Cyber Security Roundup for July 2021

    

A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, June 2021.

How was UK Government Building CCTV Leaked?

The Sun newspaper published CCTV workplace footage of Health Secretary Matt Hancock, kissing aide Gina Coladangelo on 6th May 2021, the fact both are married to different people fuelled several days of sensational headlines. Given Matt Hancock has led the charge on directing the UK's COVID rules, his position in government quickly became untenable, resigning a few days later after the story broke. However, the big security concern here, is how was internal UK government building CCTV footage obtained by an external reporter?  

CCTV Leaked from UK Gov Buildings is a security concern

The Northern Ireland secretary, Brandon Lewis, summed up the security concern when he said “the security and privacy of government business mean ministers need to understand how someone was able to access and record the footage and then share it with a newspaper. What happens in government departments can be sensitive, important and people need to have confidence that what is happening in a government department is something that allows the government to be focused on these core issues, and the sensitivity sometimes in the security sense of those core issues."

Matt Hancock's replacement, Sajid Javid, said the cameras in question had been disabled, while Justice Secretary Robert Buckland revealed he asked for his office to be swept for cameras. 

Multiple media reports seem to point to a Department of Health and Social Care (DHSC) employee that was behind the leak. The Mail on Sunday reported that the leaker sent messages via Instagram to the unnamed anti-lockdown activist. One said: “I have some very damning CCTV footage of someone that has been recently classed as completely f***ing hopeless. If you would like some more information please contact me.”And a further message said, “I have the full video … it’s now been deleted off the system as it’s over 30 days.”

The government announced it will be launching an internal investigation and inquiry into how the CCTV footage was leaked. Hopefully, this inquiry's findings will be publicly shared, I say hopefully as they don't have to make their findings public.

There was another security own-goal for UK Gov after classified Ministry of Defence (MoD) documents about the HMS Defender was found at a bus stop in Kent. The MoD said it is investigating "an incident in which sensitive defence papers were recovered by a member of the public".

Pandemic Homeworker Employee Spying

Sticking with the workplace spying theme, a French court has ordered Ikea to pay a fine of €1m after the Swedish furniture chain was found guilty of spying on staff in France. Ikea France was accused of using private detectives and police officers to collect staff's private data.

 

With so many more people working from home during the pandemic, employers have stepped up the extent to which they are monitoring their staff online. Not so many years ago, employees were having to adjust to having their work emails monitored, but that seems almost quaint compared to the digital surveillance we are seeing today. Dr Evronia Azer, from Coventry University’s Centre for Business in Society, says surveillance at work can make employees feel vulnerable, leading to reduced productivity. In a recent blog, she offers solutions to curb this trend. 

FIFA 21 Source Code Stolen

Game publishing giant, Electronic Arts (EA), reported a hack involving the theft of several of their games source-code, including FIFA 21, the source code of which has been offered for sale on an underground forum. While some 780Gb of EA data was stolen, EA said no player data had been stolen. "We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen," an EA spokesperson said in a statement. "No player data was accessed, and we have no reason to believe there is any risk to player privacy," she added. 

FIFA 21 Source Code Stolen

EA said it had already improved security and stated that it did not expect "an impact on our games or our business". The "network intrusion" was not a ransomware attack and had happened recently, EA added.

Ransomware Update

JBS, the world's largest meat processing company, had some of its global meat production operations ground to a halt after its computer systems were attacked by ransomware. It was reported JBS paid a £7.8m ($11m) Bitcoin ransom payment to the REvil, a Russian linked cybercriminal group.  REvil had initially demanded $22 Million, and after paying the ransom, the attackers provided JBS with the decryptor.

REvil Ransomware Decryptor

The United States recovered most of the £3.1m ($4.4m) ransom paid to the DarkSide group, responsible for taking the Colonial Pipeline offline last month, an attack which caused several days causing fuel shortages in the United States. DarkSide is thought to operate out of eastern Europe and possibly Russia. Deputy Attorney-General Lisa Monaco said investigators had “found and recaptured” 63.7 Bitcoin worth $2.3m – “the majority” of the ransom paid. Since the ransom was paid thought, the value of Bitcoin has fallen sharply, so a hit has been taken on the recovered amount given the new poorer exchange rate.

 

Stay safe and secure.

BLOG

• Why Freelancers Should Prioritise Cybersecurity
• Top Cyber Security Challenges Post Lockdown
• Cyber Security Roundup for May 2021

NEWS

• Classified Ministry of Defence Documents found at Bus Stop
• UK Gov to Investigate How Internal CCTV footage of Hancock kissing aide Gina Coladangelo was obtained by the Press
• Gaming Giant, EA, Hacked and Source Code Stolen
• How Hackers are using Gamers to become Crypto-rich
• US Recovers $2.3 million of paid Bitcoin Colonial Pipeline Ransom
• Group linked to Russia is behind Hacking of World's Largest Meatpacking Company
• Meat giant JBS pays $11m in Ransom to resolve Cyber-Attack
• Digital ad Industry accused of Huge Data Breach
• Why Cyber Gangs won't worry about US-Russia talks
• Chinese Hackers used Pulse Secure Zero-Day Vulnerability to infiltrate MTA systems
• Irish Police to be given Powers over Passwords
• One Fastly Customer Triggered an Internet meltdown
• Costs from Ransomware Attack against Ireland Health System reach £435M
• Ikea Fined One Million Euros for Spying on Staff in France
• John McAfee: Antivirus software entrepreneur found dead in Spanish prison cell

VULNERABILITIES AND SECURITY UPDATES

• Microsoft Patches 49 Vulnerabilities, 5 Rated as Critical
• Vulnerability in Peloton Bikes: Example of a widespread Security Issue
• 30M Dell Devices at Risk for Remote BIOS Attacks

AWARENESS, EDUCATION AND THREAT INTELLIGENCE

• ‘Nameless’ malware attacks 1.2TB database in the cloud