Cyber Security Roundup for May 2016

The business impact of under investing in IT security was felt by TalkTalk, their profits were halved after 160,000 customers walked away from using the company’s services following their recent high profile data breach. TalkTalk received wide criticism for poorly handling their customer data breach which further damaged TalkTalk's reputation with customers. 

Hugh volumes of stolen user credentials taken from the likes of LinkedIn, Tumblr and MySpace were dumped onto the dark web. 

Spear phishing continues to be a problem across all industries, with one attack costing the job of a CEO and CFO at a German aircraft company. 

The ICO publicly fined two NHS trusts and the Kent police following personal data breaches. One ICO £185,000 fine was due an emailed newsletter, the email “to” field displayed the email addresses of individuals infected with HIV to all recipients of the newsletter email. An issue simply prevented by using the BCC field instead of “To” or “CC”. 

Ransomware continues to be a major evolving problem, with new strains of the malware such as Petya detected, and existing strains such as CryptXXX receiving updates.

News

• TalkTalk Profits Halve after Customer Losses following Cyber-Attack
• 117 million LinkedIn Email Credentials found for Sale on the Dark Web
• Email Error Leaks Hundreds of Northern Ireland Prison Officer Details
• Chelsea & Westminster Trust fined £180K after email reveals over 700 HIV Patients
• ICO Fines Blackpool NHS Trust £185,000 for leaking staff data via Excel Error
• Kent Police fined £80k for serious Domestic Abuse Data Breach
• Hacker on trial for £100k British Airways DoS Attack
• UK mobile software firm 51Degrees suffers a Cyber-Attack
• CEO Sacked after Aircraft Company Grounded by Whaling Attack
• 272 Million email Account Credentials found on the Dark Web
• MySpace and Tumblr hit by 'Mega Breach'
• PCI Payment Application (PA-DSS) Version 3.2 Released
• Adobe Patch 25 vulnerabilities in Flash Player, including one Targeted in the Wild
• Microsoft release 8 Critical Patches for Windows, Edge, IE, Office & Adobe Flash Player
• Microsoft Warns of New, Self-Propagating Ransomware in the Wild
• PETYA: New Crypto-ransomware Overwrites MBR to Lock Users Out
• Unique New Backdoor Trojan Infecting Computers
• Hackers update CryptXXX Ransomware to Scan Networks

Reports

• Most organisations unprepared for Cyber-Security incidents - NTT Security 2016 Report
• Fraud Costs UK £193bn per year, Rise in Phishing Attacks seen according to Report
• 70% of UK employees use Unauthorised Cloud Services at Work according to StudyCall centre fraud spikes 45% as Payment Card Security Improves

More from Cybersecurity Expert For more practitioner-led cybersecurity analysis, AI Labs tools, book updates and evidence-based assurance thinking, visit the main Cybersecurity Expert website. Visit cybersecurityexpert.co.uk | Explore AI Labs | Read about the book