Friday Five: 12/09 Edition
It's Friday! Catch up on the latest infosec headlines with our weekly news roundup.
1. ThyssenKrupp secrets stolen in 'massive' cyber attack by Tom Käckenhoff and Eric Auchard
News broke that German steel manufacturer ThyssenKrupp fell victim to a cyber attack in which attackers made off with intellectual property from the company’s steel production and manufacturing plant design divisions. The data breaches took place in February but weren’t discovered by ThyssenKrupp’s internal security team until April. ThyssenKrupp has called the attacks "organized, highly professional hacker activities" and attributed them to attackers in Southeast Asia. An investigation into the attacks is being conducted by German police. For more on the story, check out the article in Reuters.
Expedia was in the news this week after suffering an insider data theft incident in which a (now former) IT specialist hacked into accounts belonging to two Expedia executives to gather information for use in insider trading. Jonathan Ly pled guilty to hacking and insider trading charges on Monday of this week and now faces up to 25 years in prison and $375,000 in fines for hacking the email accounts of Expedia’s CFO and head of investor relations to steal unreleased financial statements. For more on this insider threat case, read the article on SC Media.
This week the Argentinian Ministry of Industry’s official website became the latest government web property to fall victim to the hacking efforts of Kapustkiy. The self-proclaimed ethical hacker was able to guess the username and password of an employee of the Ministry to gain access to the admin panel as well as sensitive documents and personal information on Ministry employees. Softpedia has confirmed that the personal information includes names, addresses, emails, social media accounts, and phone numbers for up to 18,000 individuals. Read the article on Softpedia for more, or check out yesterday’s blog post from Paul Roberts for additional details from Kapustkiy.
4. Ransomware blamed for cyber attack which forced hospitals to cancel operations and shut down systems by Danny Palmer
Ransomware once again strikes the healthcare industry, forcing an NHS hospital trust to shut down its systems and cancel operations. The Globe2 ransomware infection took three hospitals offline and resulted in 2,800 patient appointment cancellations as a safety precaution. The system was infected on October 30th and didn’t resume full service until November 2nd. Globe2, like many ransomware, normally transmits via phishing emails, emphasizing the necessity to educate and train employees on cyber safety so they don't become unknowing inside threats. Get the full article on ZDNet.
Video-sharing site and currently the 113rd most visited site in the world, Dailymotion has been hacked, with over 85 million unique email addresses and usernames stolen. Fortunately, only one fifth of the accounts had associated passwords, which were scrambled with a hashing function. This hack follows the long list of large data breaches this year, including LinkedIn and MySpace. As a precaution, if you are a Dailymotion user, you should reset your password. For more info, read the full article.