This month in security: July 2021
NSW Education Department hit by cyberattack
The NSW Department of Education was been targeted by a cyberattack just hours after they made a remote working announcement.
The department was forced to disable some of its IT systems as a precaution, causing disuptions which lasted up to 21 hours. Department Secretary Georgina Harrisson said federal agencies, NSW Police and Cyber Security NSW were working to restore systems as soon as possible. In light of lockdowns, both teachers and students are heavily relying on IT systems for remote learning. It’s easy to see how a disruption like this can throw schedules into chaos for everyone involved.
Uber breach may have put the data of over 1 million Australians at risk
The Australian Privacy Commissioner has ordered Uber to comply with Australian Privacy Principles after finding the tech giant’s data breach in 2016 may have put the privacy of 1.2 million Aussies at risk.
Australia's Information Commissioner and Privacy Commissioner found that tech giant Uber needed to comply with Australian regulations and take concrete steps to prevent data breaches like the one in 2016 from happening again. While there was no evidence of further misuse of the data in question, the OAIC said its investigation focused on whether Uber had adequate preventative measures in place to protect Australians' data. Uber had already committed to upgrading their systems and policies since the incident.
Remote access hackers steal more than $7.2m from Aussies
Scammers have stolen millions from Australians by gaining illicit access to home devices, an increase of 184 per cent compared to the same period last year.
According to the ACCC’s Scamwatch, almost 6,500 Australians have reported phone calls from scammers trying to convince them to download software that gives access to home devices and their bank accounts. The scammers pretend to be from well-known organisations like Telstra, eBay, NBN Co, Amazon, banks, government organisations, police, and computer and IT support organisations. If you ever get a call like that, best to hang up and contact the organisation in question on their official number.
Major ransomware attack forces closure of 800 Swedish stores
One of the largest ransomware attacks in history forced the Swedish Coop grocery store chain to close all 800 of its stores because it could not operate its cash registers.
The shutdown of the major food retailer followed an unusually sophisticated attack on U.S. tech provider Kaseya. The ransomware gang REvil is suspected of hijacking Kaseya's desktop management tool and pushing a malicious update that infects tech management providers serving thousands of business. Kaseya’s technology is used by many organisations worldwide, making the ransomware attack a worldwide threat.
Cyberattack disrupts major South African port operations
The attack disrupted container operations at Cape Town, blocking cargo and impacting state-owned port operator Transnet.
Cape Town Harbour Carriers Association said the port’s operating systems had been cyberattacked and there would be no movement of cargo until the system was restored. Transnet confirmed its IT applications were experiencing disruptions and it was investigating the cause. We’ve talked before about how supply chains are only as strong as their weakest link. Logistics companies need to get serious about cybersecurity, because attacks like these are only going to become more common.
Hackers breach rail network in Iran
Trains were delayed or cancelled as ticket offices, the national railway's website and cargo services were disrupted, with "unprecedented chaos at railway stations across the country", state broadcaster IRIB reported.
It looks like hackers around the world have developed a taste for hacking critical infrastructure. Train services in Iran were delayed by apparent cyberattacks, with hackers posting the phone number of the country's supreme leader as the number to call for information, as reported by state-affiliated news outlets. Whatever their motivations, incidents like this just illustrates the global trend of hackers turning their attention towards disrupting national-scale infrastructure.