The Irish Data Protection Commission (DPC) slapped Meta with a fine of $18.6 million regarding 12 data breach notifications that took place in 2018. Meta clarified that the fine was about record keeping practices and not a failure to protect people’s information.
"The DPC found that Meta Platforms failed to have in place appropriate technical and organizational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users' data, in the context of the twelve personal data breaches," the watchdog said in a press release. (TheHackerNews)
My thoughts: Large enterprises who handle large amounts of data will be used to set an example for everyone else. When you don’t comply with data privacy regulations, you WILL be penalized. We should expect the same thing will happen this September when Quebec begins to enforce their own version of GDPR with PL64 (Law 25). Large organizations will most likely be the initial targets as this comes into play.
In the midst of everything going on in Russia, the online hacker community is making it their responsibility to cyberattack Russia. They created a tool to let Russians know about the propaganda going on in their country. Here is the excerpt:
“Anonymous programmers Squad303 created a tool that allows non-hackers to make a positive contribution to “the largest and most successful cyber operation in the history of the world.” Within 48 hours of releasing the 1920.in tool, the group reported on Twitter that “the people of the free world sent the Russians 2 million text messages” warning that the people of Russia would suffer as a result of nations’ response to Vladimir Putin’s aggression and that they need to know the truth about his unprovoked war. A week after its launch, that volume had climbed to 7 million.
The team quickly worked on adding the ability to send emails to random Russian accounts and to Russian users via WhatsApp. Squad303 announced today that 20,000,000 text messages, emails, and WhatsApp messages have been sent to Russians by concerned people around the globe using their tool, with “120,000,000 to go…” The group also hinted on Sunday about a forthcoming tool that would allow people to call Russians.”
My thoughts: It’s so terrible that this war is going on. But using cyber hacking for good doesn’t seem to be a bad idea.
Last Monday a cyberattack crashed several Israeli government websites. They blame the outage on denial-of-a-service (DDoS) where the attackers flood the target with traffic that triggers a crash. The officials declined to comment on where they thought the source of the attack originated from. They were able to get the websites back up and running and don’t think there was extensive damage. (Bloomberg)
My thoughts: Interesting to see the DDoS strategy being used more and more by hackers. Although it doesn’t seem to have a large payout at the onset, they may be using it as an initial low level, low effort way to cause havoc to the organization. The ne next step could be a full out ransomware attack.
Within the last month, we covered the US critical system being attacked. Last week, it was discovered that another ransomware-as-a-service gang breached the US critical infrastructures again! This time it’s the AvosLocker group. Only emerging in 2021, this group has seen a spike in activity over the last year.
“The FBI also shared technical details on this RaaS operation, including that AvosLocker representatives allegedly will also call victims to direct them to the payment site to negotiate reduced ransom payments.
If this is true, AvosLocker would be yet another cybercrime group known for using this tactic to push them to pay the ransoms, a tactic pioneered and filed tested by the Sekhmet, Maze, Ryuk, and Conti ransomware gangs.
In some cases, AvosLocker negotiators also threaten and launched distributed denial-of-service (DDoS) attacks during negotiations, likely when the victims are not cooperating, to convince them to comply with their demands.” (BleepingComputer)
Thoughts: More and more groups will emerge. The best way to start protecting yourself is to secure your perimeter and workstations, regular offline backups, update patches, and security awareness training. That’s a great start!
Last week, we spoke about double extortion where the hacker steals files before they ask for ransom. Well, today I discovered a new one.
“Instead of attackers using the threat of leaking a victim's files to pressure them into paying, LokiLock's customers threaten to overwrite a victim's Windows Master Boot Record (MBR), which wipes all files and renders the machine unusable. But that tactic effectively ends all negotiations about payment, of course.” (zdnet)
My thoughts: Backing up your workstation is easy and comes with little effort. There are many tools out there that can automatically back up your end point and scan for any irregularities running on the operating system. In today’s day and age, a compromised workstation should not be considered a huge deal, given the attack has not proliferated throughout the organization.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.