Industry News: ESG5

2019-06-05

Independent: The identities of doctors are selling on the dark web for $500, new research reveals. Hackers are obtaining all the details needed to pose as a medical professional by targetting hospitals and other healthcare organisations, which possess huge troves of highly valuable data. The hacked data is then sold through black markets on the dark web – a section of the internet that is only accessible using specialist software. Documents on sale include malpractice insurance documents, medical diplomas, board recommendations, medical doctor licenses, and DEA licenses...

2019-06-05

CIO: The Federal Government has earmarked $8.5 million in funding for the country’s cyber security sector in a bid to “grow and create new jobs,” according to Minister for Industry, Science and Technology Karen Andrews. “This funding will assist the cyber security industry to upskill and expand the sector, and harness the enormous opportunities available to Australia,” Andrews said in a statement. Announcing the opening of the second round of AustCyber’s Projects Fund, Andrews encouraged companies that can make a significant contribution to the sector to apply...

2019-06-04

Wbal: Nearly all Baltimore City employees should be back online by week's end, city officials say. WBAL-TV 11 reports that at a press conference held Tuesday morning by Mayor Bernard C. "Jack" Young, Financial Director Henry Raymond pegged the cost of the ransomware attack thus far at $18 million. The city has spent $1 million on new computer equipment, using emergency contracts that don't have to go before the Board of Estimates...

2019-06-04

TheConversation: Today it was revealed the Australian National University (ANU) fell victim to a cyber security attack in late 2018, but only detected two weeks ago*. Stolen was a substantial amount of data dating back 19 years relating to staff, students and visitors. We don’t know for sure how long the cyber attackers were inside the ANU systems in this case. However, the university revealed details of other attempted attacks last year. The ABC reported that the types of data stolen were “names, addresses, dates of birth, phone numbers, personal email addresses and emergency contact details, tax file numbers, payroll information, bank account details, and passport details. Student academic records were also accessed.”...

2019-06-04

InsightCrime: Hackers infiltrated Mexico’s banking system to transfer millions of dollars to bogus accounts and then made cash machines shell out the money, in a case that reveals the country’s structural vulnerability to cyber crime. Authorities have arrested a group of hackers known as the “Bandidos Revolutions Team,” which infiltrated Mexico’s domestic financial transfer system, Wired reported. The hackers were able to divert money to false accounts that they controlled. Their associates were then sent to the ATMs to withdraw the cash, netting the group between 100 million and 300 million pesos (between $5.2 million and $15.7 million) per month...

The target: Norway’s largest healthcare authority, Health South-East.

The take: Patient records and private health information for almost 3 million people.

The attack vector: Apparently focused on the health service’s relationship with Norway’s armed forces and the ‘Trident Juncture 18’ NATO exercise scheduled for October 2018, cybercriminals exploited legacy systems and substandard security to exfiltrate health data for almost half of Norway’s population. Reports indicate that as of June 2017, more than 1,200 of Health South-East’s endpoints were running the Windows XP operating system (which reached end-of-life in 2014).

Read more...

2019-05-30

Cointelegraph: United States sanctions incentivized North Korea to launch cyberattacks involving cryptocurrency, a senior FBI official told a conference. The comments were quoted by South Korean English-language news outlet Korea Herald on May 30. Speaking at an event organized by U.S. thinktank The Aspen Institute, Tonya Ugoretz, deputy assistant director of the FBI’s cyber division, said financial strain had driven North Korean state actors to cybercrime.....

2019-05-30

Zdnet: Over 2.3 billion files -- including sensitive data like payroll information, credit card details, medical data and patents for intellectual property -- are exposed publicly online, putting both people and organisations at risk of data theft, cybercrime, espionage and other malicious activities. Analysis by researchers at cybersecurity company Digital Shadows found the highly sensitive information stored alongside other data in publicly exposed or misconfigured online storage and cloud services, including SMB file shares, rsync servers, and Amazon S3 buckets....

2019-05-28

YNetNews: While there have been repeated attacks on the country's financial institutions, officials say little damage has been done, but warn customers must take responsibility to secure their own accounts online. Cyber attacks on Israel's banking system have increased considerably over the past two years, according to the annual report by Supervisor of Banks Hedva Ber...

2019-05-27

Reuters: Microsoft Corp and Facebook Inc have agreed to help boost the security of Canada’s October election by removing fake accounts and cracking down on bots, a top government official said on Monday. Last month the Liberal government of Prime Minister Justin Trudeau complained that the world’s major social media companies were not doing enough to help combat potential foreign meddling in the vote and said Ottawa might have to regulate them. ...