This month in security: July 2020
Russian BEC gang targets multinational companies across the world
A newly uncovered Russia-based business email compromise gang, known as Cosmic Lynx, has been linked to BEC attacks targeting hundreds of multinational corporations in over 40 countries.
The cybercriminal gang used a combination of social engineering techniques and well-crafted email messages to target senior executives at various corporations, which are typical BEC tactics. While the typical executive impersonation BEC attack requests amounts in the $55,000 range, the average Cosmic Lynx attack requested up to $1.27 million. This speaks to the depth of their preparation and research in carrying out these attacks. Researchers estimate that the total losses due to their BEC schemes may exceed $400 million. Looks like cybercriminals are catching on to the fact that even big multinational companies can have huge security blindspots, especially when it comes to human error.
The massive Twitter breach reveals the potential for a global security crisis
The Twitter accounts of major companies and high-profile individuals were compromised as part of a large-scale bitcoin scam that earned its creators nearly $120,000 in cryptocurrency.
The Twitter accounts of Barack Obama, Joe Biden, Jeff Bezos, Bill Gates, Kanye West as well as Apple and Uber’s corporate accounts were among those compromised by hackers carrying out a Bitcoin scam. Twitter has confirmed the hackers exploited tools that were supposed to have only been available to its own staff. Attacks like this show just how severe the consequences of even a small attack can be. Data security and privacy concerns aside, the whole episode demonstrates how the impersonation of public figures and fraud can have very real and damaging consequences in the real world, both political and economic.
ATO warns users to watch out for myGov scams
The ATO has warned Australians to stay alert and watch out for an SMS and email phishing campaign that’s targeting myGov users.
Tax season is here, and attackers are intent on taking full advantage of it. Scammers are sending out spoof emails and SMSs disguised as legitimate ATO and myGov SMS messages, complete with shortened links that lead to shady hosting pages designed to skim your login details. Mimecast’s own Threat Intelligence team observed a series of malicious sending addresses and Australian government-themed phishing pages, many of which look like the real deal. Exercise caution, and never click on any links in emails or text messages from myGov or the ATO. Watch out for phone scams too, and always call the ATO or myGov on their official phone number to confirm if the call, email or text came from them.
Australia ranked as the sixth most targeted country in the world for cyberattacks
Data from the Centre for Strategic and International Studies showed Australia experienced 16 major cyberattacks between May 2006 and June 2020.
The data revealed that Australian mining companies, defence contractors and government agencies are popular targets for hacking. Hopefully, the government’s recent $1.35 billion funding will bolster our defences, but it’s up to companies and organisations to take the initiative to modernise their cybersecurity measures. These attacks aren’t going to subside on their own, and building your cyber resilience is one of the best ways to fend off would-be attackers. That, and following our awesome Get Cyber Resilient blog, of course.
Australians targeted by cryptocurrency scam using fake celebrity endorsements
Authorities warn Australians to beware of an online scam using celebrity names to endorse fraudulent Bitcoin scheme.
The latest version of the scam cost a pensioner from Queensland $80,000 when the victim saw television personality David Koch appear to be promoting a Bitcoin business on Facebook, complete with a Sydney-based phone number. Hundreds of people have fallen prey to online scams that use the identities of high-profile personalities like Dick Smith, Mel Gibson, David Koch and Waleed Aly to promote fraudulent get-rich-quick schemes. The Australian Securities and Investments Commission (ASIC) notes that the fraudulent use of celebrities, prominent businesses and government agencies in the marketing of financial products and services is a key indicator of a scam. Remember folks, if it sounds too good to be true, it probably is.
WA teenager published confidential information from the health department online
The West Australian Premier Mark McGowan announced that a 15-year-old boy had intercepted confidential Health Department messages and published them online.
The teenager had gleaned the data from a third-party operated pager service, the use of which was suspended after the data breach was discovered. The health department still uses pagers as they feel the technology was more reliable in some circumstances. Even though no government websites or databases were compromised in the leak, the incident does highlight the challenge of securing critical infrastructure. Use of multi-generation mixed technology stacks can create all sorts of unforeseen vulnerabilities, and cybersecurity teams tasked with securing these systems have their work cut out for them.