Cyber News

Monday, 11th March 2019

As a valued member of the CIP network, you receive this information which is gathered from current, open source data supplied through contacts within diplomatic posts, law enforcement agencies & UK intelligence services.

This brief is supplied in partnership with Dilitas, a UK-based International Risk & Security Management company. This information is intended to keep you informed of current security situations and risks within the UK and internationally. Share this briefing with your colleagues to share awarness.

Briefing

• A large hacking attack on Israeli websites was largely foiled over the weekend. The hackers has attempted to plant ransomware on over one million Israeli web pages, locking users out until they paid a ransom. While the attempt to freeze Israel's internet was thwarted, many web pages were defaced with the words "Jerusalem is the capital of Palestine."

• Cyberattacks linked to Iranian hackers have targeted thousands of people at more than 200 companies over the past two years, Microsoft Corp. said, part of a wave of computer intrusions from the country that researchers say has hit businesses and government entities around the globe.

• Iranian-backed hackers have stolen vast amounts of data from a major software company that handles sensitive computer projects for the White House communications agency, the U.S. military, the FBI and many American corporations, a cybersecurity firm told NBC News. Citrix Systems Inc. came under attack twice, once in December and again Monday, according to Resecurity, which notified the firm and law enforcement authorities.

• Cybersecurity firm McAfee has said a group of North Korean hackers have been actively targeting “critical infrastructure” in an operation that started 18 months ago and likely did not stop during Donald Trump’s recent summit with Kim Jong-un in Vietnam.

• A team of cybersecurity researchers said Monday (4th March) that they have identified a state-sponsored Chinese hacking group that has launched cyberattacks to try to bolster China's navy.

• [UK] Bank customers are falling prey to a new fraud where criminals hack the codes financial firms send via text messages to verify transactions. As an anti-fraud measure, some banks send customers a unique code by text message that must be entered to allow a transfer or payment. These messages are designed to boost security, but now criminals have worked out how to intercept and exploit them.

• Cryptocurrency exchange Coinbase has acknowledged it made a major mistake when it bought Italian blockchain analytics firm Neutrino, whose senior management staff included several members of infamous Italian firm Hacking Team—which has reportedly sold powerful hacking and surveillance tools to oppressive governments.

• Chinese hackers have targeted more than two dozen universities in the U.S. and around the globe as part of an elaborate scheme to steal research about maritime technology being developed for military use, cybersecurity experts and current and former U.S. officials said.

• The National Crime Agency is investigating the hacking of a state-backed Scottish charity amid speculation that the Russian government was behind the cyber attack. The Institute for Statecraft, which examines governance and human rights, was hacked last year. Its co-founder, Chris Donnelly, told Sky News that he believed the Russian government was the perpetrator.

• Security flaws in three specialist car alarms have left vehicles vulnerable to being stolen or hijacked, say researchers. The bugs were found in alarm apps by Clifford, Viper, and Pandora. The alarms are on three million vehicles.

About CIP

CIP are specialist cybersecurity and digital risk consultants, global leaders in PKI discovery and management via the Whitethorn product suite. CIP security consultants work across defence, financial services, CNI and manufacturing to address critical risk, protect hard-won assets and enable communities of trust.

To learn more about what CIP can do for your organisation, please visit CybersecIP.com

If you require more specific information or for assistance with your cybersecurity challenges, please contact Claire via info@cybersecip.com.