InfoSec Round-Up May 14th
Pipeline Attack, Ethical Phishing & UK Cybercrime Warning
This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
US Pipeline Hacked
A US fuel pipeline had been taken down following what is reported to be a major ransomware attack.
Colonial Pipeline, the largest fuel pipeline in the United States, which supplies 45% of the east coast’s fuel, was forced to shut down their entire network and temporarily suspend operations in an effort to contain the problem. A move which has seen shortages, rising prices and panic buying.
With the FBI confirming the attack as being the work of relatively new, Russia-based crime syndicate ‘Darkside’, the group have described themselves as ‘apolitical’, as well as stating via their website that their “goal is to make money and not [create] problems for society”.
Interestingly the group also expressed something akin to regret, noting, “From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”
Colonial Pipeline has issued a statement: “In response to the cybersecurity attack on our system, we proactively took certain systems offline to contain the threat, which temporarily halted all pipeline operations, and affected some of our IT systems. To restore service, we must work to ensure that each of these systems can be brought back online safely.”
Simulated Phishing Attack Criticised
West Midlands Trains have been criticised after having sent a simulated phishing campaign which promised a one-time bonus for hard work during the pandemic.
Send to 2,500 employees of the UK rail operator, the inauthentic communication was designed to test staff security awareness, though according to union leaders was “crass” and “cynical” due to the context and content of the test.
Duping users with a message from the train operators managing director and offering a fictitious bonus as a thanks for the “huge strain placed upon a large number of [their] workforce”, some have suggested the company should in fact pay real bonuses as recompense.
Defending their actions, a spokesperson for West Midlands Trains noted that cybersecurity is a matter that they take very seriously and that the design of the email was not uncommon to real phishing attacks.
General secretary of the Transport Salaries Staffs’ Association (TSSA) union, Manuel Cortes has stated, “They could have and should have used any other pretext to test their internet security. It’s almost beyond belief that they chose to falsely offer a bonus to workers who have done so much in the fight against this virus.”
UK Cybercrime Warning
Speaking at the National Cyber Security Centre’s (NCSC) CYBERUK conference, foreign secretary Dominic Raab has issued a warning to nation states, including Russia, about the sheltering of cyber criminals.
Covering a variety of topics regarding the modern state of cyber and information security, Raab emphasised the increased importance of defending against hostile actors, specifically noting that states such as Russia “can’t just wave their hands and say it’s nothing to do with them.” Adding, “Even if it is not directly linked to the state, they have a responsibility to prosecute those gangs and individuals.”
Describing the battle against hostile actors as a “war of attrition”, the foreign secretary also announced £22 million in new funding to support cyber security efforts across the world, including work with Interpol to establish a new cyber-operations hub in Africa.
Referencing many high-profile threats to national infrastructure, including the US pipeline ransomware incident, Raab highlighted attacks on the education sector, democratic institutions and the Covid vaccination supply chain, asserting that it “seems that almost nothing is off limits for these cyber criminals.” Adding, “they want to undermine the very foundations of our democracy.”
Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
“Aggressive and Urgent” action against ransomware needed. Romance fraudster steals $113K from victim. Household router flaws leave 6 million vulnerable.
Washington DC’s Metro Police Department has lost 250GB of unencrypted data which could be leaked to criminal gangs. Reverb.com exposes personal data of millions of customers. Massive Merseyrail ransomware attack.
TikTok Data Lawsuit, Apple Attack & Spy Warning - Infosec Round-Up April 23rd
An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.
Nuclear Cyber Attack, Capcom Hack & Ransomware Food Shortage - Infosec Round-Up April 16th
When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.
Facebook Leak, Booking.com Fined & University Attacks - Infosec Round-Up April 9th
Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021
Inside Attacker, FOREX Data Leak & NCSC Warning - InfoSec Round-Up March 26th
MoD Security, $4.2B Cybercrime Loss & Hacker Teen Sentenced - InfoSec Round-Up March 19th