Friday Five: 8/7 Edition
Telstra suffers a DoS attack, the hackers behind last month's Twitter breach are arrested, and an NSA advisory warns mobile users about the dangers of location data - catch up on the week's news with the Friday Five.
1. Telstra DNS Falls Over After Denial of Service Attack by Chris Duckett
Australia’s largest mobile network provider, Telstra, suffered a Denial of Service (DoS) attack this week, leaving customers with default DNS settings unable to access the internet. Some customers found that switching their DNS settings away from Telstra helped to mitigate the outage. Telstra’s own outage site was also misbehaving and returning 502 and 404 errors. The company made a public statement on Twitter to reassure customers that their information was not at risk and that they were confident that they “blocked all of this malicious traffic and are working to get you back up and running again.” Telstra has recently been vocal about its DNS filtering capabilities, called Cleaner Pipes, that are used to fight malware passing through its network. The initiative helps to reduce the impact of cyber threats on Telstra’s customers including stopping financial losses, fraudulent activity, malware infections, and the theft of personal data. Telstra was able to resolve the issue about four hours after it kicked off.
2. Twitter Hack: US and UK Teens Arrested Over Breach of Celebrity Accounts by Guardian Staff and AP
The suspected hackers who took control of some of the most followed blue checkmark accounts in the Twitter breach a few weeks ago have been arrested. The “masterminds” behind the attempt to scam people around the globe out of more than $100,000 in Bitcoin are actually a 19-year-old British man from Bognor Regis, a 22-year-old man from Orlando, Florida, and a teenager from Tampa, Florida. The 17-year old from Tampa faces 30 felony charges, the 22-year old from Orlando was charged with aiding and abetting the intentional access of a protected computer, and the 19-year-old from the UK was charged with conspiracy to commit wire fraud, conspiracy to commit money laundering and the intentional access of a protected computer. Security experts were not surprised that the hackers were young given the amateur nature of both the operation and the hackers’ willingness to discuss the breach with reporters online afterward. Cybersecurity expert Jake Williams said the hackers were “extremely sloppy” in how they moved the Bitcoin around and that “there wasn’t a ton of development that went into this attack.” The young men used a spearphishing attack to target Twitter employees and then stole their credentials, got into Twitter’s systems, and targeted other employees who had access to account support tools.
3. Beware of Find-My-Phone, Wi-Fi, and Bluetooth, NSA Tells Mobile Users by Dan Goodin
In an advisory published on Tuesday, The National Security Agency is recommending that mobile users trade in convenience for privacy by turning off features like Find My iPhone, Wi-Fi, and Bluetooth whenever those services are not needed. The NSA stated that “location data can be extremely valuable and must be protected,” and if accessed, it could reveal details about the number of users in a location, user and supply movements, daily routines, and can expose otherwise unknown associations between users and locations. NSA officials acknowledged that these recommended safeguards are impractical for most users and that the geolocation functions are essential to mobile communications but noted that these features come at a cost. They pointed out that adversaries may be able to tap into location data from app developers, advertising services, and other third parties and then store it in massive data bases and even sell it. The NSA provided a list of recommendations and setting changes that mobile users can make to help protect their privacy.
4. Australian Universities Investigate Online Exam Tool Data Breach by Matt Johnston
Since July 21, a number of databases have been published to a hacker forum, exposing over 835 million user records. Among those exposed databases is ProctorU, an online exam monitoring tool used by many Australian universities. The breach has affected 444,000 users of the platform and the leaked data includes usernames, unencrypted passwords, legal names, and full residential addresses. All of the data appears to relate to users who were registered to ProctorU’s services in or before 2014, so no current students are believed to be directly impacted. The University of Sydney told iTNews that it has spoken with ProctorU’s CEO who assured them that “they are investigating a breach of confidential data relating to users of their service”. Other universities including The University of Melbourne, Swinburne University, University of Queensland, and others have publicly stated that they are aware of the incident and will continue to investigate the matter.
5. UK Dentists may have had Bank Details Stolen Following Data Breach by James Coker
The BBC reported that the British Dental Association (BDA) suffered a data breach that may have caused the bank account numbers of a number of UK Dentists to be accessed and stolen. The professional association emailed its members warning them of the breach and urged them to be cautious of any correspondence purporting to be from a bank. The BDA is unsure exactly what information has been accessed, and while it does not store its members’ card details, it does hold their account numbers and sort codes in order to collect direct-debit payments. Logs of correspondence and notes of cases have been assumed stolen which suggests the hackers may have accessed sensitive patient information. The BDA’s website is currently offline while it works with IT experts to investigate the incident and rebuild their systems.