The target: Levitas, an Australian based hedge fund manager.
The take: $8 million
The attack vector: The attack was initiated when one of the founders clicked on a fake Zoom meeting link. This gave the attackers the ability to inject their own malicious software to take control of the high level email account, and with these powerful credentials in hand, the attackers created fake invoices for a bogus company and then sent requests for payments to be made from the firm. Authorizations from the compromised email account were sent shortly after the requests, prompting the transference of funds to the unknown companies. The threat actors then withdrew the cash.
This breach demonstrates the critical nature of verification processes, and the inherent power of high level credentials and their management. There were several flags raised along throughout the scheme and this attack shows just how important it is to review, verify, and certify transactional processes no matter to origin within a firm.
Investor Daily: The prudential regulator has unveiled its cyber-security strategy for 2020-24, which seeks to lift security standards and introduce higher accountability where companies fail to meet their requirements.
Bleeping Computer: British cybersecurity and hardware company Sophos has emailed a small group of customers to alert them that their personal information was exposed following a security breach discovered.
Axios: The incoming administration will face a slew of cybersecurity-related challenges, as Joe Biden takes office under a very different environment than existed when he was last in the White House as vice president.
Forbes: Companies often separate cybersecurity and data protection by forming two independent teams and buying different software to address each of these issues apart. Maintaining and managing two teams, together with two software sets, involves high IT costs and administrative expenses.
BNN Bloomberg: Big banks and other financial firms predict the cost of warding off cyber criminals will keep climbing in 2021 as they work to secure digital financial services popularized by the pandemic.
CBA: Despite a growing understanding that cyber security is essential in a digital era, some Canadians still need help in getting the message that simple steps can make a big difference in protecting personal information from cyber criminals.
BusinessWire: The AI in cyber security market is projected to generate a revenue of $101.8 billion in 2030, increasing from $8.6 billion in 2019, progressing at a 25.7% CAGR during the forecast period (2020-2030).
The target: TronicsXhange, a California-based electronics retailer
The take: 80,000 images of personal identification cards and 10,000 fingerprint scans. Information included: driver license number, full name, birthday, home address, gender, hair and eye color, height and weight, and a photo of the individual.
The attack vector: The breach occurred when an unsecured Amazon S3 bucket was discovered online even after the company had ended its operation. The database was connected with no password protection meaning anyone who found the correct URL could access and freely download the data.
The breach is serious as the sensitive information stored could lead to severe cases of fraud. Asset management is a critical procedure for any company, and the fact that this server was kept online even after the company had supposedly closed its doors for business highlights the extreme importance of proper decommissioning procedures to ensure sensitive information is securely destroyed or taken offline.
ZDNet: A new offensive force made up of spies, cyber experts and the members of the military is already conducting cyber operations to disrupt hostile state activities, terrorists and criminals, the UK government has revealed.
Yahoo Finance: Cybersecurity Ventures predicts global cybercrime costs will grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015. This prediction is part of a special report conducted by Cybersecurity Ventures and sponsored by INTRUSION, Inc.
Reuters: Canada on Wednesday identified state-sponsored programs in China, Russia, Iran and North Korea as major cyber crime threats for the first time, and said it feared foreign actors could try to disrupt power supplies.
NBC News: Krebs, the director of the Cybersecurity and Infrastructure Security Agency, or CISA, has been the target of public criticism from Trump since the Nov. 3 election over his agency's Rumor Control blog, which rebuts a list of false claims about election fraud and hacking — many of which Trump or his lawyers have touted as real after he lost the election.
My Twin Tiers: The New York State Department of Financial Services has announced their partnership with Global Cyber Alliance to help bring a “cybersecurity toolkit” to small businesses in the State. The DFS stated that this partnership is following many small businesses switch to online and remote work during the COVID-19 pandemic.
Investment Week: The worm damaged about 6,000 computers, representing - at the time - roughly 10% of the entire internet. Over the ensuing decades, computing and connectivity would become even more ubiquitous, as how we work and play increasingly went online; and where, the combination of chips and sensors would become the very fabric of our how we live our lives.
Cision: Trend Micro Incorporated, the leader in cloud security, has identified a new class of cybercrime. Criminals are using cloud services and technology to speed up attacks, which decreases the amount of time enterprises have to identify and respond to a breach.
The target: Vertafore, a U.S based insurance provider.
The take: 27.7 million records of personally identifiable information including: driver license numbers, first and last names, date of birth, address, and vehicle registration history.
The attack vector: Three database files containing the above information were placed, through human error, on an unsecured external, third-party storage service with no authorization access. Meaning anyone with an internet connection had the ability to access and download the data.
This breach highlights the importance of robust cybersecurity protocols and processes. Rigid steps around the transfer andmovement of data is needed to ensure maximum protection of sensitive information, with multiple checks to verify that the destination of the information is secure and expected safeguards are in place. When data is moved, the proper controls commensurate with the sensitivity of the data must travel with it.
Forbes: How each cybersecurity CEO responds to the challenges of keeping employees safe, customers secure and product release cycles on schedule while still achieving customer success – all virtually – provide valuable insights into leading a company during difficult times. Simon Biddiscombe, CEO of MobileIron, exemplifies the empathy all CEOs interviewed have for their employees' welfare. "My first priority when the pandemic hit was to protect the health and safety of our employees, yet still maintain an "always-on business" for our customers," Simon mentioned during a recent interview.
IT Pro Portal: According to a new report from PwC, based on a poll of 3,249 businesses worldwide, which states that almost all UK businesses are switching up their cybersecurity strategy due to Covid-19, with half considering cybersecurity in every decision.
SIX: Swiss banking has existed since the end of the 14th century. With the emergence of the modern banking system from 1850 onwards, our strengths became increasingly apparent: stability and security. Today, in the 21st century, these strengths are more important than ever. Cybercrime is considered one of the most important operational risks in our industry. As a financial center, we must therefore join forces. Cooperation is key. When it comes to cyber security, we must not make any distinction between large and small or bank and insurance. We must act together. We at SIX are prepared to support all the players in Switzerland in their efforts.
Security Magazine: Eighty percent of companies say that an increased cybersecurity risk caused by human factors has posed a challenge during the COVID-19 pandemic, particularly in times of heightened stress. This is according to Cyberchology: The Human Element, a new report that explores the role employees and their personality play in keeping organisations safe from cyber threats.
TechRepublic: The coronavirus pandemic has impacted the world on so many levels, and that includes the realm of cybercrime. Criminals have focused their efforts on malicious campaigns designed to exploit the virus and its ramifications. As COVID-19 continues to threaten the world, these types of attacks are expected to persist, according to cyber threat intelligence provider Check Point Research. In a report released titled Securing the 'next normal, Check Point discussed its 2021 predictions in the face of the pandemic.
Plan Sponsor: Plan sponsors might think they can breathe a sigh of relief following a recent decision from U.S. District Judge Thomas Durkin for the Northern District of Illinois. The decision dismissed Abbott Laboratories from a lawsuit related to a cybersecurity theft from an employee’s retirement account, ruling that the plan participant failed to prove that Abbott itself is a fiduciary with regard to the alleged failures.
The target: GrowDiaries, an online community for marijuana growers.
The take: 2 million user records including: usernames, email address, IP addresses, user posted articles, and user account passwords.
The attack vector: The breach occurred because of a credential management and best practice failure . The site failed to secure its database management application, Kibana, which was left exposed online with no password protection, allowing anyone with an internet connection to access the site. Furthermore, passwords stored in one of the databased were encrypted with weak format known as MD5, which is insecure and can be easily cracked.
Management applications which grant access to user data should always be secured with commensurate levels of security protection. In addition to securing all access points, protection of data ‘at rest’ should include rigorous controls around password tables including hashing, salting, and strong encryption to ensure that if a breach does occur, the damage to clients is mitigated as much as possible.
ZDNet: Upon request from the government of Brazil, US law enforcement participated in "Operation Egypto," a Brazilian federal investigation into the suspected scam, the US Department of Justice (DoJ) said.
Cision: Owing to technological advancements, the world today is living in a digital era and the adoption of cloud solutions has increased significantly. While digitalization has numerous benefits, it has also resulted in the rise in number of cyber-attacks across the globe. Hackers are increasingly breaching personal data of people, including credit card numbers, social security number, email addresses, and passwords. Attributed to this, the need for cyber insurance has been growing substantially as well.
PYMNTS: Folksam shared client data with Facebook, Google, Microsoft, LinkedIn and Adobe, the Swedish company said in a statement on Tuesday (Nov. 3). The firm said it discovered the breach after an internal audit and that it has reported the breach to Swedish regulators.
Dark Reading: The COVID-19 pandemic and the newly distributed workforce that it engendered upended security strategies and forced a rethink of approaches to securing remote workers and supply chains at many companies.
ZDNet: The UK's National Cyber Security Centre (NCSC) is 'stepping up support' for the National Health Service to help protect UK hospitals and other healthcare organisations against cyberattacks.
Tech Radar: JM Bullion, which sells gold, silver, copper, platinum and palladium, became the victim of a cyberattack back in February that was not discovered until July. It remains unclear why the hack is only just being disclosed publicly.
CNBC: In an interview on CNBC’s “Power Lunch,” stressed that significant cybersecurity threats remain, despite the ongoing coronavirus pandemic and election season. “Cyber risks have not gone away with the unfortunate, unforeseen risks we’ve faced with Covid and other uncertainties in our economy,” he said. “They’re still there, and they’re there more than ever.”