InfoSec Round-Up June 11th
Internet Blackout, JBS Payment & FBI Chat App
This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
Internet Blackout Explained
The major internet blackout, which affected many high-traffic websites this week, has been explained by cloud-computing company Fastly as being the result of the actions of a single unnamed customer.
Resulting in such websites as Reddit, Amazon, the Guardian, and the New York Times being unavailable for just under an hour, the problem occurred on June 8th and is reported as a bug stemming from a ‘valid customer configuration change’.
According to an official summary of the incident, the company detected the disruption in around one minute, and within 49 minutes 95% of Fastly’s network was operating as normal.
Having apologised for the disruption, Fastly, which is a service designed to speed up loading times and protect from denial-of-service (DOS) attacks, also noted that they are conducting a complete ‘post-mortem’ of the processes and practices followed during the incident.
In a statement, Senior Vice President of Engineering and Infrastructure Nick Rockwell explained: “Even though there were specific conditions that triggered this outage, we should have anticipated it. We provide mission critical services, and we treat any action that can cause service issues with the utmost sensitivity and priority.”
JBS Pays Ransom
Following up from last week’s story, the world’s largest meat processing company, JBS, has paid an $11 million ransom to help end a cyber-attack which occurred on the 31st of May.
Temporarily halting operations in Canada, the US and Australia, the Russia-based ransomware syndicate behind the attack had initially demanded $22.5 million, though following a discussion with a company specialising in ransomware negotiations, the sum was lowered to $11 million.
Though much of the company’s data was recovered via redundancies and back-ups, JBS explained that a decryption key was needed for two specific databases affected by the attack; databases which have since been restored.
In a statement, Chief Executive Officer of JBS USA Andre Nogueira noted “This was a very difficult decision to make for our company and for me personally”. Adding, “However, we felt this decision had to be made to prevent any potential risk for our customers.”
FBI Chat App
The FBI and Australia Federal Police have revealed that, in a joint law enforcement operation, they created a fake end-to-end encrypted chat platform designed to catch criminals.
The platform, known as Anom, was sold exclusively to criminals preinstalled on devices, allowing law enforcement entities to monitor over 300 crime syndicates operating in more than 100 countries.
Having examined 27 million messages collected over an 18-month period, 800 arrests were made as a result, as well as the seizure of 32 tons of drugs, 55 luxury vehicles and over $48 million in various currencies.
Dubbed Operation Trojan Shield, Europol described it as one of the largest and most sophisticated law enforcement operations to date, with participating countries including, Australia, Canada, Estonia, Finland, Hungary and the UK.
Randy Grossman, Acting US Attorney for the Southern District of California stated on the operation, “Trojan Shield has shattered any confidence the criminals may have in the use of hardened encrypted devices”.
Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
Meat Supplier JBS grinds to a halt. The ICO fines Conservatives £10K. Swedish Public Health Agency hacked.
UK's ICO fines Amex £90K for marketing emails. Japanese government responds to supply chain attack. Darkside criminal gang strike again.
Fuel supplier pays a huge $4.4 million ransomware to criminals. Russia "unconvincingly" denies involvement with SolarWinds hack. FTC reports $80 million has been lost to scams.
Devastating attack hits Colonial Pipeline fuel supplier. Company criticised for 'unethical' phishing campaign. NSCS warns international cyber criminals.
“Aggressive and Urgent” action against ransomware needed. Romance fraudster steals $113K from victim. Household router flaws leave 6 million vulnerable.
Washington DC’s Metro Police Department has lost 250GB of unencrypted data which could be leaked to criminal gangs. Reverb.com exposes personal data of millions of customers. Massive Merseyrail ransomware attack.
TikTok Data Lawsuit, Apple Attack & Spy Warning - Infosec Round-Up April 23rd
An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.
Nuclear Cyber Attack, Capcom Hack & Ransomware Food Shortage - Infosec Round-Up April 16th
When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.