UWA breach exposes student data and photos
The University of Western Australia has suffered a data breach after “unauthorised login activity” occurred on its information management system. Grade transcripts, photos, personal information and the addresses of hundreds of students may have been exposed.
The attack on the university’s Callista system was made public on 29 July, with WA police notified and an arrest made around a week later. No financial information was exposed, although students’ contact details, dates of birth and the addresses of emergency contacts were accessed, raising fears the data could be used in scams or sold on the dark web.
Chronic underfunding, siloed departments and legacy systems mean schools and universities are particularly vulnerable to cyber incidents – Deakin University suffered a breach in June, and UWA was previously hit in 2019, when laptops were snatched from university premises. But the education sector can fight back – awareness training and integrated security products are key to a successful response.
Court rules against ransomware victim in key insurance case
The Australian federal court has ruled against car dealership firm Inchcape in a lawsuit over ransomware insurance. Inchcape had argued that its insurance, provided by Chubb, should cover the clean-up, investigation and recovery costs of a 2020 ransomware attack.
The court ruled that the majority of the costs did not qualify as “direct financial loss” and were therefore not covered under the terms of Inchcape’s policy. Only a small proportion of the expenses, relating to “blank media”, were found to be claimable. While Inchcape had a general Electronic and Computer Crime Policy, rather than specific cyber insurance, the ruling is an important reminder to businesses that, as claims and payouts rise, insurers are increasingly imposing limits on their coverage of cybersecurity incidents. Insurance can offer vital protection – but buyer beware. Also, no matter their degree of insurance cover, organisations should not neglect practical security measures.
Scam warning as thousands of NZ savers hit by breach
The names, addresses, emails and pension balances of thousands of New Zealanders have been stolen by hackers. The victims, who were members of retirement saving scheme KiwiSaver and its fund manager Booster, have been warned that they may now be targeted by scammers.
The breach, which affected 7566 people, came after a remote-working employee’s laptop was compromised by attackers. “We are confident this is an isolated incident which resulted from a failure of a staff member to follow the correct procedure,” said Di Papadopoulos, Booster’s Chief Customer Officer. This is a good example of how the rise in remote work has challenged many existing cybersecurity best practices, and changed organisations’ attack surface. The news comes as New Zealand announces a significant rise in cyber spending in its latest budget, including $30 million for Cert NZ – which should be the first point of contact for any business suffering a security incident.
Australian spyware creator charged with offences around globe
A 24-year-old Australian man has been charged with creating spyware used by criminals around the world. The remote access trojan, known as Imminent Monitor, has been sold to more than 14,500 individuals across 128 countries.
The spyware allowed purchasers to control a victim’s computer, steal data, log keystrokes and turn on webcams and microphones. The Australian Federal Police (AFP) has identified 201 Australian users of the software, around 15% of whom were the subject of domestic violence orders – raising the possibility that violent spouses used it to spy on their partners. The Melbourne man is estimated to have made around $350,000 from the program. The AFP has collaborated with forces around the world on the case, and 85 search warrants have been issued globally. As spyware grows more sophisticated, further coordinated action will be needed to crack down on a crime that knows no borders. Companies can reduce the risk of spyware by keeping systems up-to-date, patching promptly and targeting their awareness training efforts.
Signal among the Twilio customers breached in SMS phishing attack
Multiple Twilio customer accounts have been breached by a phishing attack. The cloud communications giant announced the incident on August 7, blaming “a sophisticated social engineering attack designed to steal employee credentials”. Over a hundred organisations have been affected, including the messaging app Signal.
The hackers used phishing messages, apparently sent by Twilio’s IT department, that told victims that their password had expired or their schedule had changed. The criminals then used a spoofed web page to steal user credentials. Twilio has revoked access to the compromised accounts, “re-emphasized” its security training and alerted the customers affected. Signal, which is known for its high security, announced that 1,900 of its users were affected although, without access to a user’s device, the hackers should not be able to view any encrypted messages. The attack is a reminder that even tech giants can be hit by social engineering attacks – though the rise in passwordless sign-in may soon force credential-stealing criminals to change their ways.
Security researcher hacks John Deere tractor to show agtech is at risk
Australian security researcher Sick Codes hacked a John Deere 4240 display and installed the vintage 1990s video game DOOM to show agricultural technology developers how food security is tied to cybersecurity.
Sick Codes, a white hat hacker by trade, hacked into the linux-based display and was able to control the hardware and software. "If you're able to install Doom and play the game on a device, that pretty much means that you've clocked it, you've won the device, there's nothing more to do."
Hacking a tractor to install a video game may seem like a harmless prank, but it illustrates security experts' fears about the vulnerability of our food supply to cyberattacks. It’s proof that the rapid rise of unsecured IoT in the agriculture sector is not without its risks, and can potentially become a major threat if bad actors wished to target food supply chains and critical infrastructure.