14 December 2018

IRM Weekly Cybersecurity Roundup: AI reshaping phishing and more

Whilst slightly overshadowed by a highly political week in the UK, it’s still been a varied week for cybersecurity news. Check out the quick fire updates at the end of the blog and sign up to the IRM newsletter to get the roundup delivered straight to your inbox.

AI set to reshape phishing next year

A recent report predicts that hackers will begin using AI in hacking to make attacks harder to detect. The AI is likely to monitor victim’s online behaviour, using chatbots to lure users into clicking on malicious links.

Another trend likely to peak in 2019 is “SIM-swap fraud”. Despite these new trends, the report suggests that tried-and-tested methods are likely to remain a main threat.

You can read more here.

‘The Jedi Project’ sparks security concerns

The Joint Enterprise Defence Infrastructure (Jedi) is a venture by the US Pentagon to store military data in a cloud, rather than on multiple smaller servers.

This means that top military secrets will be transferred to the ‘Jedi’ cloud, such as classified information about weapons systems. Why are the Pentagon doing this? To ensure that the military on the frontline has instant access to the latest intelligence, making them more effective.

The project has caused controversy, as the contract will be awarded to one single organisation. Storing classified details on a commercially-run cloud is also raising questions, but the Pentagon suggests that using multiple providers will spread the risk of security breaches.

Amazon Web Services and C5 Group’s potential partnership in response to the project is also causing concern. This is because the man behind C5 Group, Andre Pienaar, is thought to have links to Viktor Vekselberg, who is on the US sanctions list for his close ties to Vladimir Putin.

You can read more here.

Cyber power shifts in the EU

On 10th December, the EU Parliament, the Council and the European Commission formalised the Cybersecurity Act. The legislation will help to support Member States with tackling cybersecurity threats and attacks.

The measures include a permanent mandate for the EU Cybersecurity Agency and more resources to fulfil its goals, plus a stronger basis for the Agency to help Member States respond to cyber-attacks. On a citizen-level, the new rules will help consumers trust the IoT devices they use on an everyday basis once they are cyber-secure.

You can read more here.

Marriott cyber-attack linked to Chinese spy agency 

Last week, the Marriott hotel chain announced that 500 million guests were part of a cyber-attack gathering personal details.

They now believe that the hackers are suspected of working for the Ministry of State Security, China’s Communist-controlled civilian spy agency. This discovery follows an announcement from Trump’s administration to target China’s trade, cyber and economic policies within a matter of days.

With China at the centre of concern for a while, the US administration is considering options such as restricting access to telecommunications critical components and declassifying intelligence reports to reveal previous criminal activities.

You can read more here.

Save the Children admits to falling for $1m cyber-scam

The worldwide Save the Children Federation has revealed that they fell victim to a phishing email scam which cost the charity $1m last year.

The hacker gained entry into an employee’s email account and used fake solar panel invoices to fraudently direct money to an entity in Japan. On discovering the attack, it was too late to report and stop the money transfer.

Whilst the charity has been able to recoup over $900,000 through insurance, they have also enhanced best practice to prevent future scam and hacking attempts.

You can read more here.

Quick Fire Updates

US Government releases report on Equifax data breach – The US House of Representatives has published a report summarising the events of the Equifax Data Breach. Key highlights include a timeline of events, points of failure, remediation efforts and recommendations. Read the report here.

(Don’t) click here! – Research by McAfee shows that 87 companies have fallen victim to a cyber-espionage campaign using fake job advertisements to spread malware. US-based and government-related organisations were amongst the targets. The scam involved downloading documents containing job descriptions laden with malicious code. Read more here.

Saipem – Italian Oil Firm

Middle Eastern Servers shut down by cyber-attack – The servers of Italian oil services firm, Saipem, have been affected after an alleged Indian cyber-attack. The Head of Digital and Innovation, Mauro Piasere, stated that the attack had affected 400 servers across Saudi Arabia, UAE, Kuwait and Scotland. Saipem has most recently discovered that the attack used a variant of the notorious Shamoon virus. Read more here.

UK retailers to step-up cybersecurity – According to a poll across the UK, Germany, Benelux and the US, IT retailer professionals are planning on increasing cybersecurity measures over the Christmas period. Top concerns include social media scams, DDoS attacks and ransomware. Read more here.

ICO releases new guidance – The Information Commissioner’s Office has released new guidance on controllers and processors and the relevant contracts between them. Whilst the concepts are not new to those complying with the GDPR, the guide helps organisations determine whether they are acting as controllers, processors or joint controllers. Read the guide here.

Ireland sets up “cybersecurity cluster” – The Cork Institute of Technology and IDA Ireland have launched “Cyber Ireland”. The initiative will involve a cluster of cybersecurity businesses with a focus on cyber talent, development of the Irish cyber industry, academic and government. Read more here.

To receive this blog direct to your inbox every week, sign up to our newsletter.

If you have any questions about this week’s roundup, or want to learn more about how your organisation can improve its cybersecurity strategy, get in touch with IRM.