Cyber News

Monday, 25th March 2019

As a valued member of the CIP network, you receive this information which is gathered from current, open source data supplied through contacts within diplomatic posts, law enforcement agencies & UK intelligence services.

This brief is supplied in partnership with Dilitas, a UK-based International Risk & Security Management company. This information is intended to keep you informed of current security situations and risks within the UK and internationally. Share this briefing with your colleagues to share awarness.

BRIEFING

• Telecommunications or telecom fraud is a fast-growing field of criminal activity and a low-risk alternative to traditional methods of financial crime, costing today’s world some US$32.7 billion (€29 billion) annually, according to a joint report published Thursday by Europol’s European Cybercrime Centre and Trend Micro, a Taiwanese cyber security and defense company.

• UK e-commerce fraud hit nearly £400m in 2018, accounting for the vast majority (78%) of all card not present (CNP) fraud and fueled by an ongoing epidemic in data breaches and social engineering, according to UK Finance.

• [UK] The theft of personal information following data breaches drove an increase in money stolen through fraud to £1.2bn last year. A number of well known companies suffered high profile data breaches in 2018, including Facebook, Google, and British Airways.

• Hacking group called APT10, who were believed to be working for the Chinese intelligence agencies, hacked and then stolen data from a Norwegian company called Visma. Visma provides the cloud-based business software solutions to the European companies.

• The U.S. Federal Emergency Management Agency (FEMA) exposed 2.3 million disaster survivors to possible identity theft and fraud by improperly sharing sensitive personal information with an outside company, according to an internal government watchdog.

• One of the world's biggest aluminium producers has switched to manual operations at some smelting plants following a "severe" ransomware attack. Hydro, which employs more than 35,000 people in 40 countries, says the attack began on Monday [18th March] night and is ongoing.

• It announced independent watchdog the Centre for Data Ethics and Innovation (CDEI) will investigate algorithms used in the justice and financial systems. But services using the artificial intelligence already, such as predictive policing, will continue.

• Russian state-backed hacking groups are actively targeting governments, media and political parties across Europe as part of a cyber espionage campaign ahead of the European Union elections in May – and a series of national elections set to place across this year.

• A Lithuanian man admitted he helped trick Facebook Inc. and Alphabet Inc.’s Google into sending more than $100 million through a phishing scheme. Evaldas Rimasauskas, 50, pleaded guilty to one count of wire fraud before U.S. District Judge George Daniels on Wednesday under an agreement with prosecutors and will forfeit $49.7 million. Rimasauskas was extradited to New York in August 2017. He faces as many as 30 years in prison when he is sentenced July 24.

• Four men have been arrested in South Korea, accused of secretly filming 1,600 hotel room guests and selling the footage via a website. Mini-cameras were installed in TVs, hair-dryer holders and sockets. The men allegedly earned $6,200. If convicted, they face up to 10 years in prison and a 30m won ($26,571; £20,175) fine.

• Last May, Mexico's central bank (Bank of Mexico/Banco de México) revealed that hackers siphoned off about $20 million from accounts of five companies through fraudulent transactions.

• New figures from trade body UK Finance reveal that there were a whopping 84,624 cases of bank transfer fraud reported in 2018 with an astonishing £354.3million stolen.

• Already a scam that cost companies $1.63 billion in 2018, the value of digital ad fraud is set to increase by 23% in 2019, according to a study. techARC, which tracks the digital ad sector in India, reported that the country’s share of ad fraud – which covers any form of fraudulent traffic that distorts ad metrics – currently accounts for 8.7% of the world’s total.

ABOUT CIP

CIP are specialist cybersecurity and digital risk consultants, global leaders in PKI discovery and management via the Whitethorn product suite. CIP security consultants work across defence, financial services, CNI and manufacturing to address critical risk, protect hard-won assets and enable communities of trust.

To learn more about what CIP can do for your organisation, please visit CybersecIP.com

If you require more specific information or for assistance with your cybersecurity challenges, please contact Claire via info@cybersecip.com.