This month in security: January 2021
ASIC and Reserve Bank of NZ become the latest targets of Accellion hack
The Australian Securities and Investments Commission and the Reserve Bank of New Zealand announced they had been hit by cyberattacks that may have allowed criminals access to sensitive data.
Both attacks exploited a vulnerability in Acellion’s file-sharing software, which was used by both ASIC and RBNZ. In ASIC’s case, the attackers gained unauthorised access to a server containing documents related to Australian credit license applications. Almost every organisation relies on a variety of third-party services and providers to carry out their day to day operations, which makes vetting your partners more important than ever. You absolutely must know who you’re entrusting your data to.
Emotet, the world's most dangerous malware botnet, disrupted by a global police operation
A coordinated strike by international law enforcement agencies took control of the botnet infrastructure used by cybercriminals.
Europol, the FBI, the UK's National Crime Agency and others conducted a coordinated crackdown which got investigators control of Emotet’s infrastructure. Emotet started off as a banking trojan in 2014 but quickly evolved into one of the most dangerous forms of malware in the world. This is a massive win for cybersecurity. Even though catching a trojan seems mundane, reining in Emotet will protect people and business around the world from cyberattacks which could have potentially cost them millions of dollars in damages.
Massive data leak exposes information scraped from more than 2 million Australian social media accounts
SafetyDetectives, the team behind the discovery, claims around two million Australian social media users were among the more than 214 million that were found on a database belonging to Chinese social media management company Socialarks.
While most of the data-scraping seemed like it was done for legitimate business and marketing purposes, it could have also been used for identity fraud or targeted scams. This just goes to show how much of our data is publicly available. Bits and pieces of our data may be scattered across dozens of sites, but when combined, it can reveal a lot of information about us. Always be careful with your personal data when online. You never know who might be snooping around.
Scammers posing as the Australian Cyber Security Centre using phone calls and emails to target Australians
The government has issued a warning about a social engineering campaign that is currently underway.
The scammers claim to be from ACSC and ask victims to download remote access tools (RATs) like TeamViewer and AnyDesk to help resolve ‘malware issues’. If users run the RAT on their devices, the scammers ask them to open a web browser and access their online banking services and then steal their financial information. Human error is the biggest cybersecurity risk, and it pays to be cautious if you ever receive a message like that. ‘Stranger danger’ is very real in the online world, so err on the side of caution and never download anything a stranger asks you to!
Belgian government’s stance on 5G attacked by a network of Twitter bots
A cluster of fake accounts on Twitter amplified, and sometimes created, articles that attacked the Belgian government’s recent plans to limit the access of “high-risk” suppliers to its 5G network.
Social media research group Graphika published a report detailing how a small network of 14 Twitter accounts carried out a coordinated campaign to criticise the Belgian government's plan to ban Huawei from supplying 5G equipment to local telecommunications providers. Even though the botnet was small, tweets were often amplified by other accounts, some fake, and some authentic. Though the attack was nipped in the bud, it illustrates how hackers can use botnets and fake accounts to influence public opinion at large and the importance of responding quickly to misinformation.
Hackers are using fake collaboration apps to steal data from remote workers
Cybercriminals are turning their attention to the work-from-home trend, seeing an easy opportunity to sneak into corporate networks.
Who doesn’t love a free collaboration app? Turns out cybercriminals love them too, if only to trick remote workers into installing malware on their work devices. Using phishing emails and fake apps on popular app stores, attackers entice unsuspecting users with free but fake productivity apps, video conferencing apps and collaboration apps, and then steal personal info to get to their real target: their company’s network. If you’re working from home, stick to your IT department’s whitelisted apps, and remember, freeware usually comes with a hidden cost.