16 Dec 2020
Cybersecurity Newsletter
Keeping an eye on cyber news and threats
Hello everyone!
Have you all finished your Christmas shopping? I know I haven’t and It’s only 9 days away. This will be the last newsletter I publish before the new year, so I’d like to say thank you for reading so far, it has been a very interesting and also challenging year in the cybersecurity world (as it has been for everyone).
I’m sure most of us are hoping 2021 will be a better year, but there are still challenges to overcome and no doubt new ones will arise too, and the same goes for technology. Technology is always moving forward and advancing, and with that comes new challenges for cybersecurity. But don’t worry, I’ll be here to keep you up to date as usual and tell you all about how those new gadgets you got for Christmas can be used against you! I’m joking of course… or am I?
Anyway, I've given you a handful of interesting articles this week as we see the COVID-19 vaccine become the latest cyber target, Subway customers receiving phishing emails, data harvesters taking advantage of the new Cyberpunk 2077 release and Google’s recent outage.
Subway loyalty card customers receiving phishing emails
Last week, Subway customers (particularly those with a Subcard) started receiving phishing emails from what looked to be Subway itself. The phishing email contained links to a malicious software known as Trickbot, which steals personal info and can install other malware, and also used first names of the customers.
The email link refers to insurance documents that it requests the customer needs to confirm, which suggests the document was repurposed from another scam (because who insures a sandwich?). Opening the document then prompts the user to enable additional features which then installs the virus.
Subway has confirmed that their email management system had been compromised, which is how the email addresses and names were obtained, but no bank or credit card details were held on the system and no guest accounts were hacked. The system has since been locked down and remediated.
Source: BBC
Cyberattack on COVID-19 Pfizer vaccine
In the times of a global pandemic affecting millions around the world, one would hope that it would unite us into one common cause. This solidarity can be seen among many countries who all have the same interest of saving lives, but there are others that want to take advantage of our desperate fight to save lives for profit or political gain.
We have seen increasing numbers of cyber attacks against the vaccine production and distribution from threat actors including cybercrime groups wanting to steal data and make a profit by selling it back, and Nation-state supported attacks illegally accessing research and development data from vaccine manufacturers.
The promising Pfizer vaccine has been the recent victim of such attacks, with data relating to the regulatory submission of the Pfizer and BioNTech vaccine being accessed from a European Medicines Agency server. It is worth noting, however, that no Pfizer or BioNTech systems were compromised, and the distribution of the vaccine will go unaffected.
You can find more detail on this here.
Fake ‘free’ Cyberpunk 2077 downloads harvest personal data
Another hot topic this week, particularly in the gaming world, is the release of Cyberpunk 2077. This highly anticipated game has found people that can’t afford the price tag desperately trying to get their hands on a copy by attempting to find free versions of the game online, which of course is a huge opportunity for cybercriminals to capitalise on.
Malicious websites have been set up that allow you to download a fake installer that looks like the real thing, but asks you to complete a survey or a giveaway that includes asking for some of your personal data such as emails and phone numbers in order to get the license key for the game. After the survey is complete, you are given the license key and the game appears to start installing. At some point though, it stops with an error and says you need another file that is missing, providing you with another link to more survey sites.
By the time you realise that you aren’t going to be able to install the game, you’ve already offered up free information to cybercriminals.
More info here.
Google services outage
Google suffered an outage on Monday, leaving many people unable to access many of their services such as Gmail, Google Docs, YouTube and so on.
It appeared to be a profile based issue as people found they were able to access them in incognito mode, but the issue also affected Google Home users, meaning that they couldn’t control their home smart devices such as lights. Many people found themselves unable to turn their lights on and off, leading them to question their decision to use a cloud-based service to control things in the home.
The outage only lasted around 45 minutes but was long enough to cause disruption worldwide, particularly for those using Google services to work from home. It in some ways acted as a reminder about the downside of relying on one company for all your work and home needs.
The outage itself was caused by a storage quota error on their authentication servers, and all services are fully functioning again.
Source: BBC
Tip of the week – Keep your devices updated
Updates can be seen as a bit of a time-consuming disruption, particularly when your laptop needs to restart or you find that it is configuring updates when you are trying to get logged on in the morning, but they are very important for keeping you protected.
All those updates you’ve been putting off contain valuable patches to vulnerabilities in your system, and by not installing them you leave your system open for hackers.
Have you ever heard the phrase ‘Patch Tuesday, Hack Wednesday’? Patch Tuesday is the name coined for when software vendors send out updates and patches on the second Tuesday of each month. A patch is a small update to the software to mitigate an issue.
Hack Wednesday is when hackers know there has been a patch and what the patch was for, and will try and take advantage of those who haven’t installed the patch, because they know it is vulnerable. Don’t be one of those people, keep your devices updated, don’t put them off and check regularly.
Phew, quite a lot of content this week, a lot of interesting stuff has been going on! I hope you have found it as interesting as I did and haven’t fallen asleep with a half-eaten mince pie.
I won’t keep you any longer, so I’ll sign off by saying I hope you have a great Christmas and New Years (despite current restrictions), stay safe and I’ll see you in the new year, cheers!
Mike