Friday Five: 9/16 Edition
It’s Friday! Catch up on the top infosec headlines with our weekly news roundup.
Thought the cybersecurity worries of the Rio Olympics were over? Unfortunately for Olympic athletes like the Williams sisters and gymnast Simone Biles, medical files allegedly from the World Anti-Doping Agency (WADA), were leaked by a group of hackers known as Fancy Bears. Their goal: to cast a shadow over the U.S. Olympic team by attempting to reveal drug use. Fancy Bears is also known as APT 28, a Russian state-sponsored cyber espionage team. For more info, read the full article on ITWorld.
ClixSense, a site that pays users for viewing ads and completing online surveys, has been breached. Over 2.2 million users have had their info published, including plaintext passwords, usernames, emails, and other personal info. The post on PasteBin advertising the leaked data states that the 2.2 mil was just a sample from a larger database of more than 6.6 million user accounts. ClixSense announced that the database was compromised because an old server, no longer in use, still had access to the server. Read about the latest data dump on Ars Technica.
Hacker Guccifer 2.0 released more docs this week relating to the finances of the Democratic National committee. Information includes memos, donor outreach strategy, and personal info on donors. This is just another leak in a long trail of political hacks. A word of caution to those who may try to access the documents: they may contain malicious espionage software as people believe the hack is likely related to Russian espionage. For more on the latest DNC leak, head over to Politico.
The FBI has posted a public service announcement stating that ransomware victims should report their security incidents to the feds so that they can understand the extent of the threat and its impact. Regardless of the outcome of an attack, the FBI would like to know as it provides justification for investigations and allows the FBI to gather more information that could help in ongoing investigations. The PSA also reiterates that the FBI does not support paying the ransom and gives some tips on how to lessen the risk of a successful ransomware attack. For more info, read the full PSA.
Recent years have found an increase in DDoS attacks against the major companies that provide crucial internet infrastructure. These attacks, reminiscent of US Cold War tactics testing Soviet air-defense systems, seem to be designed to test these companies’ total defenses and figure out what would be needed to take them down. When looking at possible culprits, it doesn’t seem like it could be from activists, criminals, researchers, or corporate espionage. Not only are the size and scale of these attacks large enough, but profiling core infrastructure points to state espionage. Unfortunately, it's unclear as to which nation-state is responsible, though signs point to Russia or China. Read more about this on Schneier’s blog.