Hello and welcome back to another cybersecurity news wrap-up from GlobalSign!
Thankfully this update is not chock full of new, devastating enterprise attacks such as the ones recently directed at Twitter and Garmin. However, a well-known cybersecurity training company, the SANS Cybersecurity training organization, was hit by a data breach due to an employee getting pulled into a phishing attack. As a result 28,000 records of personally identifiable information are now lost. While incredibly ironic, this attack makes it clear that even the best of well-intentioned, respected organizations can be no match for bad actors. Defenses must be put in place to prevent phishing scenarios such as this.
Meantime, in Canada, the results of a new survey from RSA shows that 70 percent of fraud-based phishing attacks are directed at it, making it the most frequently targeted country by far.
Also, December 2019 Ransomware victim Travelex will be cutting 1,000 jobs and has appointed consulting firm PwC as administrator. The impact of last year’s attack, combined with the COVID-19 pandemic, has severely impacted the business.
Also, the Bank of Ireland will reimburse customers hit by a cyber fraud scheme that dropped fake texts into genuine interactions between the bank and account holders.
Finally, ComputerWeekly took an interesting look at Dharma ransomware and how it has become an actual service business. The notion of attackers serving in a “business” capacity has always been fascinating to me. I’m hoping for someone to make a movie about it one of these days!
That’s this week’s highlights. Grab a cup of coffee to review all the stories included in this week’s post!
Top Global Security News
Bleeping Computer (August 11, 2020) SANS infosec training org suffers data breach after phishing attack
"The SANS cybersecurity training organization has suffered a data breach after one of their employees fell victim to a phishing attack. The SANS Institute is one of the largest organizations that offer information security training and security certification to users worldwide.
In a notification posted to their site today, SANS states that one of their employees fell for a phishing attack that allowed a threat actor to gain access to their email account.
This compromise was discovered on August 6th as part of a review of their organization's email configuration."
IT World Canada (August 11, 2020) Nearly 70% of fraud phishing attacks are directed at Canada: RSA report
"For the fifth quarter in a row, the Great White North was ravaged by fraud-based phishing attacks, making it the most frequently targeted country by far, absorbing 66 per cent of all attacks, according to RSA’s Quarterly Fraud Report for Q1. The next most commonly targeted country, the U.S., accounted for only seven per cent.
David Masson, director of enterprise security at cybersecurity firm Darktrace, says the latest figures 'don’t make us look very good,' but noted how RSA’s report doesn’t identify how successful those launched phishing attacks were. When asked why Canada is picked on nevertheless, Masson pointed to a couple of possibilities: Canada’s proximity to the U.S., a largely English-speaking language, which means phishing attacks can be written in English and appear more legitimate, and our economic status."
Tech Crunch (August 11, 2020) No pen required: The digital future of real estate closings
"On a Wednesday at 4 p.m. in June 2017, I was in a small, packed office in midtown Manhattan.
The overcrowded conference room, with at least five more people than any fire marshal would recommend, was stacked comically high with paperwork and an eclectic collection of cheap pens. As I neared the end of the third hour and the ink of my seventh pen, I realized the mortgage closing process may be somewhat antiquated."
Tech Republic (August 11, 2020) Phishing emails tempting people with fake coronavirus vaccines
"Cybercriminals have exploited virtually every aspect of the coronavirus pandemic as they aim malware at people curious or anxious about the outbreak. We've seen phishing emails and malicious content centered around the initial spread of the virus, the resulting lockdown, the transition to remote working, the stimulus payments, and the return-to-work effort.
But one especially sensitive area found in many phishing emails has been the promise of a coronavirus vaccine. This topic naturally arouses attention and excitement as many people believe that the only way we'll return to some sense of normalcy will be through a COVID-19 vaccine. A report released Tuesday by cyber threat intelligence provider Check Point Research highlights some of these campaigns and offers advice on how to combat them."
Independent (August 10, 2020) Bank of Ireland to refund customers after fraudulent 'smishing' campaign hit accounts
"Bank of Ireland will reimburse customers hit by a cyber fraud that dropped fake texts into genuine interactions between the bank and account holders.
The bank said it is launching a fraud awareness campaign highlighting tactics deployed by criminals to trick customers into providing their banking details. It will also reimburse customers identified as being impacted by a targeted text ‘smishing’ campaign – which dropped fraudulent texts into the genuine Bank of Ireland text thread – which has been active during Covid-19."
InfoSecurity (August 10, 2020) Travelex Forced into Administration After Ransomware Attack
"Ransomware victim Travelex has been forced into administration, with over 1000 jobs set to go.
PwC announced late last week that it had been appointed join administrators of the currency exchange business.
Despite operating over 1000 ATMs and 1000+ stores globally, and providing services for banks, supermarkets and travel agencies in over 60 countries, the firm was forced to cut over 1300 jobs as part of the restructuring."
OTHER INDUSTRY NEWS
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.