Cybersecurity News: Uber Hacked, White House Releases VEP Policy, Risks with Google Play, & More.
Posted on 11/26/2017
Cybersecurity News for the Week Ending 24 Nov 2017
Increased Cyber Risks for the Holidays
Black Friday and Cyber Money are fun for shoppers but also notorious for some of the largest data breaches in history. Between 2006-2014, retailers experienced breaches costing from $9.5 - $553 million over the holiday period. A wide swath of industry sectors was affected, from grocery stores, to large retail conglomerates, to liquor stores, to home supply retailers. Credit card fraud was the most common result, with hackers gaining access to millions of customer credit card details. (Advisen, 17 Nov 2017)
Uber was hacked by a ransomware attack in October 2016, but did not report it until a year later. The company paid $100,000 ransom to recover the data. The breach affected 57,000 Uber customers whose names, telephone numbers, and email addresses were compromised. Drivers’ licenses for 600,000 Uber drivers were compromised. Uber’s security chief and deputy were fired over the incident. (Media reports on 22 Nov)
Play at Your Own Risk
Google’s Play Store continues to experience malware infections. Most recently, banking trojans have been seen infecting apps on the Play Store platform. The malware injects fake banking log-in screens and collects log-in information when customers try to access their accounts. The most common is a new version of BankBot, which can also intercept SMS messages used in two-factor authentication. Mazar and Red Alert banking trojans have also been observed. (Hacker News, 20 Nov 2017)
North Korea Tells India “Thank You Very Much!”
North Korean hackers have been using Indian networks as the infrastructure to launch cybercrime attacks. North Korea has been using cybercrime to steal money to support its nuclear weapons program. Last year, the Lazarus Group stole over $80 million from the Bank of Bangladesh by compromising the SWIFT interbank transfer network. This year, they have also turned their attention to mining cryptocurrencies as another revenue source. (CyberWire and media reports, November 2017)
White House Provides Visibility into VEP
On 15 November 2017, White House Cybersecurity Coordinator Rob Joyce released the government’s new policy on publicizing information about the Vulnerabilities Equity Process (VEP). Long treated as a classified process, VEP is used to decide which hardware, software, industrial control system, and network vulnerabilities discovered by NSA and other government agencies can be released to U.S. companies and which ones remain classified for potential operational use. The VEP will be implemented by an interagency Equities Review Board under the National Security Council. NSA will serve as the VEP Executive Secretariat and will be responsible for ensuring monthly meeting agendas, information flow, and record keeping. (White House website, 15 November 2017.