Week of April 13, 2018


Week of April 13, 2018

Despacito video deleted from YouTube by hackers: How the site's most popular song ever disappeared*:

  • Despacito, the most popular YouTube video ever, has disappeared from the site.
  • A widespread hack appears to have spread across many different Vevo sites. And it doesn't appear to be the first attack by the group, who also took down Twitter accounts run by news organisations last week.
  • The cyber-attack began when the names of many of the world's most popular music videos on YouTube appeared to have their names changed.
  • The image for Despacito, for instance, showed a group of men in masks holding guns up to the camera which doesn't happen in the video.
  • A Twitter account that appears to belong to one of the hackers appeared to claim credit for the hack.
  • That could mean that the Despacito video was deleted or hidden by someone else, potentially as a way of limiting the reach of the hack.
  • Even if hackers did delete the video, it's almost certain that YouTube will be able to restore it with all of those views intact.

*Source: Independent, April 10, 2018


UK Cyber Security Division Issues Warning on PC 'Cryptojacking'*:

  • Cryptojacking - the act of hijacking a user's computer to mine crypto currencies - is likely to "become a regular source of income for website owners".
  • The technology wing of the Government Communications Headquarters, highlighted Cryptojacking as a "significant" concern in its latest "cyber threat to UK business" report.
  • The report singled out websites which mined crypto currencies without users' permission, noting that 55 percent of businesses worldwide suffered from crypto mining attacks.
  • The report noted that more than 4,000 websites secretly mined a crypto currency using a plugin for visually-impaired users.
  • The publication announced in February that it would let its readers choose between advertisements and crypto currency mining in order to access its content.
  • The report advised users to use ad blockers and anti-virus programs which include browser mining blocks to prevent their computers from being hijacked.

*Source: Coin Desk, April 10, 2018


RBI asks all payment system operators to store data in India*:

  • All payment system operators in the country will henceforth be required to store data within India to ensure safety and security of users' information.
  • The payment ecosystem in India has expanded considerably with the emergence of new payment systems, players and platforms.
  • At present "only certain" payment system operators and their outsourcing partners store the payment system data either partly or completely in the country.
  • The central bank will issue detailed instructions in this regard within one week.
  • The spotlight on data security comes at a time when social media giant Facebook has faced a global backlash over breach of user data.

*Source: Economic Times, April 06, 2018


Security warning: Your suppliers are now your weakest link*:

  • Hackers targeting business supply chains and the proliferation of destructive worms are two of the biggest cyber-threats that organisations should prepare to face in the coming year.
  • NCA have jointly produced a report on the threats cyber-attackers pose to UK business and warn that security risks are continuing to grow.
  • The report states that between October 2016 and the end of 2017, the NCSC recorded 34 significant cyber-attacks those which required a cross-government response.
  • Attackers will target the most vulnerable part of a supply chain to reach their intended victim.
  • The third parties were compromised as a stepping stone towards bigger, more lucrative targets, but still proved to be fruitful for the attackers as many were handling sensitive data.
  • It reports WannaCry and NotPetya attacks of last year, both of which were spread with the help of the worm-like capabilities of the leaked Eternal Blue SMB exploit.
  • The message to organisations is therefore a simple one: be prepared to face the threats posed by cyber attackers.

*Source: ZD Net, April 10, 2018


200,000 Cisco Network Switches Reportedly Hacked*:

  • Over 200,000 Cisco network switches worldwide were hacked apparently affecting large internet service providers and data centres across the world.
  • The vulnerability is severe enough to cause a lot of damage and implant a man-in-the-middle agent, but it doesn't look like the attacker took advantage of it.
  • About 55,000 devices were affected in the U.S. and 14,000 in China; other victims were located in Europe and India, Azari-Jahromi reports.
  • The hackers apparently reset the targeted devices, making them unavailable for reconfiguration and leaving a message that reads.
  • Cisco's Assessment: In a blog post that by using computer search engine Shodan, it discovered over 168,000 systems are potentially exposed via the Cisco Smart Install Client in 2017.
  • Exploiting Vulnerability: In an advisory on Cisco switch vulnerability issued, the Indian Computer Emergency Response Team stated multiple vulnerabilities have been reported in Cisco IOS XE.
  • Which could be exploited by a remote attacker to send a crafted packet to an affected device and gain full control also conduct denial of service condition.
  • Remediation Steps: Cisco's Biasini recommends that the simplest way to mitigate these issues is to run the command "no vstack config" on the affected device.
  • Vulnerabilities in India: India's top 10 cities and top ISPs, including Tata Communications, Khetan Cable Network Pvt. Ltd. Rack Bank Datacenters Private Ltd., Sify Ltd, Excelmedia.
  • Security Strategies: A security consultant with a global electronic automation company, is to create an "up-to-date inventory of network devices and software deployed" to help track the vulnerabilities.
  • This will enable you to assess how many of your Cisco network equipment have port 4786 open, and this process will help CISOs easily identify affected machines and take remedial actions.

*Source: Bank Info Security, April 09, 2018


Hackers abused Cisco flaw to warn Iran and Russia: "Don't mess with our elections"*:

  • The hackers claim to have targeted only the computer infrastructure in Iran and Russia during the attack.
  • The attack apparently affected 200,000 router switches across the world in a widespread attack, including 3,500 switches in our country.
  • The flaw in Cisco Smart Install Client allows attackers to run arbitrary code on vulnerable switches.
  • Kaspersky Lab added that the attack was "mostly targeting the Russian-speaking segment of the Internet, yet other segments are clearly more or less affected as well."
  • A hacker group going by "JHT" claimed responsibility for the American flag and message left on Iranian and Russian screens.
  • Some 55,000 devices were affected in the United States and 14,000 in China, and Iran’s share of affected devices was 2 percent.
  • Kaspersky pointed out that Cisco’s Smart Install does not require authentication by design and suggested mitigations for system admins.

*Source: CSO Online, April 08, 2018


Uber, FTC agree to expanded settlement after second breach*:

  • Uber Technologies Inc. has agreed to broaden its proposed settlement with the Federal Trade Commission (FTC) over its deceptive privacy and data security practices.
  • The agency had already announced the settlement last August over a previous incident when it discovered that Uber had been less than forthcoming about a second breach.
  • Uber compensated a 20-year-old Florida hacker $100,000 to destroy data taken in the hack, which exposed the personal data of 57 million drivers and passengers.
  • The payment was made through the company's bug bounty program.
  • In addition to compelling Uber to disclose certain future incidents involving consumer data, the new provisions in the proposed settlement will require Uber to disclose any future such events.
  • All reports from third-party audits of the company's privacy program and compel it to retain specified records pertaining to bug bounty reports that detail vulnerabilities related to unauthorized access, actual or potential, of consumer data.

*Source: SC Magazine, April 12, 2018


Is America’s national security Facebook and Google’s problem?*:

  • Facebook made the private data of over 87 million of its U.S. users available to the Trump campaign has stoked fears of big US-based technology companies are tracking our every move and misusing our personal data.
  • These legitimate concerns about the privacy threat these companies potentially pose must be balanced by an appreciation of the important role data-optimizing companies.
  • Although the American public and US political leaders are rightly grappling with critical issues of privacy.
  • US President has been on a rampage against Amazon, and multiple media outlets have called for the company to be broken up as a monopoly.
  • US technology companies solely in the context of fears about privacy misses the point that these companies play a far broader strategic role in America’s growing geopolitical rivalry with foreign adversaries.
  • Only companies with access to the best algorithms and the biggest and highest quality data sets will be able to glean the insights and develop the models driving innovation forward.
  • China is ensuring that individual privacy protections do not get in the way of bringing together the massive data sets Chinese companies will need to lead the world.
  • The United States should absolutely not follow China’s lead and disregard the privacy protections of our citizens.
  • America’s largest technology companies cannot and should not be dragooned to participate in America’s growing geopolitical rivalry with China.
  • America definitely needs significantly stronger regulation to foster innovation and protect privacy and civil liberties.

*Source: Tech Crunch, April 15, 2018


Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

scroll top