Hello and welcome back to another cybersecurity news wrap-up from GlobalSign.
This week we learned that Tesla was very fortunate as it was able to prevent a ransomware attack at one its factories. The FBI released information regarding the arrest of a 27-year-old male Russian citizen, who according to a complaint, traveled to the US in July on a tourist visa and made contact with a Russian-speaking employee at Tesla’s Gigafactory Nevada. He met the employee, who remains anonymous in the complaint, several times socially before making him a proposition to pay him to help introduce malware in Tesla’s internal computer system in order to extract corporate data and affect Tesla’s operations. The employee immediately informed Tesla, who in turn informed the FBI. Whoever the employee is, they definitely deserve a free car!
We also learned the Department of Justice last week charged Uber’s former chief security officer Joseph Sullivan with obstruction of justice for trying to cover up a data breach at the company four years ago. The breach of PII for more than 57 million customers wasn’t immediately reported to the public or any authorities. Instead, it paid the perpetrators $100,000 in exchange for their silence and didn’t announce the breach until November 2017. That decision was a violation of data breach notification laws in every state. Uber ended up agreeing a massive $148 million fine as part of a settlement with the attorneys general from all 50 states and the District of Columbia. So that $100,000 was not exactly a bargain, was it? And now the former CSO may be headed to prison. That’s life in the age of cyber attacks.
That’s the top news for the week. Enjoy the weekend!
Top Global Security News
Engadget (August 27, 2020) Tesla worked with the FBI to block a million dollar ransomware attack
"Earlier this week, the FBI arrested a 27-year-old Russian citizen for attempting to carry out a ransomware attack against a US company. It turns out that company was Tesla, Electrek reports.
According to a complaint shared by the Department of Justice, in July, Egor Igorevich Kriuchkov traveled to the US and contacted a Russian speaking, non-US citizen who was working at the Tesla Gigafactory in Sparks, Nevada. After meeting with that individual, Kriuchkov allegedly proposed a deal. He would pay the employee $1 million to deliver malware to computer systems at the Gigafactory. Kriuchkov and his associates allegedly planned to extract data from the network and threaten to make it public if Tesla didn’t pay a ransom."
Slate (August 26, 2020) Uber’s Former Security Chief Has Been Charged With Allegedly Covering Up a Data Breach. Good.
"Last week, the Department of Justice charged Uber’s former chief security officer Joseph Sullivan with obstruction of justice for trying to cover up a data breach the ride-share service experienced in late 2016. Uber first discovered the breach of personal information belonging to more than 57 million customers and drivers that year, but the company’s leadership didn’t immediately report the incident to the public or any authorities. Instead, it paid the perpetrators $100,000 in exchange for their silence and didn’t announce the breach until November 2017. That decision violated the data breach notification laws in every state requiring that companies disclose the theft of their customers’ personal information. In 2018, Uber agreed to a $148 million fine as part of a settlement with the attorneys general from all 50 states and the District of Columbia."
Bleeping Computer (August 25, 2020) DarkSide Ransomware hits North American real estate developer
"North American land developer and home builder Brookfield Residential is one of the first victims of the new DarkSide Ransomware.
Brookfield Residential is a U.S. and Canada planned community and single-family home builder with $5.7 billion in assets.
Brookfield Residential is owned by Brookfield Asset Management, a Canadian asset management company with over $500 billion in assets under their control."
TechRepublic (August 25, 2020) How phishing attacks have exploited Amazon Web Services accounts
"Amazon is a target ripe for exploitation in phishing campaigns because the company has such a huge presence across so many different areas. Most phishing emails that impersonate Amazon are aimed at consumers who use the company on a retail level. But some are designed to spoof Amazon on a business level. A series of recent phishing attacks tried to take advantage of organizations that use Amazon Web Services (AWS). In a blog post published Monday, security trainer KnowBe4 describes how these phishing emails proved quite convincing.
In one phishing campaign reported to KnowBe4, the attackers created a basic, no-frills scam to harvest the credentials of AWS users. The messages boasted a clean and simple design, similar to regular email notifications that people would receive from Amazon and other companies."
Dark Reading (August 24, 2020) Average Cost of a Data Breach in 2020: $3.86M
"When companies defend themselves against cyberattacks, time is money. A recent survey of 3,200 people in 524 organizations that suffered data breaches is a bit of a mixed bag. Ponemon's "Cost of a Data Breach Report 2020" (commissioned by IBM) reveals that despite an apparent decline in the average cost of a data breach — from $3.92 million in 2019 to $3.86 million this year — the price tag was much less for mature companies and industries and far higher for firms that had lackluster security automation and incident response processes. In the same vein, Ponemon's examination of the average cost per record varied widely according to the kind of data that was exposed or stolen."
Forbes (August 23, 2020) Beware This Sinister New ‘Dark Side’ $1 Million Cyber Threat, You Must
"Yoda once said that "the fear of loss is a path to the dark side," and while he wasn't talking about the latest cybersecurity threat, he could easily have been.
DarkSide has been active for less than two weeks, but its highly targeted attacks are already earning the cybercrime group big bucks. Fear of data loss is the path that has apparently led at least one victim of this newly-emerging ransomware to pay the $1 million (£765,000) demanded.
As has become something of a norm for the cybercriminals behind the major ransomware threats, DarkSide announced itself by way of a press release, as reported by Bleeping Computer."
OTHER INDUSTRY NEWS
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.