08 February 2019

IRM Weekly Cybersecurity Roundup: American version on GDPR and more

Fancy getting the weekly roundup delivered straight to your inbox? Sign up to the IRM newsletter.

Big US corporations look to create an ‘American’ GDPR

Companies including Cisco, Apple and Microsoft are calling for an American version for the EU’s GDPR, due to their ongoing concern over online data privacy.

They are asking US politicians to devise their own version of GDPR with slight differences to Europe’s. One requested difference includes leaving out the right for an individual’s data to be deleted on search engines.

You can read more here.

Office 365 users caught out by credentials scam

workflow-Office-365-Sharepoint

Since the summer of 2018, hackers have been sending scam emails requesting Office 365 login credentials disguised as invitations to collaborate in SharePoint.

The scam relies on the trustworthy nature of corporate workspaces. The data gained could allow the cybercriminals to access areas such as emails and cloud storage. This will potentially allow the scammers to spread malware or use stolen information in spear-phishing campaigns.

It’s important to ensure employees using Office 365 are aware of this scam and what the emails might look like/contain. This will ensure they think twice about clicking on innocent-looking links.

You can read more here.

New breed of cyber attacks

Carbon Black has published a report on the next generation of cyber-attacks. The report’s key findings include that there are approximately 1 million cyber-attacks attempted per day and that China and Russia were responsible for almost half of all cyber-attacks last year.

Looking at 2019, the report suggests that endpoint visibility will be become “more paramount than ever” as attackers’ skillsets evolve and global cyber tensions increase. Lateral movement will become more prevalent and “counter incident response” is likely to become more common, with cybercriminals becoming more sophisticated.

You can read more here.

Have you heard about the parking system cyber-attacks?

Iowa State University#

Iowa State University

Not the type that means you don’t have to pay your parking fines, but one where an attacker applies malicious malware onto the server which leads to the theft of credit card information. This was the case for the city of Ames in Iowa, US.

Whilst the malware had only reportedly been on the system for a matter of weeks, 3,000 motorists had used the parking system in that time, making them vulnerable to fraud.

One cause for concern is that the system’s managers were informed of the system’s vulnerabilities and update requirements, but this wasn’t taken seriously.

In comparison, a similar malware on parking systems in Saint John (26 hours away from Ames) went unnoticed for 18 months. It is thought that the personal and financial information of the system’s users began to appear for sale on the dark web in September 2017.

You can read more here.

Metro Bank targeted with 2FA bypassing attacks

The other week, we wrote about a new technique which could bypass two-factor authentication (2FA) with ease. This week, we have a true example of this type of technique being used.

It’s thought that hackers have been able to infiltrate a telecoms firm’s text messaging protocol, exploiting “SS7” and intercepting the 2FA mobile texts to gain access to bank accounts.

The National Cyber Security Centre has noted that, although this was once thought to be too sophisticated for conventional cybercriminals, this technique is becoming more prevalent.

You can read more here.

Quick fire updates

Bernard Matthews’ staff bank details compromised – in a suspected cyber-attack of 200 workers of the turkey producer. They have now put in extra security measures after the incident. Read more here.

Inside NATO’s cyber centre – a recent article from Sky News explores what it’s like to visit NATO’s cyber defence centre. From having to submit your personal information and electronic device serial numbers day before, to signing in to an old-fashioned pen and paper sign-in sheet, read more about the experience here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.