a challenge to a High Court ruling which made it liable for a data breach, after an employee, since jailed for 8 years, stole and posted thousands of its employees’ details online in 2014.  Morrisons said it would now appeal to the Supreme Court., if that appeal fails, those affected will be able to claim compensation for “upset and distress”. 

NCSC is seeking feedback on the latest drafts ‘knowledge areas’ on CyBOK, a Cyber Security body of knowledge which it is supporting along with academics and the general security industry.

Google are finally pulling the plug on Google+, after user personal data was left exposed. Google and the other three major web browser providers in the world said, in what seems like coordinated announcements, businesses must accept TLS Version 1.0 and 1.1 will no longer support after Q1 2018.

So its time to move over to the more secure TLS V1.2 or the more secure & efficient TLS V1.3.
NEWS

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

*** This is a Security Bloggers Network syndicated blog from IT Security Expert Blog authored by Dave Whitelegg. Read the original post at: http://feedproxy.google.com/~r/securityexpert/~3/aXTme25sCT4/cyber-security-roundup-for-october-2018.html