The target: The National Bank of Blacksburg
The take: $2.4 million
The attack vector: The attack began with a phishing email which let the hackers install malware on the compromised computer. This move let them disable and alter anti-theft and anti-fraud measures such as PIN’s, withdrawal limits, daily debit card usage limits and fraud score protections. Through their now unrestricted access to the bank’s internal account manager software, Navigator, the attackers modified or removed critical security controls. They then accessed hundreds of customer accounts to steal funds over a period of two days.
This incident highlights the profound impact one compromised system can have in the context of an organization’s overall security posture, and underscores the old adage – ‘a chain is only as strong as its weakest link’. While network and server-level protections are essential, firm must ensure that endpoint controls and user training are up to snuff.
Cision: Mr. Dronamraju will oversee the bank's global strategy for cyber security. Reporting to both Larry Zelvin, Head Financial Crimes, and Ken Librot, U.S. Chief Technology and Operations Officer, Mr. Dronamraju will have offices in Toronto and Chicago, with teams located in North America, Asia and Europe.
Coin Telegraph: A 19-year old man has been indicted for identity theft as part of an alleged $1+ million cryptocurrency heist affecting at least 75 victims in the United States.
Reuters: Russia will carry out tests on Monday on the reliability of its domestic internet infrastructure in the event that the country is disconnected from the worldwide web, the communications ministry said.
CTV: Hackers may have obtained the personal data of 15 million LifeLabs customers after a systems breach, and this includes addresses, passwords, birthdays, health card numbers and even lab results.
ZDNet: Awareness and management of cybersecurity risk is improving in Australia's financial market, said the Australian Securities and Investments Commission (ASIC), but there is still room for improvement across the entire sector.
Cyberscoop: LogMeIn, the Boston-based software company that owns password manager LastPass, said it will sell itself to two private equity companies as part of a cash deal valuing LogMeIn at roughly $4.3 billion.
The Guardian: Russian agents have been accused of worldwide hacking operations, but someone at the Kremlin has apparently forgotten to inform Vladimir Putin of the importance of cyber-security.
The target: A Chinese Venture Capital firm.
The take: $1 million.
The attack vector: The “man-in-the-middle” attack occurred when the Venture Capital firm transferred funds to an Israeli start-up company. The breach began with the threat actor creating two lookalike domains, both mirroring the VC firm and the Startup firm, but with an extra “s” at the end of the address. They then sent two emails, both posing as the VC firm’s CEO and as the start-up’s CEO, tricking both parties into sending sensitive banking information which the attacker then modified to hijack the money.
This coordinated attack highlights the critical need for human vigilance and the implementation of robust controls. Scrupulous validation of transactions where assets – funds or sensitive information - are being transferred is central to effective protection.
ZDNet: A mysterious new phishing campaign is targeting government departments and related business services around the world in cyber attacks which aim to steal the login credentials from the victims.
The Jerusalem Post: Just a few weeks since Iranian protesters torched hundreds of bank branches throughout the country, the Islamic republic’s financial authorities are dealing with another threat: A cyber attack caused the bank details of millions of Iranians to be published online, The New York Times reported.
Reuters: North Korean state-backed hackers appear to be cooperating with Eastern European cybercriminals, a report here said, a finding that suggests digital gangsters and state-backed spies are finding common ground online.
CTV: The Desjardins Group says the employee who stole the personal data of 4.2 million members of the financial co-operative also gained access to information for 1.8 million credit card holders.
Business 2 Community: Up until the early eighties, transactions at financial institutions were handwritten, calculated long-hand, and done without the aid of a computer or calculator. Fast forward many years and not only can we make deposits and automate our bills to be paid online, but many employees of financial institutions are starting to work remotely as well.
Security Week: Insurance is a fundamental aspect of business risk management used to spread or mitigate financial risk by transferring it to a third party.
Reuters: British cyber security officials are investigating whether classified UK-U.S. trade documents that were shared online ahead of Thursday’s election were acquired by hacking or were leaked, two sources told Reuters.
The target: Sprint, an American telecommunications company.
The take: 261,300 documents, including phone bills and bank statements containing: names, addresses, phone numbers, and in some cases, screenshots with subscribers’ online usernames and account PINs.
The attack vector: A misconfigured cloud storage bucket was publicly exposed and not protected by a password, allowing anyone with internet access to download the contents. The misconfiguration was traced a marketing agency contracted by Sprint.
Any subsidiary or contractor which handles sensitive data is a potential breach source. Internal security controls must be extended to third parties handling a firm’s sensitive data.
The Economic Times: Tel Aviv, Researchers from cybersecurity firm Check Point have revealed how hackers stole $1 million seed funding sent by a Chinese venture capital firm to an Israeli start-up.
Reuters: U.S. authorities on Thursday took aim at a Russian cybercriminal group known as Evil Corp, indicting its Lamborghini-driving alleged leader and ordering asset freezes against 17 of his associates over a digital crime spree that has netted more than $100 million from companies across the world.
Ottawa Business Journal: Students and researchers at the University of Ottawa will now have access to tools and expertise on the cybersecurity sector from IBM Canada.
Washington Post: On Nov. 18, a United Nations committee passed a Russia-backed cybercrime resolution by a vote of 88 to 58, with 34 countries abstaining. Russia, Belarus, Cambodia, China, Iran, Myanmar, Nicaragua, Syria and Venezuela sponsored the resolution, titled “Countering the use of information and communications technologies for criminal purposes.” The United States said it is “disappointed with the decision.”
The Telegraph: The West was slow to respond to the threat of cyber attacks, the chief of the NATO Cooperative Cyber Defence Centre (CCDCOE) has admitted.
**Article may require a subscription**
Business Standard: National Cyber Security Coordinator (NCSC) Lt Gen (retd) Rajesh Pant raised concern over the lack of cyber-infrastructure in the country and said are we waiting for a cyber earthquake before getting our act together.
Tech Crunch: Israel is a powerhouse in both offensive and defensive cyber operations, with cybersecurity giants CyberArk, Check Point, and Illusive Networks all founded in the country in recent years.