31 January 2020

IRM Weekly Cybersecurity Roundup: United Nations cyber-attack revealed and more

Want the IRM weekly cybersecurity roundup sent straight to your inbox? Sign up to our newsletter.

United Nations cyber-attack revealed

United Nations Cyber-Attack - UN building

An investigation has revealed that the United Nations suffered a cyber-attack in July 2019. The recently leaked internal UN report shows that 42 servers were compromised and a further 25 were described as ‘suspicious’.

It appears that the core infrastructure was compromised, including administrator accounts, systems for user and password management, system controls and firewalls.

The report confirms that the UN learned of the attack a month after it began, with an alert going out to system administrators to notify them of the potential compromise. The report states that the cyber-attack was made possible by a known vulnerability (CVE-2019-0604) which had not been patched by UN administrators.

Whilst the average organisation would have to face the implications of the GDPR with an incident of this sort, the UN has diplomatic status. This means the UN did not have to disclose the breach and it remains immune from penalty.

You can read more here.

NCSC confirms Huawei 5G involvement is “manageable”

This week, the UK Government made a decision to allow Huawei to support the UK’s rollout of 5G technology, despite security concerns.

The Huawei Cyber Security Evaluation Centre (HCSEC) is responsible for overseeing Huawei’s activities in the UK. This arrangement, along with others, means that the National Cyber Security Centre (NCSC) concluded the risk of trojan functionality in Huawei’s equipment as “manageable”.

In fact, the NCSC stressed that building backdoors into 5G equipment would not be the most effective way for China to perform a major attack. There are much easier means for China to attack the UK and so their involvement in 5G development should not be hindered.

You can read more here.

30 million credit cards for sale after Wawa breach

The American convenience store and gas station chain, Wawa, has been linked to the leak of 30 million credit card details on the dark web.

The compromised card details have been listed for sale titled “BIGBADABOOM-III” and is thought to be the biggest breach for the last 5 years according to Gemini Advisory research firm.

Wawa is yet to confirm whether the dark web post is legitimate and connected to the chain. The company has alerted the payment card processor and has warned customers to stay vigilant for fraud transactions.

You can read more here.

Water supplier outage caused by cyber-attack

Water Treatment Plant

South Carolina water supply company, Greenville Water, has suffered from a cyber-attack that took its phone and payment systems offline for nearly a week.

Half a million customers were affected by the incident on the 22nd January, but bosses state that they do not store credit card data and the CEO is “fairly certain” that the utility’s data had not been compromised. You can read more here.

Quick-Fire Updates

UK cybersecurity sector worth £8.3 billion: a rise of 46% from 2017. According to a report by the Department for Digital, Culture, Media and Sport, £1.1 billion has been invested into the industry since 2016. Read more here.

SpiceJet breach affects 1.2 million passengers: One of India’s largest privately owned airlines has fallen victim to an attack by a security researcher (describing their actions as “ethical hacking”). The researcher managed to gain access to SpiceJet’s systems with a brute-force attack due to a weak password. An unencrypted backup file discovered contained the personally identifiable information of over 1 million customers. Read more here.

German automotive parts maker hit by ransomware attack: Gedia, based in Attendorn, refused to pay the ransom when 50GB of its sensitive data was advertising on two Russian hacking forums last week. Read more here.

To find out more about IRM, Altran’s World Class Center for Cybersecurity, explore our cybersecurity services here.