Once again, in 2019 the cyber threat landscape proved the old biblical adage correct – there is nothing new under the sun. Data breaches were 10 a penny – indeed, in some cases they can actually be bought for pennies. As usual, hackers were out in force, and as usual, basic security hygiene is something more people could stand to pay attention to.
Here are Computer Weekly’s top 10 cyber crime stories of 2019.
1. Former AWS engineer arrested for Capital One data breach
Capital One has revealed a data breach affecting 100 million US customers and a further six million in Canada as Federal Bureau of Investigation (FBI) officers arrested a suspect.
The US Justice Department said Paige Thompson, 33, a former Seattle technology company software engineer, was arrested on 29 July and charged with computer fraud and abuse for allegedly hacking into the financial firm’s data.
Thompson appeared briefly in the Seattle District Court and was ordered to be detained pending a hearing on 1 August, according to Reuters.
2. Visa card vulnerabilities enable contactless limit bypass
Researchers at security firm Positive Technologies are warning of vulnerabilities in Visa cards that could be used to steal unlimited sums from accounts, urging banks and customers to take precautions.
Researchers Leigh-Anne Galloway and Timur Yunusov were able exploit the vulnerabilties to bypass verification limits on Visa contactless cards in tests at five major UK banks.
They were able to bypass the UK contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal. The researchers also found that this attack is possible with cards and terminals outside of the UK.
3. Pitney Bowes ‘considering options’ after malware attack
Mailing and shipping services company Pitney Bowes is recovering from an apparent ransomware attack that encrypted information on systems and locked customers out of its SendPro products, postage refill, and Your Account access, but has not apparently resulted in the compromise of any customer or employee data.
The undisclosed strain of malware was detected on the firm’s systems on Monday 14 October, it said, and as of the evening of Tuesday 15 October, it was still working to recover its systems.
“Upon discovery of the cyber attack, we immediately assembled our Enterprise Outage Response Team to address the situation,” it said in a statement. “We continue to work with third-party security experts to resolve the issues. In consultation with our security advisers on this issue, we do not believe there are other client risks. We have seen no evidence that customer accounts or data have been impacted.”
4. UK cyber security agency investigates DNS hijacking
The National Cyber Security Centre has announced in an alert that it is investigating an international campaign of domain name system (DNS) infrastructure tampering attacks.
The announcement comes just days after the US Department of Homeland Security issued an emergency directive to government departments in an effort to block further attacks.
The US authorities warned that attackers could use compromised credentials to modify the location to which an organisation’s domain name resources resolve to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organisation’s domain names, enabling man-in-the-middle attacks.
5. Police make 61 arrests in global crackdown on dark web
International law enforcement agencies made 61 arrests and shut down 50 dark web accounts used for illegal activity in a joint operation, Europol has announced.
As a result of 65 search warrants, police were able to seize nearly 300kg of drugs, 51 firearms and more than €6.2m, including almost €4m in cryptocurrency.
By coordinating efforts and acting simultaneously, Europol said a strong signal has been sent to those active in selling and buying goods on the dark web that they can still be tracked down by police.
6. Small businesses hit hardest by cyber crime costs
Small businesses in the UK bore the brunt of the £17bn cost of cyber attacks in 2018, according to research from business internet service provider (ISP) Beaming.
Almost two-thirds of UK companies employing between 10 and 49 people – the equivalent of 130,000 businesses nationwide – fell victim to some form of cyber crime last year, the survey found.
The average cost of cyber attacks to small businesses was £65,000 in damaged assets, financial penalties and business downtime.
7. Agent Smith mobile malware hits millions of devices
Mobile malware dubbed Agent Smith has infected about 25 million devices, mainly in India and other Asian countries, but other countries have also been affected, including the UK and US, according to security researchers at Check Point Software Technologies.
Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps – such as WhatsApp – with malicious versions without users’ knowledge or interaction. It then shows fraudulent ads to device owners, earning money for the cyber criminals behind the malware campaign.
Although Agent Smith currently uses its broad access to the devices’ resources to show fraudulent ads for financial gain, the researchers warn that it could be adapted easily for far more intrusive and harmful purposes, such as banking credential theft and eavesdropping, as seen in malware campaigns such as Gooligan, Hummingbad and CopyCat.
8. Cyber attacks targeting industrial control systems on the rise
Malicious activity targeting industrial control systems (ICS) affected 47.2% of computers protected by security firm Kaspersky Lab in 2018, up from 44% in 2017.
This increase indicates the cyber threat against computers defined as part of organisations’ industrial infrastructure is rising, according to the latest Threat landscape for industrial automation systems report by Kaspersky Lab’s ICS computer emergency response team (Cert).
The Cert is aimed at coordinating the efforts of automation system suppliers, industrial facility owners and operators, and IT security researchers to protect industrial enterprises from cyber attacks.
9. Asco breaks silence on ransomware attack
Aircraft parts and aviation equipment maker Asco has admitted that it was hit by a “large-scale ransomware attack”, a week after the incident was reported by Dutch news site Data News.
The attack came two months after the European Commission approved the acquisition of the company by US-based Spirit Aerosystems, but neither company released any statements, despite reports that the company’s 1,400 employees around the world were unable to work.
Asco has now confirmed the ransomware caused “a serious disruption” of all activities and impacted the company’s communication systems.
10. Met Police collaborated with US prosecutors in WikiLeaks investigation
The Metropolitan Police shared information about WikiLeaks journalists with US prosecutors for at least four years as the US Department of Justice conducted secret investigations into the whistleblowing website and its founder Julian Assange.
The Met has disclosed that it has shared correspondence with the US since at least 2013 on WikiLeaks’ UK staff, which include former investigations editor Sarah Harrison, editor in chief Kristinn Hrafnsson and section editor Joseph Farrell.
The three WikiLeaks employees learned in 2014 that a court in East Virginia had ordered Google to disclose their personal emails, contacts, calendar entries and log-in IP addresses to the US government, as part of an investigation into alleged violations of US federal laws, including the Computer Fraud and Abuse Act and the US Espionage Act.
Leave a Reply