Read the original article: Cyber Security Roundup for July 2020
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, June 2020.
Australian Prime Minister Scott Morrison announced a sophisticated nation-state sponsored actor has been causing increasing havoc by attacking the country’s government, corporate institutions, and his country’s critical infrastructure operators. He said, “We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting and the tradecraft used”. While Morrison didn’t actually name the specific country responsible his statement, Reuters said its sources confirmed China was the culprit. Political tensions have reportedly mounted between Australia and China after Australia called for an investigation into China’s handling of the COVID-19 pandemic. China then reacted by placing tariffs on Australian exports and banning shipments of beef from Australia.
The UK might well be next in the cross-hairs of China’s sophisticated cyber army after the UK Governance stance on using Huawei with 5G significantly soured last month, and the due to increasing political pressure applied by the UK government following the introduction of new security law in Hong Kong by the Chinese government.
While the Australian PM called right called their nation-state threat actor as sophisticated, the cyberattacks they describe aren’t so sophisticated and are simply defendable. The attackers have also engaged in spear-phishing campaigns designed to trick email recipients into clicking a link leading to a malicious files or credential harvesting page, opening malicious attachments or granting Office 365 OAuth tokens to the actors, the advisory further notes. Same MO of attacks as see orchestrated by the cybercriminals fraternity on a daily basis. The Australian statement advises organisations to patch their internet-facing devices, including web and email servers and use multifactor authentication. Good advise and essential practice, but is all a well-trodden basic level of security for organisations to adopt no matter their threat actor landscape.
Away from cyber warfare, a coalition lead by security companies is urging the UK government to revamp the much-dated Computer Misuse Act. The ‘anti-hacking’ law is 30 years old, so written before the internet took root in society, late alone hacking suitable for the prosecution of cybercriminals, typically most caught UK cybercriminal are prosecuted under various financial crime and fraud laws. The coalition calling for it to be changed includes NCC Group, F-Secure, techUK, McAfee and Trend Micro, argues section 1 of the Act prohibits the unauthorised access to any programme or data held in any computer and has not kept pace with advances in technology. In their letter to PM they said “With the advent of modern threat intelligence research, defensive cyber activities often involve the scanning and interrogation of compromised victims and criminals systems to lessen the impact of attacks and prevent future incidents. In these cases, criminals are obviously very unlikely to explicitly authorise such access.”
Since launching a ‘Suspicious Email Reporting Service’ in April 2020, the UK National Cyber Security Centre (NCSC) announced it has received one million reports, receiving 16,500 emails on daily. NCSC chief executive officer Ciaran Martin called the number of reports a “milestone” and said it was “testament to the vigilance of the British public“. I think the email reporting service is another fantastic free service provided by NCSC (i.e. UK Gov) to UK citizens.
Zoom will extend ‘optional’ end-to-end encryption (E2EE) to free users. It is not certain when exactly Zoom’s free E2EE will commence or whether it will be defaulted as on, given the Zoom CEO said “We plan to begin early beta of the E2EE feature in July 2020.” Sill good to see Zoom is bolstering its security by appointing a seasoned Chief Information Security Officer from Salesforce.
With the recent uptick in ransomware, phishing, unsecured cloud buckets and big data breaches dominating the media headlines over the past couple of years, you could be forgiven for forgetting about the threat posed by Distributed-Denial-of-Service (DDoS) attacks. So then a timely reminder that some threat actors have vast botnets as their disposal for conducting DDoS attacks after Amazon reported thwarting the biggest ever DDoS attack, and a European bank suffered the biggest ever PPS DDoS attack.
BLOG
NEWS
- Australia PM Claims Nation-State Actor is behind a Surge of Cyberattacks
- Zoom will Extend Optional End-to-End Encryption to Free Users
- Huawei’s days in the UK could be Numbered
- NCSC: One Million Phishing Messages Reported in Two Months
- UK Gov Urged to Overhaul “unfit for purpose” Computer Misuse Act
- European Bank suffers biggest PPS DDoS Attack, New Botnet Suspected
- Criminals Intercepted Payment Card details used at Claire’s Online store for Weeks
- Amazon Thwarts Largest ever DDoS Attack
- Ransomware Gang Claims Attack on LG Electronics
- South African Bank to Replaces 12 Million Cards after Employees Stole Master Key
- Snake Ransomware behind Cyberattack that put Brakes on Honda Operations for the Third Time
- Malicious Google Extensions Research points out ‘unintended consequence’ of Cloud Computing
- Lockdown sees rise in RDP Brute Force Attacks, with over 100,000 daily
VULNERABILITIES AND SECURITY UPDATES
- Microsoft Patches 129 Vulnerabilities
- Adobe Fixes 18 Critical Vulnerabilities
- Cisco Security Advisories address 47 Flaws, 3 Critical
- High-Severity Bugs Patched in Chrome, Firefox Browsers
- Apple Patches iOS Jailbreak Vulnerability
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
Read the original article: Cyber Security Roundup for July 2020