InfoSec Round-Up: March 12th

Uni Cyber Attacks, Security Camera Hack & Norwegian Gov Data

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

University Cyber Attack

The University of Central Lancashire in Preston has become the third university, in the last week, to be hit with a cyber-attack.

Along with The University of the Highlands and Islands and Queen’s University in Belfast, the UK’s National Cyber Security Centre has launched an investigation, though officials are yet to confirm whether these attacks are linked.

Leaving remote-working students unable to submit work, a UCLAN spokesperson explained that the institution had “deployed a full incident response plan to evaluate the extent of the issue and to stabilise the situation”, going on to explain that systems were quickly restored, and that no data was lost.

Often targeted by criminals seeking financial gain, and by nation states looking to steal intellectual property, educational institutions are increasingly the target of information security attacks.

In a statement responding to the incident against Queen’s University, an NCSC spokesperson stated, “Universities hold valuable data which can make them a lucrative target, and the NCSC works closely with the sector to help them to improve their cyber resilience.”

Security Cameras Hacked

Up to 150,000 security cameras made by security software company Verkada, installed in schools, hospitals, and businesses around the world, have been compromised in an information security attack.

With stolen footage from inside a Tesla factory, a Florida hospital and a US school being shared online by the cyber criminals, the attack reportedly involved infiltrating the network via a “super admin” account after credentials were left vulnerable.

The attack, which was executed by an international hacker collective, appears to have been motivated by an intent to disrupt, with one attacker claiming responsibility being quoted as saying it’s “just too much fun not to do.”

A spokesperson for Verkada, the company behind the cameras stated on the incident, “We have disabled all internal administrator accounts to prevent any unauthorized access.” Adding, “Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.”

Norwegian Parliament Data Stolen

Norway’s parliament, the Storting, has fallen victim to a cyber attack involving the recently discovered Microsoft Exchange vulnerabilities.

Currently attributed to a Chinese-backed hacking group, Microsoft last week released security updates to fix four zero-day vulnerabilities which were actively exploited in many targeted attacks.

The full extent of the incident is reportedly not yet known, but the Norwegian parliament has confirmed that threat actors managed to steal data as part of the cyber-attack.

As the second attack against the parliament in 12 months, in December of last year it is believed that a Russian-backed hacking group managed to access an undisclosed number of official email accounts.

Storting director, Marianne Andreassen stated on the matter, “We know that data has been extracted, but we do not yet have a full overview of the situation.” Adding, “The situation is currently unclear, and we do not know the full potential for damage.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.