01 November 2019

IRM Weekly Cybersecurity Roundup: Georgia cyber-attack and more

Huge cyber-attack hits Georgia

A substantial cyber-attack has hit the country of Georgia, knocking out 2,000 websites and taking its national TV station offline.

Over 15,000 web pageImage result for georgia countrys were affected in the cyber-attack, including those from the presidential website, private companies and government organisations.

Court websites containing personal data and court material were also struck by the attack.

The websites involved found their homepages replaced with an image of former president Mikheil Saakashvili, tagged with the caption “I’ll be back”

The culprit behind the cyber-attack has not yet been identified. You can read more here.

Russia to test cyber-war defences by disconnecting from the internet

Russia will disconnect from the internet today in an effort to protect itself from cyber-attacks.

The test entails Russia reverting to an internal version of the web called “RuNet”. This will isolate them from the networks of other nations.

Russia claims the test is intended to shield Russian systems from a potential cyber-attack. Critics on the other hand claim the test could be part of a wider attempt to isolate Russia citizens from the world.

It is unknown at what time they will start the test or how long it may last. You can read more here.

Indian nuclear power plant hit by cyber-attack

It has been confirmed that India’s newest nuclear power plant was victim to a cyber-attack, exposing the vulnerability of one of the country’s most critical sectors.

Image result for india power plant

A malware designed for data extraction linked to the Lazarus Group hacked into the Kudankulam nuclear power plant.

The Nuclear Power Corporation of India Limited confirmed the attack on Wednesday after identifying the malware in the system but said it was “isolated from the critical internal network”

Cybersecurity experts disputed this assessment saying critical information was compromised.

The hack first surfaced after a data dump related to the India malware had been flagged by VirusTotal, a virus scanner site.

The nuclear power plant was attacked with a known malware named DTrack. The malware was previously used in 2016 to steal the financial data of millions in India. You can read more here.

Johannesburg refuse to pay ransom after cyber-attack

A second cyber-attack has hit Johannesburg this year. Last week, the city found themselves hit by an attack which forced the city to shut down its online services and call centre.

Billing and payment systems have been crippled online. City residents have been advised to pay in cash at banks and use third parties payment platforms for bill payments until the issue is resolved.

The hackers demanded four bitcoin (roughly $35,000) to be paid by Monday 27th October. Johannesburg has refused to pay the hackers and so far no data has been leaked.

In a report from Monday, the city have said they know how the attack had taken place. They are now making significant progress in returning services back to normal, with 80% of systems back online. You can read more here.

New California IoT security law comes into effect January 2020

The new California IoT security law that comes into effect in January 2020, states that all IoT devices sold in California must be equipped with reasonable security measures.

This includes, not only companies that perform the manufacturing, but also companies that are contracted with others to manufacture devices on their behalf.

The law does contain several exclusions, including security vulnerabilities caused by user installation of third-party software and devices already subjected to federal security standards.

Devices that are capable of connecting to the internet (even paired with other devices) and assigned an IP or Bluetooth address are under the new law, such as:

  • Connected vehicles
  • Medical diagnostic equipment
  • Lab equipment
  • Keycard readers (for doors)
  • Security cameras
  • Bluetooth headsets
  • TV’s
  • Printers and more.

Connected devices must be equipped with the new ‘reasonable security features’ appropriate to the function and nature of the information the device may collect or transmit, protecting the device and the information within from unauthorised access, destruction, use, modification or disclosure.

Only the California Attorney General, city attorneys, county counsels and district attorneys can enforce the new law. It has not been stated what type of penalties officials can seek for violations, what the maximum penalties are or whether officials must provide evidence that actual harm to consumers has occurred before seeking penalties. You can read more here.

Quick-fire Updates:

Cybersecurity in space: With Virgin Galactic planning its first trip to the surface of space next year, we expect cybercriminals to expand their targets to include systems located in space. You can read more here.

AI beats StarCraft II: A milestone has been achieved for artificial intelligence after an AI algorithm managed to defeat some of the best real—time strategy game StarCraft II players. You can read more here.

Will we or won’t we? UK delays 5G decision until after election: The UK government have once again set a delay against the decision as to whether Huawei should be part of the construction of the UK’s 5G networks. The decision will likely now be made in 2020 after December General Election. You can read more here.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM.