Friday Five: 4/10
Financial companies leave database exposed, Maze ransomware targets an oil giant, and Facebook releases location data to help the fight against COVID-19 - catch up on all the week's news with the Friday Five.
1. Open Database Exposes 425 GB of Financial Companies’ Data by Tim Sandle
A recent data leak that exposed 425 GB in sensitive financial documents was apparently the result of an unsecured Amazon Web Services storage bucket. According to researchers at vpnMentor, who discovered it, the bucket was owned by an app developed by Advantage Capital Funding and Argus Capital Funding and did not have any form of encryption, authentication, or access credentials. Therefore, over 500,000 financial documents were left vulnerable in the database, compromising the security of credit reports, bank statements, contracts, legal documents, copies of driver’s licenses, purchase orders and receipts, tax returns, Social Security information and transaction reports.
2. Human Errors Account for 60% of All Cyberattacks by Consultancy.uk
New research from global insurance broker Gallagher found that the majority of cyberattacks in the UK are the result of human error and many firms are failing to protect themselves in basic ways. Human error is impossible to eliminate and most firms regard employees as the weakest link in their cybersecurity efforts, with many breaches stemming from malware and phishing emails in which an employee clicks on a fraudulent link. Cyber issues continue to make a major impact on UK businesses, both from a financial and reputational standpoint. It's estimated that over $5 trillion in global value will be at risk from cyberattacks in the next three years. Even so, less than one in four firms have consulted experts on tailoring their cybersecurity offering, with many relying on off-the-shelf technology to safeguard themselves. Tom Draper, Head of Cyber at Gallagher said that businesses should be taking a “comprehensive, multi-layered approach to cybersecurity, including ensuring they have the appropriate insurance in place, establishing effective training programs for employees, and implementing technologies that secure the most sensitive data” in order to save both money and resources in the long run.
3. Maze Ransomware Group Hacks Oil Giant; Leaks Data Online by Deeba Ahmed
Although the actors behind the Maze ransomware are supposedly on hiatus from targeting the healthcare industry amid the COVID-19 pandemic, it's clearly not stopping them from finding new targets. The most recent victim of the ransomware group is Berkine, a petroleum company that's a joint venture of Algeria’s state-owned oil firm Sonatrach and Anadarko Algeria Company. The attackers were able to steal and leak the entire database which contained over 500MB of sensitive documents relating to budgets, organizations strategies, production quantities, and similar sensitive data. The database also contained a list of Berkine employees and their contact details, as well as the company’s strategic and organizational goals for the year 2020. Maze ransomware is known to employ extreme tactics to pressurize victims into paying the ransom, which is most likely why they released some of the company's sensitive information. The group typically exfiltrates data prior to encrypting it in order to use it later to blackmail the victim by continuously releasing more data if the ransom is not paid.
4. NASA Sees an “Exponential” Jump in Malware Attacks as Personnel Work from Home by Dan Goodin
With more and more people working from home during the Coronavirus outbreak, cyberattacks have become more prevalent, affecting even NASA employees and contractors. The space agency’s Office of the Chief Information Office has observed a spike in malware attacks, a doubling of email phishing attempts, and a doubling of agency devices trying to access malicious sites in the past few days. This data suggests that NASA personnel are clicking at twice the rate as normal on malicious links sent in email and text messages. Fortunately, the mitigation blocking mechanisms that NASA has in place can go a long way in reducing damage caused by accessing these destinations, but it is still imperative that employees are trained to recognize phishing attempts. With the sudden transition to working from home, many IT departments did not have time to formalize procedures for maintaining the security of organization networks. People working from home should be aware of phishing attacks and should try to keep all operating systems and devices up to date, as well as keep personal emails and messages separate from those used for work.
5. Facebook Expands Location Data Sharing with COVID-19 Researchers by Kurt Wagner
To help fight the spread of COVID-19, many countries have been turning to location tracking technology to predict areas of outbreak and to track the spread of the virus. Although releasing this data walks a fine line with complying to privacy rules, Facebook Inc. has now decided to expand its user location data to researchers and non-profits trying to study the outbreak. Facebook will share anonymized, aggregated location information, as well as information about whether people are staying at home, with more than 150 organizations that partner with the company. These partner organizations can use the data to calculate the probability that people in one area will come in contact with people in another, and to measure whether government recommended “social-distancing” measures are affective in decreasing the spread of the virus. Facebook will also offer a survey to users that would allow them to self-report possible COVID-19 symptoms in order to help health researchers monitor and forecast the movement of COVID-19.