InfoSec Round-Up: May 8th 2020

Play Video

Hackers Target Universities, LoveBug Virus, and Tokopedia Breach

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

This week we are looking at state-sponsored hackers targeting university research, the creator of the world’s first major computer virus and 91 million records stolen from Asian e-commerce giant Tokopedia.

Hackers Targeting Universities

The NCSC has warned of state-sponsored attempts to steal Covid-19 research from universities, describing the efforts as ‘reprehensible’.

With the stakes increasingly high for developing a vaccine or treatment, competition within the scientific research community may be at an all time peak.

The University of Oxford, for example, has already begun human vaccine trials; research which presents itself as an extremely valuable target for a variety of international interests.

A spokesperson from Oxford University stated the institution is “working closely with the NCSC to ensure [their] Covid-19 research has the best possible cybersecurity and protection.”

With no known breaches of this kind so far, the NCSC stated that the overall level of cyber-attacks against the UK has remained stable during the pandemic, despite “an increased proportion of cyber-attack related to coronavirus”

Love Bug Creator Found

The creator of one of the world’s first major computer viruses has, after twenty years of uncertainty, admitted to creating the worm which, amongst other things, caused the shutdown of UK government communications.

Onel de Guzman, created the ILOVEYOU in the year 2000 with the purpose of stealing passwords to access the internet free of charge. Once in the wild, the virus spread across the world causing up to $10 billion worth of damage.

The virus exploited users’ romantic curiosity with an attachment named "LOVE-LETTER-FOR-YOU.txt.vbs", a tactic which still proves effective for cybercriminals even now.

Now running a phone shop in the Philippines capital, Manila, Guzman admitted to creating the virus, as well as expressing his regret over the incident; thus, closing the book on one of the internets many mysteries.

Tokopedia Breach

Researchers have found cybercriminals selling the records of up to 91 million users for the Indonesian technology company Tokopedia. The company, who specialise in e-commerce was reportedly hacked in March, with email addresses, names and passwords hashes making up the stolen data.

An initial 15 million records were leaked, though these reports have been updated to include the claim a hacker is now offering the details of 91 million Tokopedia users for $5 thousand via the dark-web.

A spokesperson from the company acknowledged an investigation into the matter is being conducted, whilst adding that “Tokopedia ensures that crucial information such as passwords remains successfully protected behind encryption”.

As with the case of any hack where details are leaked, users are advised to update their passwords, especially if those passwords are being reused, and to monitor their account for any unusual activity.

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.

Security Awareness for your Organisation

Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.

Featured

Data Protection Act Responsibilities

Who is Responsible for Enforcing the Data Protection Act?

Who is Responsible for Enforcing the Data Protection Act? Information security awareness blog by Information Security training provider Hut Six Security

Hut Six Staff Snippets: Social Media and Privacy

Hut Six Staff Snippets: Social Media and Privacy - Hut Six

Priya, our Customer Success Specialist, talks about her favourite tutorial, Social Media & Privacy, which explains the dangers of social media sites and how to stay safe.

InfoSec Round-Up : April 20th - 30th

InfoSec Round-Up : April 20th - 30th - Hut Six

NCSC Campaign, Warwick University Breach, and Kinomap: InfoSec Round-Up: April 20th - 30th 2020

Data Protection Act Exemptions

Are There Any Exemptions to the Data Protection Act?

Are there any exemptions to the Dta Protection Act? Blog by Information Security Awareness Training provider Hut Six Security.

Hut Six Staff Snippets: Assessing your Risk

Hut Six Staff Snippets: Assessing your Risk - Hut Six

Simon Fraser, our Managing Director, talks about his favourite tutorial, Assessing your Risk, which explains how businesses can assess the likelihood of a security risk occurring

Tech Nation Cohort Member - Hut Six

Hut Six Announces Tech Nation Cyber Membership

Hut Six are pleased to announce membership to Tech nation Cyber, the UK's national scale-up program for all things cyber and tech. Blog by Hut Six Security.

Hut Six Staff Snippets: Encryption

Hut Six Staff Snippets: Encryption - Hut Six

Pratteek Bathula, our Product Director, talks about his favourite tutorial, Encryption, which explains the principle of encryption and how it is used to keep your information safe.

Hut Six Staff Snippets: Password Security

Hut Six Staff Snippets: Password Security - Hut Six

Technical Director Dan walks us through the password security tutorial. New video from Information Security Awareness Training Provider Hut Six Security

Data Protection Principles

How Many Data Protection Principles are There?

How Many Data Protection Principles are There? And what do they all mean? Blog by Information Security Awareness Training provider Hut Six Security

Cyber Security Breaches Survey

DCMS Releases Cyber Security Breaches Survey 2020

The Cyber Security Breaches Survey 2020 provides many insights into the current state of cyber security. Blog by Hut Six Security