Friday Five: 5/22 Edition
The European Parliament suffers a cyber-attack, ransomware gang threatens to leak celebrities' information, and Microsoft warns of a COVID-19 themed phishing campaign - catch up on the week's news with the Friday Five.
1. European Parliament Hit by Major Cyberattack by EUToday Correspondents
A major data breach of the European Parliament has caused the sensitive information of over a thousand parliament employees and members to be exposed online. A security researcher discovered the internet portal that is used by the Parliament’s officials and found that it contained unprotected files such as passwords, job descriptions, and other personal information. The information of thousands of people with links to political parties and institutions, including members of EU agencies and authorities, were also present in the exposed data. The Parliament’s VP for IT policy, Marcel Kolaja, confirmed that the data included information from 1,200 accounts of elected officials and staff and 15,000 other accounts of EU affairs professionals. The system in question is believed to contain data related specifically to the European People’s Party, which is the largest political group in the European Parliament.
2. Ransomware Gang Asks $42M from NY Law Firm, Threatens to Leak Dirt on Trump by Catalin Cimpanu
A New York-based law firm, Grubman Shire Meiselas & Sacks (GSMS), with many high-profile clients is currently being extorted by the cybercriminal group behind REvil a.k.a Sodinokibi ransomware for a $42 million ransom demand. In a message published on a dark web portal, the group is threatening to release sensitive files on the company’s celebrity clients that they obtained from the law firm’s internal network. The hackers published screenshots of documents pertaining to GSMS customers to prove access and gave the company a week to negotiate and pay the ransom. GSMS failed to pay the requested ransom, so the REvil gang doubled the ransom demand, released data containing Lady Gaga’s legal documents, and threatened to release files related to U.S. President Donald Trump. The extortion attempt is ongoing, and the law firm confirmed the incident in a statement to Variety on Monday.
3. Chicago Children’s Hospital Sued Over Data Breaches by Sarah Coble
The parent of a pediatric patient is suing Lurie Children’s Hospital of Chicago over two recent data breaches. The anonymous plaintiff filed the suit in the Circuit Court of Cook County, Illinois on behalf of herself and her four-year-old daughter and is seeking class-action status and a trial by jury. The hospital is accused of breach of contract, breach of confidentiality, and negligent supervision for allegedly failing to keep the young patient’s medical records safe. The toddler had been taken to Lurie for an examination after her mother suspected she had become a victim of sexual abuse, and the mother was later informed that her daughter’s records had been accessed by an unnamed nursing assistant without authorization. In the suit, the plaintiffs claim the records were accessed as part of larger data breach in which thousands of patients’ sensitive information was accessed without authorization. A spokesperson for the hospital released a statement about the incident and claimed they had no reason to suspect any misuse of patient information was associated with the incident, but the employee at the center of the breach was fired.
4. Nearly a Quarter of Remote Workers Do Not Consider Data Protection when Sharing Information by Ellen Daniel
With the increasing volume of sensitive data being accessed by remote workers outside of the usual office environment, data security concerns have risen. A recent survey of 2,000 UK adults who are currently working from home due to COVID-19 restrictions has revealed that 24% ‘rarely’ or ‘never’ consider data protection policies when sharing information with colleagues, and 14% had little to no understanding of their company’s data protection policies. Of those surveyed, 72% said they need to access and share sensitive customer information as a main part of their job. Handling data incorrectly could create significant issues for organizations, so this research causes huge concern. Cybersecurity expert Danny Reeves commented on the research results: "The business landscape has changed beyond recognition, and data management is now absolutely essential for businesses operating a world of home working. Putting privacy at the heart of a data management strategy is no longer optional.”
5. Microsoft Warns of ‘Massive’ Phishing Attack Pushing Legit RAT by Lawrence Abrams
Through a series of tweets, Microsoft’s Security Intelligence team has issued a warning of an ongoing, massive COVID-19 themed phishing campaign that is spreading the NetSupport Manager remote administration tool via malicious Excel attachments. The attackers are posing as the John Hopkins Center and sending emails about Coronavirus-related death tolls in the United States. The Excel attachment contains a chart based on data from the New York Times showing the number of deaths in the USA and is designed to download and install the remote administration tool after a user clicks ‘Enable Content’. Once the NetSupport Manager is installed, it allows the threat actor to gain complete control over the system, execute commands on it remotely, and eventually install other tools and scripts to further compromise the victim’s computer. Any Microsoft user who was affected by this phishing campaign should assume that their data has been compromised and that the threat actor attempted to steal their passwords.