Weekly Threat Report - 17th August 2018
Report's are drawn from recent open source reporting, see the latest report here:
software secure? What about your hardware?
Researchers at the DEF CON 2018 cyber security convention revealed that they could access an internal network using legacy technology – a fax machine.
Fax is now viewed by many as obsolete, meaning its security is potentially overlooked. However, faxes are not only still used, but have been integrated into printers and photocopiers. Fax machines use protocols developed in the 1980s; in this case, the researchers used these old protocols to exploit modern printers.
The impact of not upgrading hardware can be just as great as for software, and can potentially double the risk of a breach. Legacy hardware may be unable to integrate with modern systems, may lack software updates for vulnerabilities, may fall short of regulatory requirements and may lack modern security features. It may also provide an easy access point for cyber actors to gain access to networks and conduct further operations.
Where possible, both software and hardware should be updated. The benefits of upgrading systems typically outweigh the risks of upkeeping a legacy system.
Data breaches fueling phishing scams
An ongoing email scam claims to plant spyware on a victim’s computer or phone and to record them visiting adult websites. $1,000 in Bitcoin is then demanded to prevent wider release of the video.
Such scam emails are common. However, in an attempt to convince the victim of its authenticity, this campaign has included both the victim’s password and, more recently, a partial phone number in the threatening emails. It is unclear how the scammers obtained these details, but recent or historic data breaches are a likely source.
Data breaches are common and have occurred through a variety of methods. Just this week, holiday firm Butlin’s said over 30,000 customer records, including names, email addresses and phone numbers, were stolen following a phishing email. The NCSC has issued phishing guidance for organiations.
Whilst there is no evidence linking the details used in this email campaign with this breach, the use of compromised personal data in combination with large scale scam emails increases the potency of an old threat.
The Action Fraud website features advice on protecting against phishing. Fraud, cyber crime and phishing attempts should be reported online or by calling 0300 123 2040.
The NCSC published 2FA guidance for individuals this week.