Top news stories this week
- 'qwerty' no more. The UK bans common and easily guessable passwords on smart devices.
- Leaked. Qantas and JP Morgan inadvertently expose customer data during system updates.
- Take the stand. Cause of Change Healthcare attack revealed in US Senate testimony.
- Phishing. US Post Office phishing website is visited almost as often as the official one.
- Sentenced. Member of REvil given more than 13 years in prison for role in over 2,500 cyber attacks.
- Malicious dose. Hackers target Canadian pharmaceutical chain and cause significant operational disruption.
1. The UK becomes first country to ban common and easily guessable passwords on smart devices
The UK has enacted the Product Security and Telecommunications Infrastructure (PSTI) Act, making it the first country to prohibit default or easily guessable passwords on smart devices. Effective since April 29, the act mandates product manufacturers to enforce minimum security standards and disclose how long products will receive updates for. Vendors who fail to adhere to this act will face fines.
So What?
Global adoption of such laws could decrease botnet activity as threat actors rely on brute-forcing common passwords to compromise smart devices and convert them into bots.
[Researcher: Aditya Ganjam Mahesh]
2. Qantas and JP Morgan accidentally expose sensitive data
Due to a misconfiguration during system updates, Qantas inadvertently exposed the personal data and boarding passes of some of their app users. The Australian airline assured customers that no financial data was breached but have advised customers to log out of their accounts and remain alert for potential scams. The number of affected customers remains unclear.
Separately, a software flaw led to an internal data breach at JP Morgan, affecting over 450,000 individuals. The disclosed data included sensitive personal and financial information and was accessible to three unauthorised system users. JP Morgan deployed a software update to address the issue and has notified all affected parties.
So what?
Having a well defined change management programme is an important strategy to mitigate the risk of unexpected issues related to system or network modifications.
[Researcher: Amy Gregan]
3. Cause of Change Healthcare attack revealed by UnitedHealth CEO in US Senate testimony
UnitedHealth’s CEO Andrew Witty has confirmed that compromised credentials within a Citrix remote access solution without MFA caused the ransomware attack on Change Healthcare earlier this year. The cyber attack has put a spotlight on UnitedHealth’s role in the US healthcare system, with some lawmakers criticising its monopolisation in the industry.
So what?
Ensuring all methods of remote access are protected with MFA can prevent the exploitation of compromised credentials.
[Researcher: David Broome]
4. US Post Office phishing website visited almost as often as the official one
Threat actors have created replicas of the official US Postal Service (USPS) website to trick victim’s into providing login credentials and financial details. Malicious links to the site are delivered through smishing campaigns. Security researches have suggested that the fake domain attracts almost an equal amount of traffic compared to the USPS’ legitimate site.
So what?
Customers should be wary of unsolicited messages containing links and verify website URL’s before disclosing any sensitive data.
[Researcher: Lena Krummeich]
5. Member of REvil sentenced to more than 13 years in prison
A member of the now disbanded ransom group REvil, Yaroslav Vasinskyi, has been sentenced to more than 13 years in prison in the US, and ordered to pay USD 16 million in restitution for his role in launching over 2,500 global cyber attacks.
So what?
The sentence sends a strong message to cyber criminals that their activities will not go unpunished if caught.
[Researcher: Waithera Junghae]
6. Cyber attack forces closure of all London Drugs pharmacy chain stores
Canadian pharmacy, London Drugs, temporarily closed its branches after suffering a major cyber security incident. Stores across Western Canada will remain closed for the duration of the forensic investigation and customers are advised that local stores can only support urgent pharmacy needs.
So what?
Cyber incidents can impact the operation of critical services. It is important to develop business continuity plans and test them regularly to ensure operations can continue during a worst case scenario.
[Researcher: Adelaide Parker]