InfoSec Round-Up: September 13th 2020

BOE tackles Cybercrime, ETERBASE Hack & Newcastle Uni Ransomware

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

This week we are taking a look at the ransomware attack against Newcastle University, Digital Point’s leaky database, the ETERBASE exchange heist and the Bank of England to address cyber-crime. 

Newcastle University Held to Ransom

Following a ransomware attack, it is reported that Newcastle University is being held to ransomware by a cyber-criminal gang using the Doppelpaymer strain of software.

The criminals have also posted a small sample of stolen files to their website, a tactic commonly used by ransomware attackers to pressure victims into paying a ransom.

Occurring on August 30^th, the university has stated that it will likely take them “several weeks” to recover from the attack, though how this will affect the impending start of the academic year remains to be seen.

This attack comes only weeks after neighbouring institution Northumbria University also announced it has fallen victim to a “cyber incident”, an increasingly common occurrence for universities and schools.

Read More: University Hit With $1.14m Ransomware Attack

In a statement, the university noted “Many IT services are not operating and will remain that way for the duration”, adding “Our teams are working with a number of agencies to address the current issues and are taking further measures to secure the IT estate.”

Digital Point Exposes 900k Users’ Data

Online researchers have discovered an exposed database containing user information belonging to around 860 thousand Digital Point users.

Digital Point, which claims to be the world’s biggest webmaster forum and marketplace for web related services, allows users to buy and sell, amongst other things, websites and marketing tools.

Originally discovered in July, the database exposed usernames, email addresses, user IDs and other internal records; information which could be utilised in a variety of information security attacks.

Discovered and secured just weeks before the random and destructive strain of malware ‘Meow Bot’ was to wipe thousands of unsecured databases across the world.

Read More: How Secure is Your Password Process?

Having fixed the issue within hours of notification of the leak, one of the researchers who discovered the security problem noted “this dataset would have been a treasure chest of information for domain hijackers.”

“One of the dangers of a non-password protected database is that it is a sitting target waiting to be stolen, encrypted, or deleted. Not only was there a potential risk to users who may be targeted via their contact information, but the entire network was exposed and vulnerable to attack.”

Crypto-Exchange Suffers $5m Heist

Cryptocurrency exchange ETERBASE has announced that it has lost approximately $5.4m in a cyber-attack that took place earlier this week.

The organisation, which describes itself as ‘Europe’s Premier Digital Asset Exchange’ made the incident public soon after the attack, whilst stressing to its users that they “have enough capital to meet all [their] obligations.”

In 2020, at least one crypto exchange has closed its virtual doors following a seismic hack, with many reporting twelve ‘major’ attacks on exchanges in 2019 alone.

In a leaked 2019 UN report, it was suggested that North Korean state actors are behind many of these attacks; stating Pyongyang “used cyber-space to launch increasingly sophisticated attacks to steal funds from financial institutions and crypto-currency exchanges to generate income”.

In the statement made on Twitter, the ETERBASE noted “We have reported the matter to law enforcement, and we are cooperating closely in the investigation. We want to assure our clients that we are taking all necessary steps to ensure that the amount of their deposit does not suffer any damage.”

Bank of England to Focus on Cyber-Crime

The Bank of England is reportedly making the security of digital transactions and the prevention of cyber-crime a top priority in coming months, following an acceleration in the trend towards cyber fraud.

Elisabeth Stheeman, a member of the Bank of England’s financial policy committee, a body which oversees the stability of financial systems, cited the surge in COVID-19 related scams as an impetus for this change.

“The reality is that online fraud and cyber-hacking of digital accounts have outstripped traditional theft of banknotes and gold… Payments have undergone rapid innovation in recent years, and the COVID-19 shock has accelerated these trends."

Coming at a time when the UK economy is increasingly dependent on cashless transactions, Stheetman also suggests that the committee will be pushing for more regular stress-testing to better understand how banks recover from online attacks.

With some estimates putting the total global costs of cybercrime at up to $575 billion, the committee member noted that this shift in focus will be vital for creating operational resilience in future crises.

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.