We frequently blog here about incidents where companies, government agencies or public have suffered data or security breaches at the hands of hackers. They’re often incidents that come to light because they affect the public in some way – by shutting down hospitals, exposing sensitive personal information, or threatening government security. But what about hacks that, while not having wide-reaching public implications, go to the core of a business’ operations?Read More
Ransom-based hacking techniques have primarily been limited to the intangible. We live in a world where unauthorised access to email accounts, bank accounts, and computer systems that may otherwise be private is no longer uncommon.
In some situations, hackers demand a lump sum in return for reinstating control of the accounts and systems to its owners and managers, and otherwise refusing to pay this ransom can likely leave our information and data at the mercy of hackers.Read More
By Cameron Abbott and Karla Hodgson
This month Microsoft reported that its Threat Intelligence Center discovered that IoT (internet of things) devices – a VOIP phone, a printer and a video decoder – were used to gain access to corporate networks in April.
Microsoft have identified Strontium – also known as Fancy Bear or APT28 – as the culprit, a hacker group associated with the Russian government who appear to be targeting government, IT, military and defence, engineering, medical and education sectors. Strontium has been linked to the hacking of Hillary Clinton’s presidential election campaign and of the email accounts of researchers investigating the missile strike on MH17 and the Skripal poisonings. In the last 12 months alone Microsoft has delivered almost 1,400 notifications to those targeted or compromised by Strontium.Read More
We are living in an era of online shopping, where consumers are more willing to hand over personal information for goods and services, and are less suspicious of whom they are divulging their personal information to. As a result, online businesses are in possession of a vast amount of their customers’ personal information. The recent hack of Sneaker Platform Stock-X reminds us yet again of the importance of businesses maintaining comprehensive and up to date security processes, and in particular, the necessity of having an adequate data breach response plan in place.
Stock-X, a platform for the re-sale of sneakers and apparel, was recently hacked, exposing over six million users’ personal data, including their real name, username, password, shoe size and trading currency. According to a Report by TechCrunch, Stock-X’s initial response was to reset customer passwords, stating that it was due to system updates. A spokesperson for Stock-X later disclosed to TechCruch that Stock-X was alerted to “suspicious activity”. TechCrunch reports; however, an unnamed data breach seller had contacted it claiming more than 6.8 million records were stolen from Stock-X in May, and that the records had been put up for sale and sold on the dark web for $300.Read More
A new year, and a new hacking incident – this time, it was the Early Warning Network (EWN) – a text and email service used by councils around Australia to warn locals of emergency situations.
On its Facebook page, EWN stated that a hacker was able to access its system, sending out messages via text, email and landline stating that EWN had been hacked and that the receiver’s personal data was not safe. The message also included links to support email addresses and a website.
EWN said that the hack was quickly identified and systems shut down, with no-one’s personal information compromised during the attack. The attack is believed to have originated within Australia, involving compromised login details.
While EWN said that personal information was not compromised by this incident, it serves as a timely reminder for businesses to check and test their information security processes and data breach response plans – and if one isn’t in place, to implement one. The Office of the Australian Information Commissioner reported that it received 550 notifications of data breaches from the time the notifiable data breach legislation commenced on 22 February 2018 to 30 September 2018.
By Cameron Abbott and Wendy Mansell
…and suddenly you are at risk of starting fires.
We all know that these days the Internet of Things is a favourite for cyberattacks, with the latest target being home charging stations for electric cars.
Many home charging stations are controlled remotely by mobile apps, which seem to provide the perfect opportunity for hackers to cause harm.
Hackers cleverly can infiltrate an account and turn charging off or even worse, they may change the current to the extent it can start a fire.
Once again the industry needs to take security seriously for IoT and have the same diligence as IT networks now do.
By Cameron Abbott and Wendy Mansell
In April 2017, PWC, in collaboration with BAE Systems’ published a report on “Operation Cloud Hopper”, which exposed a cyber espionage campaign being conducted by a China-based threat actor. The report suggests that Operation Cloud Hopper is almost certainly the same threat actor known as “APT10”, a Chinese group thought to be behind cyber-attacks against many countries including Japan, Canada and America.
Recently it has been reported that there are links between China’s Ministry of State Security (MSS) and Operation Cloud Hopper. These allegations are from U.S based firm CrowdStrike who have recognised ties between Operation Cloud Hopper and the MSS Tianjin Bureau.
There is no confirmation that the MSS is behind the Cloud Hopper attacks, however Dr Adrian Nish, Head of Threat of Intelligence at BAE Systems said that there is “no reason to doubt” the claims.
The term “Cloud Hopper” describes a technique where cyber espionage groups “hop” from cloud storage services and infiltrate Australian IT systems. Operation Cloud Hopper is responsible for the theft of intellectual property from a number of Australian companies, primarily focused on mining, engineering and professional services firms.
In a week full of news about China activities in the region, the suggestion of state sponsored hacking thefts is a salient warning to companies that their core intellectual property assets are at risk if not well secured.
By Cameron Abbott and Sarah Goegan
North Korean cyberattack activity appears to have ramped up ahead of the highly anticipated US-North Korea summit, which is expected to take place on 12 June 2018.
North Korean hackers known as Group 123 have been identified as the party responsible for new malware activity targeting users in South Korea.