GlobalSign Blog

The GlobalSign Cybersecurity News Round-Up: Week of September 21, 2020

The GlobalSign Cybersecurity News Round-Up: Week of September 21, 2020

Hello and welcome back to another cybersecurity round-up. 

This week the Russian government revealed it is working on updating its technology laws. The proposed law amendments would target internet protocols and technologies such as TLS 1.3, DoH, DoT, and ESNI. The government is supposedly looking to ban the use of internet protocols that hide "the name (identifier) of a web page" inside HTTPS traffic. 

The cyber attack that caused a German hospital to refuse treatment to a woman who subsequently died has been linked to a Russian ransomware gang. According to a report published in German newspaper Aachener Zeitung, the cyber-attack on the Düsseldorf University Clinic was carried out using crypto-locking DoppelPaymer malware. Ultimately the attackers provided a key to the hospital once German police informed them who the attack had impacted, but as reported our blog post last week, it was simply too late for the victim. 

As for newly reported attacks, one of the most notable took place at ArbiterSports, the official software provider for the NCAA (National Collegiate Athletic Association). The company announced this week it was attacked in July. Arbiter, which provides software for sports leagues to manage referees and game officials, reported that the security incident impacted around 540,000 of its registered members. Their data breach notification letter said intruders managed to steal a backup containing sensitive information such as account usernames, passwords, real names, addresses, dates of birth, email addresses, and Social Security numbers. The passwords and social security numbers were encrypted, but the hackers were able to decrypt the data. As a result the company did pay a ransom. 

Eyewear giant, Italy-based Luxottica also reported a cyberattack that has led to the shutdown of operations in Italy and China. The attack also caused the websites of Ray-Ban, SunglassHut, and LensCrafters to crash, though the crashes preceded the main cyberattack. Despite the hack, it appears no information was stolen. 

Finally, e-commerce leader Shopify announced a data breach that has affected nearly 200 merchants. The company report reported that the breach was a result of “two rogue members” on a support team who allegedly “engaged in a scheme to obtain customer transactional records of certain merchants.” 

That’s a wrap for this week’s news. See you next week!

Top Global Security Stories 

ZDNet (September 22, 2020) Russia wants to ban the use of secure protocols such as TLS 1.3, DoH, DoT, ESNI

"The Russian government is working on updating its technology laws so it can ban the use of modern internet protocols that can hinder its surveillance and censorship capabilities.

According to a copy of the proposed law amendments and an explanatory note, the ban targets internet protocols and technologies such as TLS 1.3, DoH, DoT, and ESNI.

Moscow officials aren't looking to ban HTTPS and encrypted communications as a whole, as these are essential to modern-day financial transactions, communications, military, and critical infrastructure.

Instead, the government wants to ban the use of internet protocols that hide "the name (identifier) of a web page" inside HTTPS traffic.

READ MORE

Yahoo Finance (September 22, 2020) Shopify announces data breach affecting fewer than 200 merchants

"Shopify (SHOP) (SHOP.TO) has notified the Federal Bureau of Investigation and the Royal Canadian Mounted Police of a data breach that has affected fewer than 200 merchants.

The e-commerce giant (SHOP) (SHOP.TO) says the data breach was a result of “two rogue members” on a support team who allegedly 'engaged in a scheme to obtain customer transactional records of certain merchants.'

Shopify said in a notice on the company’s discussion forum that after an investigation it terminated the two support team members’ access to the Shopify network and 'referred the incident to law enforcement.'"

READ MORE 

Bleeping Computer (September 22, 2020) Ray-Ban owner Luxottica confirms ransomware attack, work disrupted

"Italy-based eyewear and eyecare giant Luxottica has reportedly suffered a cyberattack that has led to the shutdown of operations in Italy and China.
Luxottica is the world's largest eyewear company that employs over 80,000 people and generated 9.4 billion in revenue for 2019.

The company portfolio of eyeglasses brands contains well-known brands, including Ray-Ban, Oakley, Oliver Peoples, Ferrari, Michael Kors, Bulgari, Armani, Prada, Chanel, and Coach."

READ MORE 

Lexology (September 22, 2020) E-SIGN modernization bill passes Senate committee

"On September 16, the U.S. Senate Committee on Commerce, Science, and Transportation voted 14-12 to approve S. 4159 (the “E-SIGN Modernization Act”), sponsored by Senator Thune, the majority whip. As previously covered by Infobytes, the E-SIGN Modernization Act would amend E-SIGN to remove the requirement that consumers reasonably demonstrate they can access documents electronically before they can receive an electronic version. Instead, consumers would be allowed to obtain documents electronically once they are provided with disclosure information and consent to receiving documents through such means. The E-SIGN Modernization Act was opposed by several consumer advocacy groups, including the National Consumer Law Center, which argued in a letter to the committee that the bill 'would increase fraud and effectively prevent access to legally required information and records about the transactions to which consumers are bound.'"

READ MORE 

ZDNet (September 21, 2020) Details of 540,000 sports referees taken in failed ransomware attack

"A company that provides software for sports leagues to manage referees and game officials has disclosed a security incident that impacted around 540,000 of its registered members — consisting of referees, league officials, and school representatives.

ArbiterSports, the official software provider for the NCAA (National Collegiate Athletic Association) and many other leagues, said it fended off a ransomware attack in July this year.

In a data breach notification letter filed with multiple states across the US [1, 2], the company said that despite detecting and blocking the hackers from encrypting its files, the intruders managed to steal a copy of its backups."

READ MORE

Other Industry News 

Fatal Hospital Hack Linked to Russia

AT&T and Microsoft to streamline cloud connectivity for IoT devices worldwide

NIST introduces Phish Scale Phishing Detection Method 

Microsoft, Italy, and the Netherlands warn of increased Emotet activity

Attackers Target Small Manufacturing Firms

Security pushes DevOps to breaking point

The dark web won't hide you anymore, police warn crooks

3 Key Entry Points for Leading Ransomware Hacking Groups

Like what you’re reading? Head to the Subscriber form in the sidebar to get insightful GlobalSign content delivered directly to your inbox.

Share this Post