Tag: cyberattack

1
Under attack: Lion suffers second cyberattack and the Federal Government warns of an active cyberattack on Australian organisations
2
easyJet hack: Nine million customer records stolen in “highly sophisticated” cyberattack
3
Is your iPhone spying on you (again)?
4
Interlopers in Things? IoT devices may be used as backdoors to your network
5
Major privacy and security breaches confirmed this week: Westpac, the ANU and Princess Polly targeted
6
Ransomware attack hits the state of Georgia
7
So you plug your shiny Tesla in to charge…
8
Research reports say risks to smartphone security aren’t phoney
9
Report savages US Government agencies’ cybersecurity efforts
10
Not so happy families: Online genealogy website suffers data breach

Under attack: Lion suffers second cyberattack and the Federal Government warns of an active cyberattack on Australian organisations

By Cameron Abbott, Keely O’Dowd and Rebecca Gill

News reports have revealed that Lion Beer Australia has suffered a second cyberattack within a week of falling victim to a ransomware attack. While Lion continues to recover from the first cyberattack, it must now investigate, respond and recover from this second attack.

Today, Lion announced it had received reports of Lion document lists posted online in recent days. It is continuing to investigate if any data has been removed from its system. Lion has also advised relevant authorities and regulators of the first incident.

Read More

easyJet hack: Nine million customer records stolen in “highly sophisticated” cyberattack

By Cameron Abbott, Warwick Andersen, Rob Pulham, Michelle Aggromito and Rebecca Gill

It has been reported that hackers have accessed and stolen details of about 9 million customers of British airline easyJet. Approximately 2,208 easyJet customers have also had their credit card details accessed and stolen.

easyJet reported that it became aware of this “highly sophisticated” cyberattack in late January this year. After an investigation, the airline recently disclosed that the details accessed and stolen by the hackers included email addresses, travel information, and credit card data including CVV numbers.

Read More

Is your iPhone spying on you (again)?

By Cameron Abbott and Allison Wallace

In the latest installment of this seemingly ongoing tale, Google uncovered (for the second time in a month) security flaws in Apple’s iOS, which put thousands of users at risk of inadvertently installing spyware on their iPhones. For two years.

Read More

Interlopers in Things? IoT devices may be used as backdoors to your network

By Cameron Abbott and Karla Hodgson

This month Microsoft reported that its Threat Intelligence Center discovered that IoT (internet of things) devices – a VOIP phone, a printer and a video decoder – were used to gain access to corporate networks in April.

Microsoft have identified Strontium – also known as Fancy Bear or APT28 – as the culprit, a hacker group associated with the Russian government who appear to be targeting government, IT, military and defence, engineering, medical and education sectors. Strontium has been linked to the hacking of Hillary Clinton’s presidential election campaign and of the email accounts of researchers investigating the missile strike on MH17 and the Skripal poisonings. In the last 12 months alone Microsoft has delivered almost 1,400 notifications to those targeted or compromised by Strontium.

Read More

Major privacy and security breaches confirmed this week: Westpac, the ANU and Princess Polly targeted

By Cameron Abbott, Allison Wallace and Rebecca Gill

It’s been a chilly start to winter for three Australian organisations, who’ve this week reported major privacy and security breaches.

Up to 100,000 Australians’ personal information has been exposed in a hack affecting Westpac Bank. Westpac confirmed on Monday that details of Australian bank customers (not just those of Westpac) were exposed in a cyberattack on real time payments platform PayID. The banking giant says it noted a high volume of PayID lookups in 2019 on a semi-daily basis, which was a result of attackers trying to guess phone numbers, which, if guessed correctly, would give them the name of the account holder to which the number is linked. Despite the hack, Westpac says that no customer bank account details were compromised as a result of this cyberattack. Nevertheless, experts warn that the details accessed could still be used to commit fraud.

Read More

Ransomware attack hits the state of Georgia

By Cameron Abbott and Ella Richards

Jackson County in Georgia has been held ransom after cyber-attackers deployed ransomware that crippled the government’s IT network for 2 weeks. Government officials resorted to coughing up $400,000 in bitcoin to pay the ransom, desperately trying to get out of the offline ‘pen and paper’ situation the attack had left them in. The suspected ransomware, ‘Ryuk’, caught the eye of the authorities at the end of 2018 after it started affecting the printing presses of Tribune Publishing. Due to the highly problematic decryption tool that is provided once the ransom is paid, Ryuk has the frightening capacity to destroy businesses which cannot survive in downtime or do not have restorable backups.

Read further about the incident here: https://www.bankinfosecurity.com/georgia-county-pays-400000-to-ransomware-attackers-a-12159

So you plug your shiny Tesla in to charge…

By Cameron Abbott and Wendy Mansell

…and suddenly you are at risk of starting fires.

We all know that these days the Internet of Things is a favourite for cyberattacks, with the latest target being home charging stations for electric cars.

Many home charging stations are controlled remotely by mobile apps, which seem to provide the perfect opportunity for hackers to cause harm.

Hackers cleverly can infiltrate an account and turn charging off or even worse, they may change the current to the extent it can start a fire.

Once again the industry needs to take security seriously for IoT and have the same diligence as IT networks now do.

Research reports say risks to smartphone security aren’t phoney

By Rob Pulham, Warwick Andersen and Sarah Goegan

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

Read More

Report savages US Government agencies’ cybersecurity efforts

By Cameron Abbott and Sarah Goegan

You would think government agencies would have a keen focus on cybersecurity risks, but apparently not! A report by the United States Office of Management and Budget (OMB) has found that nearly three-quarters of Federal agencies reviewed have either “at risk” or “high risk” cybersecurity arrangements. 71 of 96 agencies assessed were either missing, had insufficiently deployed or had significant gaps in their fundamental cybersecurity policies, processes or tools.

Read More

Not so happy families: Online genealogy website suffers data breach

By Cameron Abbott, Rob Pulham and Sarah Goegan

Online genealogy platform MyHeritage suffered a major data breach in which email addresses and hashed passwords of over 92 million users were leaked. The data breach occurred in October 2017, but was not discovered until 4 June 2018.

MyHeritage became aware of the breach after a security researcher found a file named “myheritage” on a private server. The file contained all the email addresses of MyHeritage users who signed up through to 26 October 2017, and their hashed passwords.

Read More

Copyright © 2019, K&L Gates LLP. All Rights Reserved.