This month in security: April 2020
Car auction house becomes the target of $30 million ransomware attack
The Australian branch of Manheim Auctions, one of the country's biggest car auction houses, confirms it was hit by ransomware attack.
The Australian branch of Manheim Auctions has acknowledged it had experienced a cyberattack as far back as February, but in a statement released in early March, WA's Consumer Protection agency revealed the extent of the malware attack and the $30 million ransom demand that came with it. The Commissioner for Consumer Protection WA, Penny Lipscombe, noted that all businesses should review and update their cybersecurity with the latest antivirus software and firewalls. Incidents like this illustrate how even well-equipped companies can suffer massive losses if the people who work there do not follow basic cyber safety practices.
ASD’s report finds cyber resilience is still far too low across government departments
More than 70% of federal government agencies reported below-baseline levels of cyber maturity last year.
The findings of the Australian Signals Directorate's first cybersecurity posture report to parliament raises a lot of questions about the state of cybersecurity across various government services. The good news is that it looks like these concerns are already being addressed. Many agencies are improving their compliance with the voluntary controls suggested by the ASD. Between 2018 and 2019, more than 30% of agencies have moved from ‘partly aligned’ to ‘mostly aligned’ with strategies around multi-factor authentication and Microsoft Office macros.
Cyber scammers play the numbers with a fake Microsoft 1-800 helpline
Criminals are using a fake helpline number to scam people into giving away their confidential information.
With the bulk of Australia’s offices working remotely, many people are turning to their personal machines and Microsoft’s cloud tools to get their work done. Which also means there are a lot more people calling the Microsoft helpline to troubleshoot the little hiccups that come with such a transition. This presents a golden opportunity for enterprising scammers. According to the ACSC, scammers are exploiting a phone number identical to Microsoft’s real (1) (800) 642 7676 helpline number.
The legitimate helpline number contains 11 digits, including the country code. In Australia however, when you dial a 1800 number, only the next six numbers after 1800 are accepted. Scammers have registered 1800 642 767, the first 10 digits of Microsoft’s number. That means the calls go to them instead of Microsoft support. Pretending to be Microsoft personnel, they ask for identity credentials and instruct callers to install trojan-laden malware, giving the criminals remote access to their devices. Such a small detail in a phone number is easy to miss, but it just shows how simple it can be to set up an effective scam.
Criminals using COVID-19 crisis to pull of superannuation scam
The ACCC reports that scammers are cold-calling people, claiming to represent organisations that can help them get early access to their super.
According to Scamwatch, scammers are actively trying to take advantage of the Government’s recent announcement, allowing people facing financial hardship to access their superannuation for support. Since the Government’s announcement in March, there have been 87 reports of these scams. In 2019 alone, Australians lost over $6 million to superannuation scammers. The best way to protect yourself is to follow basic cyber safety practices: be extra cautious when sharing your confidential information, and never follow a hyperlink to reach the myGov website. Type in the address directly into a new browser window, or call the official helpline to confirm if the message was legitimate. Better safe than sorry.
Australian government’s Coronavirus tracing app raises privacy concerns
Given the government’s history of data breaches and mishandled personal data, experts are concerned about the cybersecurity posture of the app.
Trust is critical if the government wants people to embrace the COVIDSafe app. Even though the intentions of the app are noble, how it would safeguard user data is less clear. Given the track record of trust and privacy concerns with previous government initiatives, the government may find people are reluctant to use the app, which would impact its effectiveness at fighting the COVID-19 spread. Releasing the source code for scrutiny by independent third parties would go a long way to reassuring the public about data protection and would encourage many more people to adopt the app. Having the app vetted by independent cyber experts seems like a small price to pay if it helps slow the spread of the Coronavirus.