07 May 2020

IRM Weekly Cybersecurity Roundup: Unacademy data breach and more

Unacademy learning platform exposes 22 million user details

The India-based online learning platform, Unacademy, has suffered a data breach exposing the usernames, hashed passwords, joining date, email addresses and names of 22 million users.

Unacademy LogoThe user records went on sale on darknet forums for $2,000. There are concerns that the account details may allow cybercriminals to hack into corporate organisations, as corporate emails have been used, meaning employees may be using the same passwords.

In a response to the claims, Unacademy has stated only 11 million users were affected and no sensitive information, including passwords, were exposed.

You can read more here.

Dominic Raab warns against COVID-19 cyber-attacks

The UK’s Foreign Secretary, Dominic Raab, has warned against advanced persistent threat (APT) groups who are continuing to exploit the pandemic by attacking national and international organisations.

The announcement from Dominic Raab was coupled with advice published by the UK’s National Cyber Security Centre, the US Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency.

The advisory groups announced that organisations at the focus of cyber-attacks attempts are: healthcare bodies, pharmaceutical companies and research organisations. They are mostly victim to large-scale ‘password-spraying’ campaigns where cybercriminals are trying commonly used passwords against accounts to try and gain access.

The group’s report also hinted at the involvement of hostile states, as many attacks are attempting to retrieve information that would be of interest to national priorities.

You can read more here.

Chinese hacking group’s secret five-year espionage campaign

A new report has uncovered a five-year long espionage campaign that Naikon (the Chinese-based hacking group) has been carrying out against Asia Pacific countries including Australia, Indonesia, Philippines, Vietnam and Thailand.

Their aim? To gather ‘geo-political intelligence’. Whilst the group’s activities quietened down a few years previous, there’s been a notable increase in Q1 2020, coinciding with the COVID-19 outbreak.

You can read more here. 

Virtual cybersecurity school launched by UK Government

Cyber School Game Demo

The Department for Digital, Culture, Media and Sport (DCMS) has launched “Cyber Discovery” – a virtual cyber school to upskill children in an effort to prepare the next generation of cyber professionals.

The school allows the users to learn how to crack codes, fix security flaws and dissect criminal digital trails as they progress through the games as a ‘cyber agent’.

As well activities, the platform has free weekly webinars run by industry experts who will cover key security areas such as digital forensics, cryptography and operating systems.

You can read more here. 

Quick-Fire Updates

GoDaddy confirms data breach: As one of the largest domain registrars, GoDaddy has confirmed the breach took place in October 2019 and approximately 28,000 customer hosting accounts were affected. Data affected included SSH usernames and passwords. Read more here.

49% of companies to experience cyber-attack amid COVID-19: A study conducted by Barracuda found that nearly half of organisations have experienced a cybersecurity incident since remote working was implemented. 40% have also admitted to cutting their budget in half due to financial pressures.  Read more here.

Toll Group hit by second ransomware attack: The Australian-based logistics company suffered a month of disruption earlier in the year due to Russian hackers. The second ransomware attack has forced the company to yet again close down certain IT systems since Monday after they noticed unusual activity on their servers, thought to be ‘Nefilim’ ransomware. Read more here.

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter.