Industry News: ESG5

2019-06-25

Bloomberg: Cyber attackers that appear linked to the Chinese government infiltrated at least 10 global telecommunications carriers over several years and stole customer data, a Boston-based research firm said. There is a “high degree of certainty” that a team acting on behalf of China was involved and sought to take communications data related to specific individuals, Cybereason said in a June 25 report. The breach involved tools and techniques consistent with those used by a group identified as APT10, it said...

2019-06-20

Business Insider: Cybersecurity is a growing threat for global financial institutions, yet most of them are ill-prepared to respond within their current infrastructure, according to new report. The cost of dealing with a cyberattack’s aftermath is particularly high for wealth managers and banks, Boston Consulting Group found in its annual report on global wealth-management trends. ...

The target: Desjardins Group, a Quebec-based federation of credit unions.

The take: Personal information for more than 2.7 million individuals and more than 173,00 businesses, potentially including name, date of birth, social insurance number, address, phone number, e-mail address, and ‘details about banking habits’.

The attack vector: Desjardins announced that the breach was not the result of an external cyberattack, but was the result of ‘unauthorized and illegal use of its internal data by an employee who has since been fired.’.

Read more...

2019-06-20

CNN: The Guardian says that it was warned earlier this year about efforts by a cybersecurity unit in Saudi Arabia to "hack" its computer networks. The British newspaper published an article on Wednesday that says it was alerted by a source in Riyadh that it was being targeted by the unit following the murder of journalist Jamal Khashoggi. It later received a copy of a document that supported the claim. According to the newspaper, which said it could not verify its authenticity, the memo authorized "the penetration" of its servers and accounts belonging to two of its reporters...

2019-06-18

BusinessInsider: 2018 was a great year for cybercrimes, and it doesn’t look like the numbers are going to fall anytime soon. A report by the Cyber Security Agency of Singapore (CSA) has revealed that a total of 6,179 cybercrime cases were reported in 2018, an increase from 5,351 in 2017. The report, released on Monday (June 17), revealed that cybercrimes accounted for about 19 per cent of the overall crime in Singapore last year...

2019-06-18

Globe Newswire: The nerve center for electric power transmission in California says that cyberattacks now pose the most serious threat to the grid. According to a June 14 report in the San Diego Union-Tribune, the California Independent System Operator (ISO) is fighting off several millions of attempted intrusions every month. Hubert Hafner, the California ISO’s head of cyber security, said his network is “in the cross-hairs of terrorists and nation-states that want to harm the electric grid.”...

2019-06-18

BBC: Russia has said it is "possible" that its electrical grid is under cyber-attack by the US. Kremlin spokesman Dmitry Peskov said reports that US cyber-soldiers had put computer viruses on its electrical grid was a "hypothetical possibility". His comments came in response to a New York Times (NYT) story which claimed US military hackers were targeting Russian power plants. The report drew scepticism from experts and a denunciation by President Trump...

2019-06-17

ZDNet: Australian Catholic University (ACU) has confessed that a data breach occurred on its systems as a result of a phishing attack. ACU said it discovered the breach on 22 May but did not say when the attack happened. "The data breach originated from a phishing attack: An email pretending to be from ACU tricking users into clicking on a link or opening an attachment and then entering credentials into a fake ACU login page," Acting Vice-Chancellor Dr Stephen Weller said in a blog post on Monday...

2019-06-17

Haaretz: Iran said on Monday it had exposed a large cyber espionage network it alleged was run by the U.S. Central Intelligence Agency (CIA), and that several U.S. spies had been arrested in different countries as the result of this action. U.S.-Iran tensions are growing following accusations by U.S. President Donald Trump's administration that Tehran last Thursday attacked two oil tankers in the Gulf of Oman, a vital oil shipping route. Iran denies having any role...

2019-06-17

CharityUpdate: Over a third of charities risk exposing themselves to potential internal fraud due to “inconsistent background checks”, new research has found. The research, carried out by background and identity services firm Sterling, titled ‘Insider Fraud, Cyber-crime and Background Checks in the Charity Sector’, revealed that 37% of individuals responsible for hiring in the sector do not have a consistent employee background screening programme in place. The firm has urged charities to ensure they have “consistent and carefully applied” background screening programmes in place in order to avoid the “growing threat” of insider fraud. ...