Industry News: ESG5

2019-06-17

Haaretz: Iran said on Monday it had exposed a large cyber espionage network it alleged was run by the U.S. Central Intelligence Agency (CIA), and that several U.S. spies had been arrested in different countries as the result of this action. U.S.-Iran tensions are growing following accusations by U.S. President Donald Trump's administration that Tehran last Thursday attacked two oil tankers in the Gulf of Oman, a vital oil shipping route. Iran denies having any role...

2019-06-17

CharityUpdate: Over a third of charities risk exposing themselves to potential internal fraud due to “inconsistent background checks”, new research has found. The research, carried out by background and identity services firm Sterling, titled ‘Insider Fraud, Cyber-crime and Background Checks in the Charity Sector’, revealed that 37% of individuals responsible for hiring in the sector do not have a consistent employee background screening programme in place. The firm has urged charities to ensure they have “consistent and carefully applied” background screening programmes in place in order to avoid the “growing threat” of insider fraud. ...

The target: Quest Diagnostics, the largest blood testing provider in the US, and LabCorp, a leading health care diagnostics company.

The take: Almost 20 million patient records, including names, dates of birth, addresses, phone numbers, dates of service, providers, and balance information, including 200,000 credit card or bank account details.

The attack vector: American Medical Collection Agency, a third-party collections firm, reported that their web billing site had been breached as of Aug 1, 2018 through March 30, 2019, resulting in the theft of information held on behalf the entities for whom they provided collection services.

Read more...

2019-06-07

CoinDesk: Cryptocurrency wallet developer Komodo has effectively hacked its own customers to avert an attack that could have resulted in the theft of funds worth nearly $13 million. A blog post from the npm JavaScript package repository, first reported by ZDNet, indicated that its security system raised an alert about a backdoor on June 5 that could have been used by hackers to rob users of one of Komodo’s older wallets, Agama. An audit showed a malware threat with the potential to steal cryptocurrency wallet seeds and logins...

2019-06-05

Independent: The identities of doctors are selling on the dark web for $500, new research reveals. Hackers are obtaining all the details needed to pose as a medical professional by targetting hospitals and other healthcare organisations, which possess huge troves of highly valuable data. The hacked data is then sold through black markets on the dark web – a section of the internet that is only accessible using specialist software. Documents on sale include malpractice insurance documents, medical diplomas, board recommendations, medical doctor licenses, and DEA licenses...

2019-06-05

CIO: The Federal Government has earmarked $8.5 million in funding for the country’s cyber security sector in a bid to “grow and create new jobs,” according to Minister for Industry, Science and Technology Karen Andrews. “This funding will assist the cyber security industry to upskill and expand the sector, and harness the enormous opportunities available to Australia,” Andrews said in a statement. Announcing the opening of the second round of AustCyber’s Projects Fund, Andrews encouraged companies that can make a significant contribution to the sector to apply...

2019-06-04

Wbal: Nearly all Baltimore City employees should be back online by week's end, city officials say. WBAL-TV 11 reports that at a press conference held Tuesday morning by Mayor Bernard C. "Jack" Young, Financial Director Henry Raymond pegged the cost of the ransomware attack thus far at $18 million. The city has spent $1 million on new computer equipment, using emergency contracts that don't have to go before the Board of Estimates...

2019-06-04

TheConversation: Today it was revealed the Australian National University (ANU) fell victim to a cyber security attack in late 2018, but only detected two weeks ago*. Stolen was a substantial amount of data dating back 19 years relating to staff, students and visitors. We don’t know for sure how long the cyber attackers were inside the ANU systems in this case. However, the university revealed details of other attempted attacks last year. The ABC reported that the types of data stolen were “names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details. Student academic records were also accessed.”...

2019-06-04

InsightCrime: Hackers infiltrated Mexico’s banking system to transfer millions of dollars to bogus accounts and then made cash machines shell out the money, in a case that reveals the country’s structural vulnerability to cyber crime. Authorities have arrested a group of hackers known as the “Bandidos Revolutions Team,” which infiltrated Mexico’s domestic financial transfer system, Wired reported. The hackers were able to divert money to false accounts that they controlled. Their associates were then sent to the ATMs to withdraw the cash, netting the group between 100 million and 300 million pesos (between $5.2 million and $15.7 million) per month...

2019-05-26

ItWire: China has unveiled new cyber security regulations calling for "secure and controllable" technology in its networks, raising the possibility that it could be used to block American technology companies on national security grounds. A report in the South China Morning Post said the draft document, Cyber Security Review Measures, had been published by the country's Cyber Space Administration on Friday and would be up for comment until 24 June...