Cyber Round-up for 12th July
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
NCSC’s Cyber Essentials scheme is evolving to keep up with the everchanging threats of cyber security; they aim to ‘meet the cyber security challenges of today, and tomorrow’. NCSC plan to work with a single delivery partner who will take over running the scheme and change the certification by condensing the 5 accreditation bodies down into just one. These changes are designed to enhance the customer experience and help keep the scheme up to date in order to remain relevant. Cyber Essentials will improve through continuous collaboration with its new partner, to ensure the right changes are made to produce the best results. The new partner will take over the scheme at the end of March 2020, at which point we will begin to see these changes roll out.
Mosss, an interior design tools startup, accidentally deleted their G Suite account. The firm immediately contacted google after the incident requesting that they restore their account, however they have since mocked Google for providing no support. After a week of desperately trying to get a response on the status of their account, the firm received a one-line email from google that simply said that their data was lost. The company was later advised to file a lawsuit to access their data and have since sued Google. Consumers of cloud-based services, such as G-Suite or Office 365, should realise they are responsible for their own data, ensuring that offline backups of their data are completed on a regular basis.
Eurofins Scientific, the UK’s biggest provider of forensic services, has been hit by what the firm described as a “highly sophisticated” ransomware attack. The ransomware computer virus hit just over a month ago, and as a result the British police have been forced to suspend work with the firm. The attack has disrupted work for both Eurofins and the police, since the company is responsible for more than half of the UK’s forensic science provision. The amount of money requested by the attackers was not disclosed to the BBC, however it was confirmed that they paid it. Three weeks after the attack, Eurofins reported that operations were “returning to normal”.
Threats & Breaches
British Airways are facing a record fine after suffering a data breach last year; the breach involved personal information and payment card details being stolen from around 500,000 customers. The ICO has only announced a notice of intention for British Airways and have not yet issued the fine. The company has been allowed 28 days to appeal, and ICO plan to listen to their intentions before following through. The reason British Airways are facing such a big fine is because of the recently instated General Data Protection Regulations, which states a firm can be fined for up to 4% of their annual turnover. Despite this, the fine is equal to just 1.5% of British Airway’s turnover in 2017.
A recent data breach has exposed the personal information of around 383 million guests, including names, email addresses, phone numbers, dates of birth and all hotel reservation information. Millions of payment card and passport details were also compromised. ICO intend to fine Marriot International hotel group £99.3 million, following the breach. It is suspected that approximately 7 million of the hacked records related to UK residents. Since the breach, Marriot has worked closely with ICO investigation to improve its security, in order to mitigate the risk of another breach.
Vulnerabilities & Updates
A recent vulnerability discovered in Zoom, a video conferencing service, allows an attacker to take control of a user’s webcam through a malicious website. Over 4 million users are at risk from this flaw, which appears to only affect the collaboration client for Mac. This exploit can still affect those who have recently uninstalled Zoom, so it is advised that all users apply the necessary patches as soon as possible. The emergency patch completely removes the local web server and allows users to manually uninstall the app; a link to the patch is included in the original post. Zoom are due to release further updates that aim to resolve other issues around the safety of the service.
Attackers are exploiting a new high-severity flaw in Apple iMessage that allows them to essentially cause a denial of service on a target device. By sending a specially crafted message, the attacker can completely disable the victim’s device until it reset to factory settings, wiping its data in the process. The vulnerability was discovered by a Google Project Zero researcher in April and described the attack as a “malformed message”. Apple recommend updating your device to minimise the risk of this attack; patches for the flaw were released on May 13, 2019 with the release of iOS 12.3.
And that’s it for this week round-up, please don’t forget to tune in for our next instalment.
Why not follow us on social media using the links provided on the right.
Edition #49 – 12th July 2019
Ironshare – Security Simplified