google-site-verification: googlee9447d3b266da5de.html NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Monday, December 4, 2017

Weekly Threat Report - 01st December 2017

 

 

Report's are drawn from recent open source reporting, see the latest report here:

 

Imgur compromise
 

Image-sharing website Imgur has been alerted to a security breach in which the email addresses and passwords of 1.7 million users worldwide were compromised in 2014. Investigations are ongoing but in a public blog post, the company’s CEO has said that, although passwords were hashed using SHA-256 at the time, users should still take precautions such as using a different password for every site and application.

 

The website does not hold any other personal data on its users beyond email addresses, but victims who use the same email and password combinations across multiple applications or websites may be at risk. This incident is indicative of an increasing frequency of online data breaches and it is important for users of online applications to diversify their passwords to prevent being targeted when their passwords are leaked on other platforms. It is also important for companies to use a recommended form of protection for passwords in databases.

The breach was discovered by a security researcher who highlighted the “exemplary” response by the company, in which action was taken just over 24 hours after it was alerted to the compromise.

 

Companies should be aware that Europe’s GDPR (General Data Protection Regulation), which comes into force in May 2018, will be enforced by the UK’s Information Commissioner’s Officeand will stipulate that data breaches must be responded to within 72 hours or a hefty fine will be issued. This could potentially amount to €20 million (approx £17.6m) or 4% of a firm's global turnover (whichever is greater).

 

Cyber criminals target the Regional Transit System in Sacramento, California
 

Cyber criminals have reportedly compromised the corporate IT system of the Sacramento Regional Transit District (SacRT), deleting internal operations data. SacRT is the sole operator of local public bus and tram services in the Sacramento area of California, but reports suggest services were unaffected by the breach.

 

The attack began when hackers defaced SacRT’s website, stating that they were “good hackers” seeking to help the organisation fix website vulnerabilities and requested SacRT contact them. When contacted, the attackers said they had access to corporate systems and demanded $7000 worth of Bitcoin be paid to prevent deletion of data. SacRT refused to pay the ransom resulting in approximately 30% of its data being deleted. This affected the organisation’s internal operations including the ability to dispatch employees and assign buses to routes.

SacRT was able to make use of backups to restore the deleted data. The organisation also took down its website and shut down systems used to process credit card payments as a precaution. Passengers were still able to pay fares using cash and through SacRT’s mobile app that is hosted separately on a cloud-based system. It is reported that customer data was unaffected by the breach and that no data was stolen.

 

This incident demonstrates how quickly cyber attacks can escalate. It is important to maintain secure backups of business critical data to ensure organisations are able to recover from a range of incidents including a data deletion attack or ransomware. The NCSC has published guidance on factors to consider when backing up data.

 

 

National Cyber Security Centre Threat Reports

 
ASKET Cyber Security Resources
 

 

 

 

 

Please reload

ASKET Ltd The Worlds Trusted Broker
ASKET Social Media
  • Grey LinkedIn Icon
  • Grey Twitter Icon
  • Grey Facebook Icon

SOCIAL MEDIA

ASKET Contact

CONTACT

UK Tel: +44 7827 012195

UAE Tel: +971 5283 33164

Email: broker@asket.co.uk

ASKET Address

ADDRESS

ASKET Ltd

86-90 Paul Street

London

EC2A 4NE

Company NO: 08763474