Wednesday 3 May 2017

Cyber Security Roundup for April 2017

In April the National Cyber Security Centre (NCSC) briefed major UK businesses about a significant Chinese Cyber-Espionage Threat called APT10, also known as Stone Panda, which I have featured in a separate blog post - Detecting & Preventing APT10 Operation Cloud Hopper.

The InterContinential Hotel Group, a hotel giant best known for the Crowne Park Plaza and Holiday Inn in the UK, reported data breaches within 12 of its hotels, however, Brian Krebs, the investigative journalist who first broke the story, reckons that there could be more than 1000 locations affected. A statement released on the hotel's website says that the malware, which infected the hotels' card payment systems, was identified between 29 September and 29 December 2016.

Payday loan firm Wonga reported a data breach which may affect up to 245,000 of its UK customers. The information stolen includes names, addresses, phone numbers, bank account numbers and sort codes.

A BBC Click investigation has thrown doubt on claims that the small, personal email server Nomx can provide "absolute security". The BBC investigation started by taking the device apart to find that it was built around a £30 Raspberry Pi computer. As the operating system for the Pi sits on a removable memory card, Mr Helme was able to download the device's core code so he could examine it closely and found they were about to crack the device's simple passwords.

There was the usual raft of security updates which fixed security vulnerabilities in April, with Microsoft patches causing the most stir with security researchers, some of whom suggested the firm had held back patching some of its products.

Awareness, Education and Threat Intelligence
  • The 2017 Verizon Breach Investigations Report (DBIR) Released
    • 75% of data breaches are down to outsiders and a 25% are insiders
    • 73% are conducted for financial reasons with half involving organised crime.
    • 62% of breaches feature hacking, it still disappoints to see that 81% of hacking related breaches leveraged either stolen and/or weak passwords. Half of breaches included malware, but physical loss of devices is now down to just eight% and errors were a factor in 14% of breaches.
    • Ransomware rose 50% compared to last year and accounted for 72% of all malware incidents in the healthcare sector. 
    • Financial services are the most targeted sector at 24%, while healthcare accounts for 15%, the public sector close behind on 12% and the combined total of retail and accommodation accounting for 15% of breaches.

No comments: