Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Week in review 24 November 2019: data leak from Cayman National Bank in IOM, WhatsApp users urged to update, Social Engineering explainer, tricks hackers use to hijack mail, cyber top Board priority
Week in review 24 November 2019: data leak from Cayman National Bank in IOM, WhatsApp users urged to update, Social Engineering explainer, tricks hackers use to hijack mail, cyber top Board priority
Round up of the most significant open source stories of the last week
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.
Leaker Claims to Have Published 2TB of Data From Cayman National Bank
The biggest story this week affecting the offshore finance world is news that 2TB of data (equivalent to 620,000 photographs, and photos are normally much larger than Word documents, so conceivably millions of Word documents) from the Isle of Man branches of the Cayman National Bank and Cayman National Trust.
A pseudonymous Twitter account called Distributed Denial of Secrets--a play on the distributed-denial of service attacks that can bring down even the largest websites-- said that it was releasing "copies of the servers of Cayman National Bank and Trust." The account has also claimed to have released more information over the last few days and to have upgraded its servers to cope with traffic spikes.
https://www.tomshardware.com/news/cayman-islands-national-bank-hack-2tb
Whatsapp Users Urged To Update App Immediately Over Spying Fears
Users of WhatsApp, the popular cross-platform messaging app, have been urged this week to address fears that their devices could be used to spy on them thanks to a major security vulnerability:
Social Engineering: The Insider Threat to Cybersecurity
SecurityBoulevard has an interesting piece this week with a useful explainer on Social Engineering and Social Engineering Prevention that is worth a read if this not an area you are familiar with.
https://securityboulevard.com/2019/11/social-engineering-the-insider-threat-to-cybersecurity/
These are the tricks hackers are using to hijack your email
TechRadar have a piece on Business Email Compromise (BEC) something that is a significant risk to all firms but especially to financial services firms and something that has affected firms in the offshore finance world with some firms locally having experienced losses running to hundreds of thousands.
Most BEC attacks take place on weekdays and during business hours to maximise effectiveness and normally only target small numbers of users.
Read the full article here: https://www.techradar.com/uk/news/these-are-the-tricks-hackers-are-using-to-hijack-your-email
Cyber security becoming top priority in the boardroom, say industry leaders
It looks like cyber is becoming more of a priority in Boardrooms according to a report from the London Business summit by PortSwigger.net.
In Guernsey cyber is getting a lot more focus with the recent Cyber Thematic review carried out by the GFSC and the findings presented to industry in the last couple of weeks, and new regulations coming into effect last year. The GFSC have made it clear to firms that this is Board level issue and Boards need to start being able to take an educated and informed approach to cyber and what their firms are doing to protect themselves against the risks the firm faces.
Mystery surrounds leak of four billion user records
Threat researchers recently uncovered four billion user records on a wide-open Elasticsearch server, but who left them there is a mystery.
Different datasets contained, among other things, data on 1.5 billion unique individuals, a billion personal email addresses including work emails for millions of decision makers in Canada, the UK and the US, 420 million LinkedIn URLs, a billion Facebook URLs and IDs, over 400 million phone numbers and 200 million valid US mobile phone numbers. The second dataset contained scraped data from LinkedIn profiles, including information on recruiters.
The actual source of this data is shrouded in mystery but so much data on so many people means it is highly likely there will be records leaked relating to individuals and businesses in Guernsey and the other Channel Islands.
https://www.computerweekly.com/news/252474411/Mystery-surrounds-leak-of-four-billion-user-records
110 Nursing Homes Cut Off from Health Records in Ransomware Attack
Looking at healthcare but showing the impact ransomware can have on any and all sectors, a ransomware outbreak in the US has affected an IT company that provides cloud data hosting, security and access management to more than 100 nursing homes over there. The ongoing attack is preventing these care centres from accessing crucial patient medical records, and the IT company’s owner says she fears this incident could soon lead not only to the closure of her business, but also to the untimely demise of some patients.
OnePlus Data Breach: What you need to know about customer hack
Mobile phone manufacturer and direct to market seller OnePlus sent an email this week notifying affected customers that their order information had been obtained by an unauthorised third-party.
The company informed customers that name, contact number, email and shipping addresses may have been exposed, but the firm prefaced this by telling them that payment information as well as their account passwords were not obtained during the intrusion.
Anyone in the Bailiwick who has recently purchased a device from OnePlus should be alert to anyone impersonating OnePlus in trying to obtain further information or trying to sell products or services.
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our new regular ‘Cyber Tip Tuesday’ video blog, here and on our YouTube channel.