7 January 2019

News round-up 7 January 2019

Helping your business stay abreast and make sense of the critical stories in digital risk, cyber security and privacy.

The round-up: 

It’s a new year! While most of us look to kick off 2019 with fresh thoughts and new ideas, the first week of cyber news appears to be very much a throwback to familiar themes. Ransomware is causing pain, cyberspace is racked by geopolitical tensions between China and the west, and Facebook is in the naughty books for its handling of user data.

Key articles: 

Too soon to attribute cyberattack that disrupted U.S. newspapers, researchers say

Summary: The production and delivery of a number of major US newspapers was impacted by a cyber-attack on the Tribune Group in late December. The attack is believed to involve Ryuk ransomware, though it remains unclear who was behind it.

Key risk takeaway: The year kicks off with an ominous reminder – ransomware will again be a pernicious threat. Other malware forms such as cryptominers and credit-card skimmers (such as Magecart) might have stolen some glory in 2018. But ransomware never went away, and the attack on Tribune demonstrates how disruptive it can be to the day-to-day operations of businesses. Educating users to detect malicious emails remains a key defence against broad-based ransomware campaigns. However, last year we also saw attackers become more targeted in their delivery, which means strong detection capabilities and a rigorous backup regime are important mitigations to have in place.

Tags: #ransomware #staffawareness

Australia blasts China for hacking Australian companies

Summary: In a coordinated effort, intelligence agencies across the US, UK and Australia condemned state sponsored hacking by China against managed service providers.

Key risk takeaway: Any organisation that uses managed service providers (MSPs) to manage their IT infrastructure is potentially impacted by these compromises, which the Australian Government describes as “significant and ongoing”. China’s motive for the attacks is reportedly the theft of commercial secrets, making businesses in mining, academia and technology high value targets. The Australian government has published extensive guidance for customers of MSPs, which includes being prepared to comply with privacy obligations such as the Notifiable Data Breaches scheme.

Tags: #supplychainsecurity  

Facebook shared private user messages with Netflix and Spotify

Summary: Facebook gave Netflix, Spotify and the Royal Bank of Canada the ability to read, write and delete users’ private messages, while it also gave Microsoft, Sony and Amazon the ability to obtain email addresses of their users’ friends.

Key risk takeaway: There continues to be growing public awareness and attention to data sharing arrangements between major technology platforms, particularly those involving Facebook. Last year’s Facebook/Cambridge Analytica scandal shone a spotlight on these arrangements and the extent to which they sometimes test the spirit – if not the specifics – of privacy agreements with users. While some of the companies involved in this report expressed surprise at the data access Facebook had granted them, ignorance is unlikely to save any company from the adverse reputational impact of inappropriate use or access to user data. In an increasingly privacy-aware society, businesses must be proactive about ensuring the appropriateness of any data sharing and privacy provisions in commercial arrangements they enter into.

Tags: #privacy #datasharing #facebook

German cyber defense agency defends handling of data breach

Summary: Personal data and documents from hundreds of German politicians and public figures – including Chancellor Angela Merkel – have been published online, in what appeared to be one of Germany’s biggest data breaches.

Key risk takeaway: Initial reports suggest the data trove was not obtained via compromise of a government system, but through compilation of data obtained from private and personal accounts such as cloud services, email and social network accounts. Educating users on the dangers of password re-use and the value of multi-factor authentication is an effective step towards the protection of these accounts from compromise.

Tags: #databreach #securityawareness