Friday Five: 1/22 Edition
Happy Friday! As the week comes to a close, here’s a look back at the top five security news articles.
Ukraine’s electric power industry is still facing cyber attacks. Following the power outages in December, yesterday a new wave of attacks struck, further targeting several electricity distribution companies. However, the latest attacks took an interesting turn – this time the attacks used a different strain of malware from the BlackEnergy Trojan used in the first attacks. As of now the malware attacks have been reported to use a freely-available, open source backdoor. This raises further questions about whether the attacks were from an alleged state-sponsored malware operator after all. Read the article to receive the full story.
Cloud-based collaboration and file sharing applications are often leaving organizations and the end-user unaware of just how much documents in the cloud are shared – 26 percent! This means that any employee has access and, even worse, some documents are readily available via a Google search. On Wednesday, Blue Coat’s Elastica Cloud Threat Labs released their 2015 Shadow Data report, analyzing 63 million enterprise documents in cloud applications such as Office 365, Google Drive, and Salesforce. The Healthcare Industry is at greatest risk, with losses up to $12 million, while the average organization faces losses of $1.9 million. The report found that, on average, one in 10 documents in the cloud contains data that is subject to compliance regulations. To learn more, read the full article.
Following Starwood and Hilton chain cyber attacks, Hyatt Hotels admitted to discovering malware in their IT environment that steals customer information from payment systems. The breach lasted from July to December 2015, affecting over 250 hotels around the world. Previously, Starwood Hotels and Resorts fell victim to a data breach resulting from malware attacks at 54 locations. The malware used stolen credit card data from payment-processing systems while collecting cardholder names, card numbers, and expiration dates. According to eWEEK, it has not been possible to link all different hotel branch breaches to the same attackers. To learn more about this breach, read the full article.
The Safe Harbour Agreement, protecting EU data from government access when transferred to the US, was ruled invalid last year, after the European Court of Justice valued anti-terrorist measures above personal privacy. On February 2nd, privacy regulators will meet to renegotiate the deal. In the meanwhile, negotiations are set to continue at the World Economic Forum in Davos next week. European and US officials will object EU privacy regulators’ ruling that Safe Harbour is invalid. Much of the concern lies around creating a comprehensive agreement that ensures personal data protection to ensure protection of data travels with the data.
Dridex has just been overhauled to target top British business accounts through a phishing campaign. Evil Corp updated Dridex to make it one of the top three worst banking malware families; only a handful of antivirus platforms can detect it. The malware is spread through phishing campaigns that distribute documents set up to look like businesses invoices that infect machines and redirect visitors from legitimate bank sites to malicious versions when clicked. For more information and our analysis of the drydex malware and how these attacks typically work, click here.