Weekly Threat Report - 2nd November 2018
Cyber security of youth data
A Girl Scouts of America branch in Orange County, California, has suffered a security breach potentially exposing the sensitive personally identifiable information (PII) of thousands of minors.
Unidentified hackers were able to log into the email account used to coordinate travel for its members. Sensitive PII extended as far back as 2014 and included name, date of birth, email, address, driver licence, health history and insurance policy details.
Following the compromise, hackers used the same account to send out emails of their own. The content of the emails has not been revealed but they were likely attempted spear-phishing attacks on members.
According to the UK’s Charity Digital News[NP1], the number of reports of data breaches among charities has doubled over the last two years with education and childcare organisations reporting a 142% increase.
Fraudsters can use children’s details to make financial applications and create a credit history for the child whose identity they’ve stolen. Children typically do not have credit records, so it is likely that any activity surrounding the identity theft will remain undetected for a long time.
NCSC’s Cyber security: Small Charity Guide provides small charities with cost-effective measures to improve security across their IT estate and to achieve GDPR compliance.
Victims of an aggressive ransomware known as GandCrab can now find assistance in recovering their files from Europol’s No More Ransom website.
Developed by police in Romania, Bulgaria, France, Italy, Poland, the Netherlands, United Kingdom, United States and individual security companies, the comprehensive decryption tool is able to recover files from all versions of GandCrab apart from v1.4 and v5.
GandCrab is a relatively new piece of malware, discovered back in January 2018, and is largely considered to be ransomware-as-a-service (RaaS). It is understood to have infected over 500,000 victims. Recently it underwent an upgrade where the developers added a crypter service to entice more customers to buy GandCrab.
Europol advise victims who have been infected by GandCrab to visit www.nomoreransom.org where the decryption tool is freely available.
Following NCSC’s guidance on Mitigating Malware could also help prevent ransomware/malware infection.