13 March 2020

IRM Weekly Cybersecurity Roundup: Month-long cyber-attack and more

University of Kentucky fights off month-long cyber-attack

Month-long cyber attackThe University of Kentucky in the United States has just successfully fought off month-long cyber-attack.

The disruption is thought to have been caused by a cryptocurrency mining malware installed on their networks in February. This particular malware caused interruptions on a daily basis and even triggered a temporary failure on the university’s computer system.

Based on a review conducted by the university, they have found no evidence of sensitive data having been downloaded or accessed. It’s thought that they have spent more than £1 million on removing the malware and to prevent future attacks.

You can read more here.

US not prepared for cyber-attacks

A 122-page report released by the Cyberspace Solarium Commission on Wednesday concluded that the US is at huge risk despite having invested in the development of “robust cyber and non-cyber military capabilities”.

The report is the result of interviews, meetings and expert consultations from the last year and is compiled by a mix of public and private professionals, including FBI Director, Chris Wray.

A number of recommendations are outlined in the report, including the creation of national cyber director position in the White House and new, congressional cyber security committees.

The report even includes some draft legislation that can easily implemented by Congress.

You can read more here.

Almost 1 million Virgin Media customers affected by data breach

The personal details of 900,000 Virgin Media customers was accessed last week without permission as it was “incorrectly configured”.

The data included names, phone numbers, email and often even dates of birth, but didn’t include any passwords or financial information.

Since the incident, which has now been reported to the Information Commissioner’s Office, Virgin Media has now shut down the database.

You can read more here.

Vodafone launches managed cyber security service

Vodafone logoBased on their understanding of strong cybersecurity in companies of critical national infrastructure like itself, Vodafone has launched a new range of managed services.

“Vodafone Cyber Enhanced” offers protective monitoring (continual remote surveillance, analysis, alerting and reporting), Managed Firewall (remote managing, monitoring and supporting new and existing firewalls) and Managed Security Services.

You can read more here.

Facebook sued by Australian privacy watchdog

The Office of the Australian Information Commissioner has started legal proceedings to sue Facebook over the Cambridge Analytica scandal.

The Office stations that around 311,000 Australian Facebook users were affected by the scandal. It’s thought that this is the first time the privacy regulator has sought civil penalty orders under the Privacy Act.

You can read more here.

Quick-Fire Updates

China weaponise Coronavirus for cyber-attacks: A research team has found Chinese state-sponsored hackers using documents (leveraging Coronavirus as a topic) to deliver unknown malware to a public sector organisation in Mongolia. Read more here.

European power grid hit by cyber-attack: According to The European Network of Transmission System Operators for Electricity (ENTSO-E) website, the organisation has found evidence of a “successful cyber intrusion”. Read more here.