InfoSec Round-Up: November 15th 2020

Relationship Fraud, DoppelPaymer Attack & DWP Leak

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Laptop Maker Slammed with $17m Ransom

The Taiwanese laptop maker Compal, who builds systems for the likes of Apple, Lenovo and Dell, has announced it has been struck by ransomware syndicate DoppelPaymer and a $17m crypto ransom.

After having initially denied an attack, dismissing issues as an ‘IT abnormality’, ransom notes demanding 1,100 Bitcoins in exchange for a decryption key were leaked to Taiwanese media outlets.

Read More: 4 Essentials for Protecting Against Ransomware

Reportedly affecting over a quarter of the company’s computers, DoppelPaymer is an operation known for targeting enterprise level organisations. Often gaining access via stolen admin credentials, as well as encrypting data, the gang also frequently steal unencrypted information for further extortion.

Responsible for attacks against Newcastle University, local governments, hospitals and NASA contractors, the cybercriminals use virus themed phishing emails to bait victims into handing over confidential information.

Having yet to formally acknowledge the attack, a spokesperson for Compal Electronics has thus far only stated that “Compal is not being blackmailed by hackers as it is rumoured in the outside world”.

Lockdown Romance Scams Increase

Dyfed-Powys Police have stated that they have seen a significant rise in romance fraud during the pandemic, with victims in west Wales loosing around £1.3m since January.

Rebecca Jones, a fraud safeguarding officer, stated on the matter, “It's a case of people turning to an online relationship during that lonely period and now we're seeing the repercussions of that.”

Having recorded a significant rise in cases, the national fraud reporting centre Action Fraud details that victims of so-called ‘romance fraud’ are scammed out of an average of £10,000 each.

One victim described how after having spoken to someone online for months and having sent them money as a ‘loan’, had their “world [fall] apart” upon discovering his profile was false. The victims bank accounts were frozen following her making transfers that she later realised were aiding in the laundering of money, about which police were also informed.

Cyber Protection Officer Gareth Jordan stated on this type of fraud, “It's incredible how good these criminals are at their social engineering skills - getting the best out of people, working on that person's switches to grab them and drag them into a relationship.”

Dep for Work & Pensions Exposes Data

The UK’s Department for Work and Pensions (DWP) has been found to have exposed the personal information of around 6,000 people in a spreadsheet that was left online for over 2 years.

Containing thousands of National Insurance numbers, the personal information is thought to belong to claimants applying for disability payments.

The files, published in 2018, listed payments to professional services company Capita, which assesses people for personal independence payment (PIP).

Having alerted the UK’s data watchdog (the ICO) of the breach a DWP spokesperson stated on the matter, “Information issued in error as part of our regular transparency releases has been removed and will be replaced with revised data as soon as possible… While no one can be identified from the additional information published, we apologise for the mistake.”

Uncovered by privacy rights group Big Brother Watch, a spokesperson for the group stated  “The DWP's reckless publication of data that could identify people receiving disability welfare is a gross violation of privacy”, adding “it underlines the department's increasing appetite to hoover up and spit out welfare data without considering the reasons why they are processing it or even taking care to do so lawfully.”

Cybersecurity Deficit Falls

According to research by the International Information Systems Security Certification Consortium, ((ISC)2), the global shortage of cybersecurity professionals has fallen from around 4.07 million last year, to around 3.12 million currently.

The non-profit organisation interviewed 3970 industry professionals as part of their research, discovering that the global industry workforce has grown by around 700,000, closing the cyber security skills gap by around 23%.

Despite this positive trend, research from PricewaterhouseCoopers (PwC) suggests that over a fifth of UK businesses are planning on downsizing the cyber teams, likely in part due to the economic impact of the pandemic.

“In the UK, 42% of organisations plan to increase their headcount compared to 51% globally. However, more than a fifth (22%) of UK organisations are planning to decrease the size of their cyber security team compared to 16% globally.”

Cyber Security Strategy 2021 - PwC

Clar Rosso, CEO of (ISC)2 stated: "Overall we're seeing some very positive trends from the cybersecurity workforce reflected in this new data," adding "the response to COVID-19 by the community and their ability to help securely migrate entire organizational systems to remote work, almost overnight, has been an unprecedented success and a best-case scenario in a lot of ways."

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.