Infosec Round-Up: July 12th 2020
Instagram Star Arrested for Cyber Crime & UK's 5G Future
Hello, I am Alex James, and this is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
UK to Review Huawei’s 5G Future
As GCHQ’s NCSC delivers new report, the UK is this week expected to review the role that Chinese technology company Huawei will play in its 5G networks.
In a matter which some thought to be settled in January, a National Cyber Security Centre review is expected to alter policy, moving forward, as to the level of involvement of Huawei in the UK’s telecommunications networks.
Having previously been granted ‘non-core’ involvement in 5G, Huawei is what some may define as a “high-risk state vendor”, and following new US sanctions, the NCSC is reported to have stated themselves unable to assure the security of Huawei products.
With reports that BT and Vodafone have been given until 2030 to extract Huawei technology from existing 5G infrastructure, how much UK policy is being guided by US political pressure is a matter of some speculation.
Digital Secretary Oliver Dowden said of the report that though no final decision has been made, the UK wished “to diversify away from these so-called high-risk vendors, of which Huawei is the principal one”. Adding, “we want to be in a position where we don't have high-risk vendors in our networks at all.”
Facing some directed criticism, Huawei’s Head of International Media, UK, Paul Harrison tweeted: "UK policy is being dictated by [the] Trump administration... shouldn't the US respect a United Kingdom in the post-Brexit era being in a position to choose its own telecommunication strategy?"
As well as this, China’s ambassador to the UK, Lui Xiaoming warned, should the tech company be banned, trust between the UK and China would likely be damaged; stating “you cannot have a golden era if you treat China as an enemy.”
All happening with the backdrop of sweeping new security laws being imposed upon formed British-owned Hong Kong by Beijing, any change of UK policy is expected to be announced by the end of July.
Instagram Star Hushpuppi Arrested for Cyber Crime
Popular social media personality Ramon Olorunwa Abbas, also knowns as Hushpuppi has been accused of plotting to launder millions of dollars in ill-gotten cyber-crime gains.
The 37-year-old Instagrammer was tracked down by the FBI, extradited from his luxury residence in the United Arab Emirates (UAE) to America and is now facing charges for a number of online scams.
With around 2.3 million online followers, Hushipuppi, also known as The Billionaire Gucci Master!! (as he called himself on Snapchat), was tracked down when law enforcement examined connections made between multiple online accounts, including Abbas’ personal Gmail address.
Accused of scamming a US bank out of £922,857, targeting an unnamed English Premier League football team and defrauding other financial institutions, Abbas flaunted his opulent lifestyle across social media channels.
Many of the crimes reportedly involve business email compromise (BEC); a form of information security attack which involves the unauthorised access to business email accounts being exploited to intercept and redirect payments and funds.
The Assistant Director in charge of the FBI's Los Angeles office, Paul Delacourt stated: “In 2019 alone, the FBI recorded $1.7 billion in losses by companies and individuals victimized through business email compromise scams, the type of scheme Mr. Abbas is charged with conducting from abroad.”
Adding, "while this arrest has effectively taken a major alleged BEC player offline, BEC scams represent the most financially costly type of scheme reported to the FBI."
The affidavit filed also alleges that Abbas conspired to launder hundreds of millions of dollars; charges which, if the defendant is found guilty of, carries a statutory maximum sentence of 20 years in federal prison.
If you are interested in finding out more about Hut Six’s information security awareness training, follow the links below to learn more about our solutions.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
Featured
Guest Blog: How to Audit Your Business for GDPR Compliance
How to Audit Your Business for GDPR Compliance with a GDPR Business audit. Hut Six Security guest blog by https://reciprocitylabs.com/.
What is a Breach of Data Protection?
What is a Breach of Data Protection? The Data Protection Act - Personal Data Breaches, Reporting and Consequences. Blog by Hut Six Security
University Hit With $1.14m Ransomware Attack
University of California Ransomware Attack: a $1.1.4m ransom has been paid following a ransomware attack on University of California's School of Medicine.
What is the Purpose of the Data Protection Act?
What is the Purpose of the Data Protection Act? Blog by information security awareness training solution provider Hut Six Security.
Top 3 Remote Work Security Lessons
Top 3 Remote Work Security Lessons: remote work security blog by information security awareness provider Hut Six Security.
Who Regulates the Data Protection Act?
Who Regulates the Data Protection Act? Data Protection Blog by Information Security Awareness Training provider Hut Six Security
NHS Email Accounts Compromised in Phishing Attack
NHS phishing attack sees email accounts compromised as part of an attack targeting a wide range of organisations Blog by Hut Six Security.
Who Enforces the Data Protection Act?
Who Enforces the Data Protection Act? Principles, Protections and Penalties. Blog by Information Security Awareness Training provider Hut Six Security.
How Secure is Your Password Process?
How Secure is your Password Process? Password security blog from Information Security Awareness Training provider Hut Six Security.
Who Does the Data Protection Act Apply To?
Who Does the Data Protection Act Apply to? Blog by Information Security Awareness Training and phishing simulator provider Hut Six Security