Hello and welcome to GlobalSign’s weekly cybersecurity news round-up.
Amazon Web Services (AWS) disclosed it was the victim of the largest ever recorded DDoS attack. The attack, which occurred in February was fortunately not damaging due to its "AWS Shield" service. The event has been described as a “reflection attack,” an attempt to use a vul"nerable third-party server to amplify the amount of data being sent to a victim’s IP address.
Another recent incident still impacting is an attack at Avon. The well-known cosmetics company was the victim of an attack in the UK. As a result, the company was forced to shut down its UK representative website. The 9 June attack affected the company’s IT systems and operations.
After going quiet for several years, the hacker group Anonymous has re-emerged. In the past several weeks the group has claimed responsibility for taking down the Minneapolis Police Department website on May 30th and leaking 798 emails and passwords. Then, on Monday afternoon, a major telecom outage across the US led some to believe Anonymous was responsible for a massive DDoS attack. However, it was just a false alarm – and just “an IP traffic related issue,” according to Mike Sievert, the CEO of T-Mobile. So perhaps Anonymous isn’t as mighty as it used to be. But the group will always bear watching.
That’s the re-cap for the week. Wishing everyone a safe and fun weekend!
Top Global Security News
The Verge (June 18, 2020) Amazon says it mitigated the largest DDoS attack ever recorded
"Amazon Web Services recently had to defend against a DDoS attack with a peak traffic volume of 2.3 Tbps, the largest ever recorded, ZDNet reports. Detailing the attack in its Q1 2020 threat report, Amazon said that the attack occurred back in February, and was mitigated by AWS Shield, a service designed to protect customers of Amazon’s on-demand cloud computing platform from DDoS attacks, as well as from bad bots and application vulnerabilities. The company did not disclose the target or the origin of the attack.
To put that number into perspective, prior to February of this year, ZDNet notes that the largest DDoS attack recorded was back in March 2018, when NetScout Arbor mitigated a 1.7 Tbps attack. The previous month, GitHub disclosed that it had been hit by an attack with a peak of 1.35 Tbps.
February’s attack was a so-called “reflection attack.” As Cloudflare explains, the attempt here is to use a vulnerable third-party server to amplify the amount of data being sent to a victim’s IP address."
Compliance Week (June 18, 2020) Report slams ‘woefully lax’ cyber-security controls at CIA
"Cyber-security protections deployed for some of the nation’s most secret data was 'woefully lax,' according to a 2017 intelligence brief that detailed cyber-security shortcomings at the Central Intelligence Agency (CIA) following the largest-ever data breach at the agency in 2016.
The redacted brief and accompanying letter from Sen. Ron Wyden (D-Ore.), released Tuesday, laid bare a culture at the CIA’s Center for Cyber Intelligence (CCI) that 'prioritized building cyber weapons at the expense of securing their own systems.'
The intelligence brief had scrutinized the aftermath of a 2016 data breach, in which a rogue CIA employee downloaded and stole between 180 gigabytes to as much as 34 terabytes of information. 'This is roughly equivalent to 11.6 million to 2.2 billion pages in Microsoft Word,' the brief notes. One of the system’s acute failings was that it was not able to track exactly what, and how much, data was downloaded and stolen."
Cosmetics Business (June 16, 2020) Avon forced to shut down its UK website after cyber attack
"Avon has been forced to shut down its UK representative website nearly a week after suffering a cyber attack. The direct selling company’s dedicated representative login portal at avon.uk.com currently says ‘We’ll be back soon’, explaining that the website is unavailable.
The 9 June attack is known to have affected the cosmetics brand’s IT systems and operations, which Avon confirmed in a newly-released statement shared with Cosmetics Business: 'Avon has experienced a cyber incident that has interrupted some of its systems and partially affected operations.'"
Forbes (June 16, 2020) No, The U.S. Has Not Suffered The Biggest Cyber-Attack In History: Here’s What Actually Happened
"As hundreds of thousands of people reported mobile carriers and internet services down, and 'DDoS' started trending on Twitter, 'Anonymous' laid the blame on China and suggested a major cyber-attack was underway. Here's what actually happened.
Early in the afternoon of June 15, people across the U.S. started noticing that they were unable to make calls or send text messages. Customer complaints soon popped up on social media suggesting multiple mobile carriers were all experiencing outages. But that wasn't all: internet service providers, the social media platforms themselves, and online services from gaming to banking were all apparently going down like dominoes.
As reported by Jesse Damiani, the plot thickened as a supposed Anonymous news account with 6.5 million followers stirred the pot. YourAnonCentral tweeted that 'The U.S. is currently under a major DDoS attack,' and included a handy attack map showing just how bad things looked. But looks can be deceiving, as can tweets from these accounts claiming Anonymous affiliation."
Daily Mail (June 16, 2020) ‘All our taps are completely dry': Australian pubs run out of beer after a cyber attack disrupted production at one of the country's biggest breweries
"Australia's pubs have started to run out of draught beer after a ransomware attack caused a major brewery to shut down.
The West End Brewery in Thebarton in Adelaide was forced to temporarily stop beer production on June 9 after parent company Lion Australia suffered a cyber attack.
After a week with no product from the brewery, numerous pubs in the Adelaide area have recorded a shortage in beer kegs."
Hashed Out blog (June 15, 2020) Google Chrome to Join Apple’s Safari in One Year Certificate Validity
"It’s no secret, Google has been championing shorter certificate validity within the CA/Browser Forum (CA/B Forum) for years. At the end of last week, a well-known voice within the forum posted on Twitter that the tech giant will be making the switch to a one year validity period of 398 days for SSL/TLS certificates starting Sept. 1. This might sound like a big move, but it doesn’t actually change anything because it was already happening.
Although their past efforts to push one year validity had previously failed, Google is ultimately getting what they want after Apple announced in February that they were leading the charge on this one. That made for a nice early birthday present for Google. But hey, it’s all for the greater good of security, right?
So, what does this actually mean to you as a website owner or administrator? Or as a certificate reseller?"
Other Industry News
Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.