Nowadays, phishing prevention has become the biggest challenge that the cyber world is facing. By taking advantage of each progress in IT, and by sheer cunning and intelligence, adversaries make sure that they always remain ahead of the good actors. The good actors function, but often too slow, giving the attackers opening to hit them with new and innovative cyber attacks. Such events take place every day, and it can be challenging to keep track of the latest techniques used by hackers. But it is pertinent that to prepare ourselves to face these attacks, we are aware of the latest technologies used by cybercriminals. Here, we have a list of the most recent and biggest cybersecurity news to help you update yourself:
London Witnesses 1 Million Cyber Attacks Each Month
Talking about the rise in cybercrimes in recent times, London comes up as a perfect example. Compared to the 2018 statistics, the city has seen an upsurge of more than 90 percent in the number of cyberattacks in 2019. On average, London was hit by as many as a million cyberattacks every month in the first quarter of 2019.
Some more astounding figures to add to this are:
- A Freedom of Information (FOI) data request made by Centrify announced that in the first three months of 2019, the governing body of London got 2.8 million cyber attacks, making it 927,000 attacks per month on an average.
- This directly hints towards the 90 percent increase suggested previously as these figures are considerably more than the 489,000 attacks recorded between April and December of 2018.
- The period between April 2018 and March 2019 saw London being hit by as many as 7.2 million attacks. While a majority of these attacks were reported as spam, spoof mail formed the next highest category with 244,293 attacks to its name.
- In addition to this, there were 17,556 detections of top malware – figures too frightening to even imagine, let alone undergo.
Why Is London The Favorite Victim Of Attackers?
Anti-phishing expert and VP of Centrify, Andy Heather, feels that the systems and databases of organizations like the City of London Corporation contain too much sensitive public information, which makes them the primary target of cyber-criminals who are always on the lookout for firms with vast amounts of data. Hence, fraudulent scam emails aiming to launch phishing and malware attacks aren’t a rare sight for these organizations, and they form a significant portion of the cyber attacks that the city of London faces.
Heather suggests that organizations must adopt a “zero-trust approach” to user activity as a countermeasure for the rampant growth in cyber attacks.
Huawei’s New AI Chip To Be At Par With Qualcomm And Nvidia
The US had blacklisted Huawei on the grounds of protection from phishing under a category called the Entity List; the List refrains American companies from dealing with Huawei. This feeling of being left out has probably inspired Huawei to aim at self-sufficiency, and the immediate result of that is its new artificial intelligence (AI) chip which, the firm claims, is equivalent to those of American giants like Qualcomm and Nvidia. This chip, called the Ascend 910, is aimed at data centers and is capable of processing more data in less time, thus challenging its competitors who usually take a lot more time for the same process.
Up till now, Huawei depended on several US suppliers for crucial technology. But the company is now trying to focus on self-developed technology – from chips to operating system. This innovation of Huawei in the form of the Ascend 910, along with a previously launched chip, will place Huawei at the same level as some of the most prominent players like Intel, Qualcomm, Nvidia, and Samsung.
Data Breach At Massachusetts General Hospital
The records of around 9,900 research patients were compromised in a data breach that took place at the Massachusetts General Hospital recently. This major data breach revealed the records of research patients used by Neurology researchers at the hospital. Although the stolen data did not include MGH’s medical records systems and any patient’s social security number, insurance information, financial information, address, phone number, or other contact information, it has made other details vulnerable. These include the names, dates of birth, medical record numbers, and medical histories of the research patients.
The breach supposedly occurred between June 10 and June 16 at the hospital’s Neurology Department. It was identified in two computer applications used in the research programs on June 24.
The authorities have also suggested that data pertaining to participant’s first and last name, certain demographic information (marital status, sex, race, ethnicity), date of birth, dates of study visits and tests, medical record number, type of study and research study identification numbers, diagnosis and medical history, biomarkers and genetic information, types of assessments and results, and other research information may have been compromised in the breach.
The anti-phishing solutions adopted by Massachusetts General Hospital include hiring a third-party forensic investigator to get to the roots of the breach and seeking the help of federal law enforcement as a precaution.
Data Breach At Hy-Vee, Loss To 5.3 Million People
Iowa-based company Hy-Vee, who manages the data operations of over 245 supermarkets throughout the Midwestern United States, has recently been a victim of a malware attack. This attack exposed the credit and debit card details of as many as 5.3 million people who swiped their cards at gas pumps, coffee shops, and restaurants from across 35 US states controlled by Hy-Vee.
This data breach came to light when one of the dark-net markets puts up 5.3 million new accounts on sale recently, forcing Hy-Vee to own up to being a victim of the data breach. The Hy-Vee-controlled restaurants affected by the breach include Hy-Vee Market Grilles, Market Grille Expresses, and Wahlburgers. Though the company hasn’t yet figured the exact duration for which the attackers have had access to their payment systems, Hy-Vee is confident that the breach has not affected the payment card terminals used at its grocery store checkout lanes, pharmacies, or convenience stores. This is because the mentioned systems function on a security technology which is created with anti-phishing tools incorporated, which safeguard against card-affecting malware.
Outdated Websites Make Magecart Attacks Easy
Recent research by security researchers from Aite Group finds that outdated websites make users easy prey for attackers. The research team, within less than 2.5 hours, could identify more than 80 eCommerce websites which were running on outdated versions of Magento (versions like v1.5, v1.7, or v1.9) and hence were more vulnerable to Magecart attackers.
In the research, it was found that 25 percent of all the compromised websites were large organizations in the motorsports industry and luxury retails. The researchers shared their findings with federal law enforcement, and they also intimated all affected or vulnerable e-commerce websites about their security issues. The websites, which have been attacked by Magecart, belong to firms from the United States, Canada, Europe, Latin America, and Asia.
The compromised websites did not use any in-app protection (code obfuscation and tamper detection), and hence, unwittingly invited attacks from multiple groups of Magecart attackers.
What do the attackers do?
- The attackers sell the stolen information for substantial amounts in the dark market.
- They also purchase things from online shopping sites using the stolen card details and reship the goods to previously selected merchandise mules.
In light of the findings, the researchers suggest that websites should regularly update or patch their software to the latest version to ensure protection from phishing attacks.
Old Tool Still Comes Handy In Recent Times: China Chopper
China Chopper, the famous web shell allowing malicious actors to control a target system remotely, hasn’t lost momentum even though nine years have elapsed since it was first discovered. Attackers worldwide are still using the tool, successfully so, to give shape to their malicious attempts. Researchers speculate that the tool will continue to outsmart anti-phishing protection techniques and that its use will only increase in the future.
China Chopper was put to use in the ‘Operation Soft Cell’ attack campaign against telecommunication providers. In addition to this, there have been several other instances when China Chopper has played a pivotal role in cyber attacks. These include the attack on the Asian Government Organization, the infliction of ransomware like Sodinokibi and GandCrab on vulnerable servers, etc.
Connecticut School Decides To Yield To Attackers’ Demands
The Wolcott computer system was a target of a ransomware attack in the final week of the last school year. It has been over three months, and they are still unable to access the information stored on their systems. The ransomware had blocked access to the internal files for staff in the central office and business office at all five Wolcott schools.
Since the ransomware attack has resulted in too much problem in the daily functioning of the school and growing more complicated with each passing day, the Connecticut school’s district officials are in the process of paying the demanded ransom to the hackers.
It is interesting to note that this is the same ransomware that was used to lock computer systems in 22 Texas towns recently.
Ransomware Hits Flooring Retailer Lumber Liquidators
Coming out of their failed attempts at phishing attack prevention, the North American hard-surface flooring retailer Lumber Liquidators recently updated that it had successfully handled a malware attack that had paralyzed parts of its system for about a week. The company discovered the attack when its network and computer systems began to show signs of a malware infection on August 21, 2019. This attack had even made some of the company’s corporate and store operations inactive for some time.
The company said that its anti-phishing solutions included initiating remediation operations and an investigation to find out the roots of the attack. They were also quick at deploying their staff, in addition to outside experts, to address the attack. Things seem recovered and much better lately with a majority of the affected stores regaining their ability to transact using standard point of sales systems. According to the investigations, no sensitive and confidential data of consumers or employees have been compromised in the attack that was supposed to be a ransomware attack.
US Attack Disrupts Iran’s Ability To Target Oil Tankers
Following the previous scuffle between the US and Iran, the US Cyber Command had carried out a cyberattack on Iran this June. The attack aimed at a database used by Iran to target oil tankers and disrupted Iran’s ability to target shipping traffic in the Persian Gulf. However, authorities are wondering whether the attack from the US was worth all the trouble caused to their vital intelligence sources in Iran.
Meanwhile, Iran continues trying to restore all affected systems and recover the data loss in the US Cyber Command attack on the network run by the nation’s Revolutionary Guard Corps. The US intelligence believes that the former has been involved in an attack on American oil tankers earlier this year. The US analysts are also of the view that Iran had used spear-phishing solutions to gain access to targeted networks.
Moscow’s e-Voting System Found Flawed By Researcher
French researcher and cryptographer Pierrick Gaudry found a significant security flaw in an electronic voting system that is supposed to be used in the coming municipal elections of Moscow next month. This security drawback is feared to give hackers access to not only the votes of the citizens but also their private details, such as passport information, home address, and other sensitive data.
This flaw comes to light just a month before Moscow goes for online voting to elect the new parliament of the city. It took Gaudry only twenty minutes to decode the encryption or the “private key” used in the e-voting system, and he says that, for hackers, the time needed will be less than ten minutes. Gaudry had used a standard computer and widely available free software for his trial rounds.
The Moscow authorities have taken measures to prevent phishing attacks in the voting system, which is expected to be the last area where any fraud takes place. They have tried and made the encryption code more complex and have also divided it into seven distinct parts to be kept separated until voting ends.
A reward of one million rubles ($15,000) has been given to Gaudry for his efforts by the editor-in-chief of Echo of Moscow, Alexey Venediktov.