There’s no shortage of cyber-attacks making the headlines, but what do they mean for you?
At CyberCX, we keep a close eye on the news to identify reports of the latest trends, issues and exploits.
Here we present a selection of recent news stories that caught our attention, and the important lessons we can learn to keep secure.
Don’t neglect upgrading legacy systems
When it comes to securing your environment, upgrading legacy systems can be one of the most effective actions you can take. After all, many legacy systems contain vulnerabilities that are well known to malicious actors.
In December 2020, customers of cloud solutions provider, Accellion, began experiencing breaches due to a zero-day vulnerability in its legacy file transfer application (FTA). FTA is a 20-year old product that relies on outdated and less-secure technology. The application, which was specifically designed to handle moving large amounts of data, potentially allowed the actor to access a significant amount of information. It was subsequently revealed that compromised data was being used as leverage in extortion attempts.
Although Accellion rolled out a patch to stop the initial breaches, it emerged that additional vulnerabilities were being discovered into January. In total, patches have now been released for four identified zero-days:
CVE-2021-27101
CVE-2021-27102
CVE-2021-27103
CVE-2021-27104
For three years Accellion had been encouraging clients to replace FTA and adopt its newest platform, Kiteworks. According to the company, Kiteworks is “built on an entirely different code base, using state-of-the-art security architecture, and a segregated, secure development process.”
So, when a third-party supplier in your environment urges you to upgrade to a newer system because of its enhanced security features, our strong recommendation is to heed their advice.
QR codes expose devices to security risks
Since Covid-19 emerged over one year ago, QR codes have become a ubiquitous feature in our lives. Millions of people are now accustomed to scanning the codes every time they enter a café, shop or workplace environment.
However, what many do not realise, is that QR codes can be used to deliver malware to unsuspecting individuals. A malicious QR code can direct a user to a fake website, capture personal data or install malicious software on the smartphone.
The risks are reduced when the QR code needs to be scanned by a Government-issued application, such as the one released by Service NSW. However, not all venues across Australia are using QR codes that are integrated with a Government-issued application.
Recently, a popular Android application called Barcode Scanner was removed from Google Play after it was discovered to have installed ad-pushing malware onto millions of users’ phones. Users began noticing that they were being redirected to random advertisements. Following investigations, it was discovered that obfuscated malicious code had been hidden in an update.
This case highlights the potential risks associated with QR codes and the applications that read them. Common attack vectors may include:
- Adding new contacts to the phone as a prelude to launching spear phishing attacks.
- Initiating phone calls to the attacker, thereby exposing the victim’s phone number.
- Launching smishing attacks by sending malicious text messages to the user’s contacts.
- Accessing the user’s work emails which may result in Business Email Compromise attacks.
- A malicious QR code could allow hackers to automatically send mobile payments and capture the user’s personal financial data.
- Secretly track the user’s geolocation as reconnaissance for a Business Email Compromise attack.
- Follow the user’s social-media accounts, exposing their personal information and contacts.
- Connect the device to a compromised Wi-Fi network, exposing it to ongoing breaches.
Organisations need to be aware of the risks associated with their teams scanning QR codes. This is particularly the case as many employees now use their own devices for work. These devices may run work-related applications that may be vulnerable.
Mobile device security needs to be a priority for all organisations to protect against phishing attacks, device takeovers, man-in-the-middle exploits and malicious application downloads. Make sure you roll-out security measures on every mobile device that accesses business applications and data, including smartphones, laptops and tablets.
Contact us for further assistance securing the mobile devices in use in your environment.
When it comes to data security ‘hammers’ and nails won’t cut it
English Premier League football club, West Ham, has suffered an accidental data breach on its website.
Visitors to West Ham United’s ticketing portal were able to view the details of fellow supporters, including full names, dates of birth, telephone numbers, addresses, and email addresses, when they attempted to log in to their accounts. The issue, which is believed to be caused by an internal error, has now been resolved.
Ensuring the confidentiality and integrity of data is crucial to protect personal data from exposure. Data Protection is not just a legal requirement, it is also crucial to maintaining the reputation and integrity of your organisation as well as preventing the risk of costly data breaches.
Organisations must seek to adopt and continually improve awareness of Cyber Security controls, validation methodologies and commonly occurring vulnerabilities – to prevent them ever occurring as much as possible, place particularly where customer data is concerned.
To learn more about how you can embed effective security controls and awareness in your organisation Contact CyberCX.
Looking after the children in your care
The government’s National Cyber Security Centre (NCSC) has issued warnings and guidance to nurseries and childminders about the increase of cyber attacks.
This is the first time that the NCSC has issued guidance for industries caring for children in this age group.
The official NCSC statement stated “Even if you think you’re not at risk, we’d encourage you to read the guidance. Following the four steps outlined below will reduce the likelihood of you being a victim, and will help you get back on your feet should the worst happen.
- Back up your important information
- Using passwords to control access to you computers and information
- Protecting your devices from viruses and malware
- Dealing with suspicious messages (phishing attacks)
Take a look at the infographic.
Contact CyberCX if you want to enhance or implement these security controls in your organisation to protect your data.
