Friday Five 4/15
In this week’s Friday Five, catch up on the latest attacks from Russian and North Korean hackers, a shocking report on businesses’ willingness to prioritize security, why consumers are caring less about their own security, and more!
1. AMAZON RDS VULNERABILITY LED TO EXPOSURE OF CREDENTIALS BY IONUT ARGHIRE
A Lightspin researcher, Gafnit Amiga, discovered a vulnerability within the third-party open-source PostgreSQL extension “log_dfw,” which comes pre-installed in both Amazon RDS PostgreSQL and Aurora PostgreSQL, AWS’s database engine. While Amazon claims that “no cross-customer or cross-cluster access was possible,” bypassing the extension validation could have led to the unauthorized elevated access to database resources, including internal credentials. Amazon has since acted quickly to address the issue and released a statement on the matter this past week.
2. RUSSIAN HACKERS TRIED ATTACKING UKRAINE'S POWER GRID WITH INDUSTROYER2 MALWARE BY RAVIE LAKSHMANAN
It was reported this past week that Sandworm, a hacking group affiliated with Russia’s military intelligence, unsuccessfully employed an updated variant of the Industroyer malware in an attempt to attack an unnamed energy provider in Ukraine. Industroyer—also known as CrashOverride—was originally used in an attack in 2016 that left part of Ukraine’s capital, Kyiv, and surrounding areas in the dark for over an hour. The Computer Emergency Response Team of Ukraine (CERT-UA) thwarted Sandworm’s most recent planned attack, claiming that the hacker group was targeting “electrical substations, Windows-operated computer systems, Linux-operated server equipment, [and] active network equipment.”
3. REPORT REVEALS 52% OF AUSTRALIAN/NEW ZEALAND BUSINESSES WILLING TO TRADE SECURITY MEASURES FOR PERFORMANCE BOOST BY CYBERSECURITY CONNECT
A shocking report by F5 has found that 52% of respondents admitted that they would turn off security measures if it meant that business performance would flourish as a result. These results came from nearly 1500 IT decision-makers worldwide. More generally, the report found that businesses are increasingly having to face a balancing act between “controls, costs, customer and employee experiences, extended sets of application and API protections,” and more in their digital transformation efforts and that they’re facing some serious challenges along the way. Even with the cyber threat landscape growing more sophisticated by the day, many businesses still appear to be willing to take a big risk if it means avoiding the complexity of more security measures.
4. CONSUMERS FEEL DATA LEAKAGE IS INEVITABLE SO MANY HAVE STOPPED CARING BY HELP NET SECURITY
On a seemingly related note, Imperva’s most recent No Silver Linings Report found that a whopping 41% of consumers globally say their trust in digital service providers’ ability to keep personal data secure has decreased over the past five years. Trust in various industries has hit rock bottom across the board, and due to this lack of trust, 26% of respondents believe that a data leak is “inevitable.”
5. FBI LINKS LARGEST CRYPTO HACK EVER TO NORTH KOREAN HACKERS BY SERGIU GATLAN
The blockchain network Ronin was involved in an attack this past month that resulted in the theft of nearly $615 million in cryptocurrency, and this past week, the FBI traced the attack back to two North Korean hacking groups: Lazarus and BlueNorOff. The investigation was promptly followed by sanctions from the Treasury Department’s Office of Foreign Assets Control (OFAC). Here, you can learn more about the history of Lazarus, the Ronin attack itself, and what will come next in the investigation.