30 August 2019

IRM Weekly Cybersecurity Roundup: U.S cyber-attack on Iran and more

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter. 

U.S cyber-attack on Iran disables ability to target shipping traffic

The U.S cyber military forces hit an Iranian database with a cyber-attack used to target oil tankers and shipping traffic in the Persian Gulf.

US cyber-attack on Iran oil tankers

The attack, approved by Donald Trump, comes after Iran shot down an American surveillance drone in June for violating Iranian airspace. Trump also recently called off a military airstrike against Iran due to the potential 150 casualties, in which he stated wouldn’t be “proportionate to shooting down an unmanned drone.”

Iran is still trying to bring the military communications network back online, restarting computer systems to recover lost information. You can read more here.

‘Camscanner’ app removed from Play Store after advertising malware

The Google Play Store has removed an app called ‘CamScanner’ after the latest version was found to contain malware. The malware showed users intrusive ads, prompting them to sign up for paid services whilst cybercriminals pry on login credentials.

CamScanner is an app that converted the user’s photos of documents and turned them into PDF format. It had been downloaded over 100 million times. The app developers have announced a new version after removing the malicious code. You can read more here.

A serious cyber-attack will trigger NATO response

NATO’s Secretary General, Jens Stoltenberg, has announced that, if one nation is hit by a serious cyber-attack (like the WannaCry outbreak) it would seek to form an alliance between the 29 NATO countries.

flags of countries part of Nota If an incident were to happen, it would trigger Article 5 of the founding treaty – “collective defence commitment”. The article states that parties must work together should one nation experience a cyber-attack.

Article 5 has only been triggered once by the US, which was after the 9/11 attacks in 2001. Despite this, Stoltenberg described how NATO was adapting to a “new reality”.

“We have designated cyberspace a domain in which NATO will operate and defend itself as effectively as it does in the air, on land, and at sea,” he wrote. You can read more here.

French police disinfect 850,000 computers hit by malware botnet

Antivirus creators and the French National police has collaboratively wiped out the ‘Retadup’ virus that infected over 850,000 computers worldwide.

The team who have been dubbed “Cybergendarmes” (roughly translates to ‘cyber armed people’) were able to gain access to the virus infrastructure created by the Retadup Malware gang. They then instructed the virus to delete itself from all 850,000 infected computers without user intervention.

The virus, sent via a phishing email, offered users easy money or erotic pictures through infected USB drives. Hackers were able to control computers remotely without detection to create “Monero” – a type of cryptocurrency.

Retadup was found on Windows-operating computers in over 100 countries, but most of the infected computers were found in Latin America. The pirate server has been dismantled, completely destroying it all together. You can read more here.

Quick-fire updates

Huawei’s latest phone ditches Google apps: Google has confirmed that they cannot license it’s apps to Huawei due to the US government’s ban on Huawei sales. This means the newest smartphone is likely to come without popular apps like Google Maps and YouTube, unless the decision is appealed. Read more here.

Apple apologises for Siri recordings: Apple has apologised for allowing paid third-party workers to listen to voice recordings of Siri users. Read more here.

Second Instagram flaw patched by Facebook: Facebook has closed another security flaw on Instagram. The flaw could have let an attacker take over any account by resetting passwords. Read more here.

If you have any questions about this week’s roundup, or want to understand how you can improve your cybersecurity strategy, get in touch with IRM. 

Are you looking to get into a career in cyber? Check out IRM’s job vacancies on our careers page or sign up to our careers newsletter for future roles.