Infosec Round-Up Nov 19th - Hut Six
Exploit Warning, NCSC Annual Review & Fraud Compensation
This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.
NCSC Annual Review
In their annual review, the UK’s National Cyber Security Centre (NCSC) has, amongst other things, announced their support in 777 significant incidents in the last 12 months, 20% of which were related to the health sector and vaccines.
As well as highlighting one case in which they helped vaccine researchers at the University of Oxford defend against an attempted ransomware attack, the centre also removed over 50,000 online scams and more than 90,000 malicious URLs.
Beyond highlighting the achievements of the organisation, the report also warned that the threat of leaked data from ransomware attacks is “almost certain to grow”, with this tactic of ‘double extortion’ becoming “routine”.
Sir Jeremy Fleming, the Director of GCHQ noted within the report, “In the UK there was an increase in the scale and severity of ransomware attacks, targeting all sectors from businesses to public services.”
Adding, “In response, the NCSC has identified and mitigated numerous threats, whether committed by sophisticated state actors, organised criminal groups or lone offenders.”
Crypto Fraud Compensation
United States law enforcement has announced plans to liquidate around $57 million of seized cryptocurrency to provide restitution to the victims of now-defunct exchange BitConnect.
During its two years of operation BitConnect admins are believed to have made off with $2 billion in funds stolen from investors around the world, with the exchanges founder, Glen Arcaro, pleading guilty to criminal charges earlier this year.
The $57 million will be, according to the US Department of Justice, “the largest single recovery of cryptocurrency for victims to date”, allowing those impacted the chance to recoup at least some losses.
With acting U.S. Attorney Randy S. Grossman praising the work of the prosecutors and law enforcement, the Justice Department announcement noted, “As part of his plea agreement, Arcaro admitted that he earned no less than $24 million from the BitConnect fraud conspiracy, all of which, according to court documents, he has agreed to repay to defrauded investors.”
International Exploit Warning
In a joint advisory released by cybersecurity centres in the US, UK, and Australia, authorities warn of the ongoing exploitation of Microsoft Exchange ProxyShell and Fortinet vulnerabilities by Iranian-backed hackers.
In the statement, authorities said they “have observed this Iranian government-sponsored Advanced Persistent Threat (APT) group exploit Fortinet vulnerabilities since at least March 2021 and a Microsoft Exchange ProxyShell vulnerability since at least October 2021 to gain initial access to systems in advance of follow-on operations, which include [the deployment of] ransomware”.
Additionally advising that Iranian government-sponsored actors are actively targeting a broad range of victims across multiple critical infrastructure sectors, including transport and healthcare, the statement also provides advice for defending against such threats.
Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.
Security Awareness for your Organisation
Enjoyed our blog? Learn more about how Hut Six can help improve you security awareness with training and simulated phishing. Start a free trial now, or book a meeting with one of our experts.
An email security policy is a document describing how an organisation's email system should, and most importantly, should not be used.
When Human Error is found in information security, it is often avoidable errors that allow much larger consequential problems to arise.
Investing in Information Security Awareness Training - educating people against cyber threats should be considered essential for any organisation operating in 2021
How Secure is Microsoft Teams? Information Security blog by Information Security Awareness solution provider Hut Six Security
Best Ways To Ensure Enterprise Data Regulation guest blog by technivorz.com and information security awareness solution Hut Six Security.
Writing a Disaster Recovery Plan: information security planning blog by information security awareness solution provider Hut Six Security.
Security program policies blog by information security awareness training provider Hut Six Security.
Security awareness training for Cyber Essentials blog by information security awareness training provider Hut Six Security.
Information Security Awareness Training in 2021 blog by information security awareness training platform Hut Six Security
What are the best VPNs for work? - VPN review blog by security awareness training provider Hut Six Security.