InfoSec Round-Up June 25th
McAfee Found Dead, Scammer Arrest & Ransomware Recovery
This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
Phishing Scammer Arrested
The UK Police have arrested a prolific fraudster who sent more than 25,000 text messages in a day to illegally obtain banking details.
Apprehended on the 17th of June in a hotel in Manchester, the arrest followed hotel staff reporting the man for suspicious behaviour, including carrying a large number of cables around in a bag.
Impersonating the parcel delivery company Hermes, according to the police the scale of the SMS phishing operation was quite large, estimating that close to 26,000 fraudulent messages were sent on the day of the arrest alone.
Detective Inspector Mark Astbury, of GMP's City of Manchester Central division, stated on the matter: “What we have uncovered here are potentially the components of a highly sophisticated and authentic scam that I know many people not just in Greater Manchester but across the country have been potential victims of in recent weeks and months.”
Adding, “These are the very early stages of what promises to be a complex and dynamic investigation, and I would like to take the opportunity to remind the public to ensure they keep remaining alert to the daily risks that unscrupulous cyber criminals pose.”
Cyber Attack Recovery
Scotland’s Environment Protection Agency (Sepa) has announced that following a cyber attack which saw more than 4,000 files stolen late last year, IT systems will likely take years to be rebuilt.
Having been hit by the Conti ransomware syndicate on Christmas Eve of last year, the environmental watchdog refused to yield to the cyber criminal’s ransom demands, though has since spent around £800,000 on recovery.
Despite having backup systems in place, Sepa is yet to recover all its environmental data sets affected by the attack, though is now able to provide the majority of its services, including flood forecasting.
Speaking to BBC Scotland about the incident, Chief executive Terry A'Hearn explained, “We had reform aims anyway, we were going to build a new IT system progressively over five or six years.”
Adding, “This is an opportunity we didn't want provided by criminals, but we've decided to fast-track that and will build that in one or two years.”
John McAfee Found Dead
Controversial cyber security entrepreneur John McAfee has been found dead in a Barcelona prison only hours after a Spanish court ruled he would face extradition to the US.
Facing charges of tax evasion, the 75-year-old, who was born in Gloucestershire, was most notably the founder of the well-known security company McAfee, a company which sold to technology giant Intel in 2010 for over $7.6 billion.
Accused of evading taxes, concealing multiple assets, fraud, and money laundering, McAfee claimed in court that the charges against him were politically motivated.
With the Catalan justice department stating that “everything indicates” McAfee had taken his own life, days before he had tweeted “There is much sorrow in prison, disguised as hostility.”
Nishay K Sanan, McAfee's lawyer, has stated: “I am saddened to hear of the events and my prayers go out to his wife Janice.” Adding, “John was and will always be remembered as a fighter. He tried to love this country, but the U.S. Government made his existence impossible.”
Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.
When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.
Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021
How Secure is Microsoft Teams? Information Security blog by Information Security Awareness solution provider Hut Six Security
Best Ways To Ensure Enterprise Data Regulation guest blog by technivorz.com and information security awareness solution Hut Six Security.
Writing a Disaster Recovery Plan: information security planning blog by information security awareness solution provider Hut Six Security.
Security program policies blog by information security awareness training provider Hut Six Security.
Security awareness training for Cyber Essentials blog by information security awareness training provider Hut Six Security.
Information Security Awareness Training in 2021 blog by information security awareness training platform Hut Six Security
What are the best VPNs for work? - VPN review blog by security awareness training provider Hut Six Security.