Friday Five: 3/17 Edition
It's Friday! Catch up on the latest infosec headlines with our weekly news roundup.
One of the largest data breaches in history, the hack on Yahoo devastated hundreds of millions of user accounts. This past Wednesday, U.S. authorities charged two Russian intelligence agents and two hackers for the cyberattack. The Justice Department’s indictment includes 47 charges of conspiracy, economic espionage, theft of trade secrets, aggravated identity theft and more. This is the first time the US has criminally charged Russian spies for cyber offences. Russian authorities deny any official involvement in the Yahoo hack, though even since last September, Yahoo has pointed its finger at state-sponsored hackers. For more info on the indictment, read the full article.
Once again, millions of records have been breached. The database contains over 33 million email addresses and contact information of thousands of corporate employees including those working in the Department of Defense, the US Postal Service, AT&T, IBM and Boeing. The database is owned by Dun & Bradstreet and is used by marketers. Unfortunately it’s not known how the data was breached or who to blame, but 14% of the email addresses in the database already existed in the Have I Been Pwned database. Though Dun & Bradstreet is downplaying the risk this breach poses, the database contains PII that can be used in phishing scams. Head to ZDNet for the full scoop.
A spike in suspicious cellphone activity in the D.C. area is being investigated by the Department of Homeland Security. Officials are concerned that hackers may be surveying the communications of U.S. government officials and foreign diplomats. Based on information gathered, it seems that a third-party, likely a nation-state because of the level of sophistication, is tracking a large number of cellphones, which could allow a hacker to pinpoint which ones are being used by government entities. This could result in those phones being wiretapped and hacked. A spokesperson for one government official said that his office had received a tip that it was T-Mobile’s network that had been compromised. T-Mobile has also been faced recently with problematic 911 “ghost calls” linked to two deaths in Dallas. Read the full article on the Washington Free Beacon.
If you logged onto Twitter Wednesday morning, you probably saw some high profile accounts tweeting pro- Erdoğan, Turkey’s current president, propaganda and Nazi swastikas. Hacked accounts included Forbes, Amnesty International, BBC, Unicef and more. They were compromised via Twitter Counter, a third-party analytics service that was hacked in November of last year when other high profile accounts like Playstation and The New Yorker sent out spam tweets. Twitter Counter has started an investigation and blocked all ability to post tweets using their system. The hack is in anticipation of Turkey’s April 16th referendum on granting President Erdoğan stronger power. Read the full article on The Guardian.
5. 'Anonymous' Joins Hacker Army Targeting Central Banks for Cash by Chiara Albanese, Daniele Lepido, and Giles Turner
Last year saw a surge in cyber attacks against global monetary authorities, including the high profile Swift breach where hackers stole $81 million from the Bangladeshi central bank. Insiders have confirmed that Anonymous has renewed its attack against central banks starting in February of this year. Last year, Anonymous had attacked at least eight banks, including Dutch Central Bank, the Bank of Greece, and the Bank of Mexico. Successful hacking of central banks is incredibly lucrative. Over the course of 2016, hackers stole $21 million from the Bank of Russia. Though the Anonymous insiders did not reveal which banks were being targeted, they did say that the hacktivist group is actively recruiting new hackers to join their efforts. Read the full article on Bloomberg.