This month in security: June 2021

Hackers steal 780GB worth of data from videogame publisher Electronic Arts

 The cybercriminals claim to have stolen the source code for games like FIFA 21 and for the proprietary Frostbite game engine. 
 
Perspective 
Other stolen information included proprietary EA tools and software development kits (SDKs), which are already up for sale on various undergrund hacker forums. EA said no player data had been stolen in the breach and had involved law enforcement agencies to help investigate. Videogames are a massive industry, with the revenue from the worldwide PC gaming market estimated at almost 37 billion U.S in 2020. It’s no wonder hackers are turning their sights on this lucrative market. 
 

Australia’s largest meat processor shut down by ransomware attack 

Multinational company JBS, which is also the largest meat processor in Australia, suffered a ransomware attack that disrupted its global IT operations.  
 
Perspective 
JBS has a network of 47 facilities in Australia, with abattoirs and feedlots in NSW, Queensland, Victoria and Tasmania. Even a day of missed production can have huge consequences in the meat processing industry, especially since a substantial number of workers are employed on a casual or part time basis. As of the time of writing, JBS systems were back online, and there’s no evidence that any customer, supplier or employee data was compromised. We’re seeing hackers branch out their activities to all sorts of industries, and now we have another potentially at-risk industry to add to the list. 

Audit shows that dozens of NSW councils still have cybersecurity gaps to overcome 

The NSW Audit Office found that more than a third of local councils in the state were facing challenges with internal controls and governance arrangements for cybersecurity. 
 
Perspective 
Cyber Security NSW is currently working with the Office of Local Government with the Department of Planning, Industry and Environment to develop an industry-specific cyber security policy by July, while the government has extended the remit of Cyber Security NSW to include councils and smaller agencies. Local councils are aware of the cyber risks out there, and though the wheels of government can turn slowly sometimes, they are turning in the right direction. 
 

Australian Federal Police and FBI arrest hundreds of criminals with encrypted messaging app 

The sting, known as Operation Ironside, involved slipping criminals doctored smartphone handsets and encouraging them to use ANOM, an encrypted messaging app. 

Perspective 
As part of a three-year collaboration between the Australian Federal Police (AFP) and the Federal Bureau of Investigation (FBI), authorities tricked underworld figures into communicating via an encrypted app called ANOM, who were unaware the app had been designed by the police. The doctored devices were spread throughout the criminal underworld by other criminals, with the app being billed as super-secure and private. Organised crime gangs around the world used ANOM to plan everything from executions and drug deals to money laundering. Meanwhile, the app secretly sent back data, chats, pictures and messages back to the authorities, enabling them to collect evidence. The whole operation was a clever bit of social engineering done by the good guys, and it proved that criminals are just as susceptible to scams as the rest of us. 
 

Global study reveals that 9 out of 10 health apps harvest user data 

Research published in the British Medical Journal revealed that over 20,000 mobile health apps harvested sensitive user information, and some apps even tracked users across different platforms. 

Perspective 
Research by the Macquarie University Cyber Security Hub noted that the vast majority of apps (88%) were using tracking identifiers and cookies to track user activities on mobile devices, and some were actually using tracking across different platforms. While two-thirds of the apps collected advertising identifiers or cookies, one-third could collect a user’s email address, and about a quarter could identify the mobile phone tower to which a user’s device was connected. The health app industry is surprisingly unregulated, which makes health apps a ‘user beware’ kind of secenario. Best to do your due diligence before installing a health app. Who knows where your data could end up. 
 

Millions of Dell computers shipped with a firmware vulnerability  

Analysts discovered a vulnerability in the BIOS updater for several types of Dell devices that could allow hackers to bypass a user’s operating system. 

Perspective 
The vulnerability can allow hackers access to individual devices, but since the vulnerability exists at the firmware level, hackers can’t use the internet to exploit it directly. Dell has already released patches for the vulnerability, so if you’re reading this on a Dell machine, best to check if you need to install the updates.