In one look.
- The LightBasin business cluster looks like a SIGINT compromising telecommunications.
- The Irish draft DPC ruling would allow Facebook to obtain user consent by contract.
- UPMC hacker gets seven years for conspiracy to defraud the US government and aggravated identity theft.
- Ransomware disrupts production at Ferrara Candy.
The LightBasin spy operation threatens the telecommunications industry.
CrowdStrike researchers have uncovered a surveillance activity, dubbed LightBasin (linked to China but not officially attributed) that has infiltrated the global telecommunications industry since 2016. The operation showcases impressive industry knowledge, emulating protocols of telecommunications in order to develop a personalized infiltration. techniques for collecting subscriber information and call metadata, information that may be of interest to signals intelligence organizations. Although the researchers do not directly attribute the operation to China, clues in the code of the tools indicate that the group has knowledge of the Chinese language. CyberScoop notes that the report follows efforts by the U.S. Central Intelligence Agency to focus on China’s capabilities in light of growing geopolitical competition. Adam Meyers, senior vice president of intelligence at CrowdStrike, points out how this operation could render traditional malware attacks useless: âThey don’t need to deploy the malware on your phone if they have the network on it. which your phone is running. ”
Facebook has given permission to bypass user consent.
UPMC tax evasion hacker convicted.
Justin Sean Johnson, the hacker responsible for stealing the private data of more than 65,000 employees at the University of Pittsburgh Medical Center (UPMC), located in the state of Pennsylvania, was sentenced to seven years in prison for conspiring to ‘defrauding the United States and aggravated identity theft. As Security Week explains, the breach fueled a tax evasion operation in which cybercriminals, Mr Johnson’s clients, demanded hundreds of thousands of dollars in illicit refunds. Johnson (also known as TheDearthStar or Dearthy Star) is also responsible for the theft of an additional 90,000 sets of tax data from other sources that generated nearly $ 2 million in fraudulent tax returns.
More stuff than candy.
Sweetcorn, universally considered the worst of all Halloween candy, is it unattractive enough to inspire a cybercrime operation just to shut down its production? DarkReading reports that corn candy maker Ferrara Candy Co. suffered a ransomware attack earlier this month that shut down some of its systems and halt manufacturing at some factories. However, fans of the waxy and tricolor tailoring don’t have to worry about All Saints’ Day; As most of the expeditions were completed before the attack, Ferrara says the attack should not impact the supply of Halloween candy. And the disruption seemed to affect production; there is no report of loss of personal data.
As it stands, the effects of a ransomware attack are worth considering. Alex Pezold, CEO of TokenEx, wrote:
âBeing locked out of your systems by ransomware can have immediate and disastrous consequences for any organization. Whether it disrupts supply chain management or prevents you from processing transactions, every second that your systems are down costs you money.
âIt’s clear that ransomware attacks and other attempted data store breaches are more frequent than ever before, so every organization needs to have a plan for what data to protect and how to protect it. As experts continue to investigate and we learn more about the specific attack methods used by hackers, we must also consider more effective defenses. Specifically, we must work to strengthen the resiliency of corporate systems and implement appropriate disaster recovery protocols so that these systems can be ârebootedâ if necessary. “
Danny Lopez, CEO of Glasswall, sees the seasonal angle:
âIt’s probably no coincidence that attackers hit a candy company’s supply chain just before Halloween – knowing full well that the urgency and demand at this time of year will increase the likelihood that they get the payment they want Ferrara, however, is not alone Ransomware attacks in all industries are on the rise.
âOrganizations must adopt robust processes for the onboarding and offshoring of employees and affiliates who may have access to key information systems. It is essential to control privileged access and monitor those who have this administrator privilege. Ensuring that multi-factor authentication is enforced wherever possible is a vital defense when user credentials end up in the public domain. This will help limit the explosion radius and in most cases defeat the data breach.
âEven though all procedures and policies are executed well, there is no denying that adversaries are constantly looking to probe for vulnerabilities and insert malware into the environment, often with the help of everyday business documents that we all use. It is vital that critical infrastructure organizations invest in cyber protection services that stay ahead of attackers by eliminating threats while allowing employees to do their vital jobs.
âAttacks like these demonstrate that a traditional approach to network security leaves organizations at risk. Zero trust security sees the world differently. No one is trustworthy by default, whether inside or outside a network. In a world where data can be held between multiple cloud providers, it is crucial to strengthen all processes related to access verification.
And, finally, Egnyte’s cybersecurity evangelist Neil Jones believes the latest incident should make ransomware preparedness urgent:
âThe recent Ferrara Candy ransomware attack, along with the JBS and Colonial Pipeline cyber attacks that preceded it, demonstrate that your organization needs to make cybersecurity a priority for conference rooms, if it isn’t already. For years, cybercriminals have attacked financial gain goals, but we are now seeing an alarming pattern of debilitating attacks on our power supply, critical infrastructure and our IP supply chain, which can have a crippling impact on the economy. American. to implement proactive data hygiene and protection behaviors, such as patching your CVEs and hardening your databases now. It could save your life. “