Welcome to the first cybersecurity news roundup of 2021.
We certainly ended 2020 with a bang after the startling – and dire - mid-December revelation of the SolarWinds Orion hack. Now, three weeks later, the shock and awe seems to be wearing off as the harsh realityof the damage caused sets in. The attack been described as “nothing short of a virtual invasion by the Russians into critical accounts of our federal government," and “our modern-day 'Cyber Pearl Harbor.'” This week the United States government officially said that it’s placing blame on Russia.
Just as the world was trying to make sense of all the damage from the SolarWinds hack, supporters of President Trump broke into the US Capitol building and accessed at least one computer system in the office of House Speaker Nancy Pelosi. This has led to serious concerns about what digital infrastructure could have been compromised by the insurrectionists.
For US cybersecurity, the two incidents are a like a one-two punch right to the head. Who knows how long it could take to assess – and repair – the damage.
Beyond these two incidents there’s been plenty of other activity.
- A group of data activists known as Distributed Denial of Secrets published a huge new set of data on its website, all collected from dark web sites where the information was originally leaked online by ransomware hackers. The 1 terabyte of data included more than 750,000 emails, photos, and documents from five companies. total, the giant data collection spans industries including pharmaceuticals, manufacturing, finance, software, retail, real estate, and oil and gas.
- T-Mobile disclosed another security - its fourth data breach in the past three years, after incidents in August 2018, November 2019, and March 2020. Its cybersecurity team found that hackers accessed customer details such as phone numbers, the number of lines subscribed to an account, and, in some cases, call-related information, which T-Mobile said it collected as part of the normal operation of its wireless service.
- Italian mobile operator HoMobile has confirmed a massive data breach on Monday. The company is offering to replace the SIM cards of all affected customers (about 2.5 - And some good news…Baltimore County Public Schools said on Wednesday third-party experts with whom they’ve been working with in the ransomware cyber attack case have confirmed that there is no evidence that any data was accessed or stolen.
That’s all for this week. Thanks as always for stopping by our blog!
Top Global Security News
The Independent (January 7, 2021) Capitol Rioters Breach of Government Computers is Cybersecurity ‘Worst Case Scenario’, Says Experts
"The risk posed to the US government’s cybersecurity, as supporters of President Trump stormed the Capitol Building in Washington DC, has been called a “worst case scenario” by one cybersecurity expert.
In shocking images, rioters managed to get access to at least one computer system in the office of House Speaker Nancy Pelosi, which has led to serious concerns about what digital infrastructure could have been compromised by the insurrectionists.
In a now-deleted tweet, Elijah Schaffer, a reporter for the right-wing publication The Blaze, wrote that he was 'inside Nancy Pelosi’s office' with what he described as 'revolutionaries' who had 'stormed the As government employees left their workstations many other devices, such as laptops and phones, may have been left accessible.
The presence of unmonitored individuals may also mean physical bugs were planted, either by foreign actors or other malicious persons who planned for Capitol Building security forces to be overcome.'”
Wired (January 6, 2021) Anti-Secrecy Activists Publish a Trove of Ransomware Victims' Data
"For years, radical transparency-focused activists like WikiLeaks have blurred the line between whistle-blowing and hacking. Often, they've published any data they consider to be of public interest, no matter how questionable the source. But now one leak-focused group is mining a controversial new vein of secrets: the massive caches of data stolen by ransomware crews and dumped online when victims refuse to pay.
Today the transparency collective of data activists known as Distributed Denial of Secrets published a massive new set of data on its website, all collected from dark web sites where the information was originally leaked online by ransomware hackers. DDoSecrets has made available about 1 terabyte of that data, including more than 750,000 emails, photos, and documents from five companies. The group is also offering to privately share an additional 1.9 terabytes of data from more than a dozen other firms with selected journalists or academic researchers. In total, the giant data collection spans industries including pharmaceuticals, manufacturing, finance, software, retail, real estate, and oil and gas."
ZDNet (January 5, 2021) Italian mobile operator offers to replace SIM cards after massive data breach
"Ho Mobile, an Italian mobile operator, owned by Vodafone, has confirmed a massive data breach on Monday and is now taking the rare step of offering to replace the SIM cards of all affected customers.
The breach is believed to have impacted roughly 2.5 million customers.
It first came to light last month on December 28 when a security analyst spotted the telco's database being offered for sale on a dark web forum."
ZDNet (January 4, 2021) T-Mobile discloses its fourth data breach in three years
"US telecommunications provider T-Mobile disclosed a security breach last week, its fourth data breach in the past three years, after incidents in August 2018, November 2019, and March 2020.
'Our Cybersecurity team recently discovered and shut down malicious, unauthorized access to some information related to your T-Mobile account,' the company said in letters sent to customers, obtained by ZDNet, and on a page on its official website.
The investigation found that hackers accessed customer details such as phone numbers, the number of lines subscribed to an account, and, in some cases, call-related information, which T-Mobile said it collected as part of the normal operation of its wireless service."
CBS News (January 3, 2021) The threats arising from the massive SolarWinds hack
"Like the coronavirus, it came from overseas, arriving, initially, unnoticed. When it was finally, belatedly discovered, the outrage (for a few days at least) was epic.
'This is nothing short of a virtual invasion by the Russians into critical accounts of our federal government,' said Democratic Senator Dick Durbin.
Democratic Rep. Jason Crow called the hack 'breathtaking,' and referred to it as 'our modern-day 'Cyber Pearl Harbor.'"
Other Industry News
The SolarWinds hack is stunning. Here's what should be done: Opinion by Bruce Schneier
Feds Issue Recommendations for Maritime Cybersecurity
Baltimore County Schools: No Data Was Accessed, Stolen After Ransomware Cyber Attack
Legal requirements for IoT security start to emerge
Sabre Settles for $2.4 Million Over 2017 Breach
What does the Brexit Agreement say about data protection?
Metro Vancouver’s TransLink confirms ransomware data theft, still restoring systems
Whirlpool Hit With Ransomware Attack
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.
