October has concluded as the month with the second highest number of security incidents (102) this year, trailing only August which saw 112 incidents. Surprisingly, the number of breached records was comparatively “low” at just 9.9 million, although it is likely this figure will rise as the impact of different breaches are measured. What’s more, a breach at Amazon hasn’t been counted in these figures, accounting for 215 million compromised records, because the exposed records did not include customer data to make it fully identifiable, despite sharing the viewing habits of Prime members.
October was cybersecurity awareness month
In an international celebration of all things cyber, October’s cybersecurity awareness month focussed on four key strands of information:
- Enabling multi-factor authentication
- Having strong password credentials
- Running software updates and
- Recognising and reporting phishing.
Eurolink was proud to be a Champion Organisation, while major IT brands and operators got into the swing of publishing useful resources to help businesses upskill their teams. Stay Safe Online, who organise the awareness month, published useful resources and videos (see videos below), while Microsoft released its #BeCyberSmart guide and also their Cyber Signals Report, highlighting trends in the ransomware landscape. CybRisk released their behaviours and attitudes report looking at the impact of the human factor in cyber risk. We were also proud to launch our very first Cyber Snapshot, a monthly newsletter rounding up the most important stories of the month to support our clients with improving their defences (see image). Please contact us if you would like to receive a copy of the email.
Meta identifies over 400 apps designed to steal your login data
Meta published a report at the beginning of October, highlighting the increasing number of “dud” apps that don’t work particularly well before or after login, but ultimately exist to steal your Meta login details. As a result, the social media giant is working with Apple and Google to get the apps removed, as well as notifying more than 1million users of their potential password compromise. Commonly, the apps are disguised as something useful or entertaining, such as photo editing apps, VPN services, horoscopes, fitness trackers and games. The report also warns users that while “use Facebook login” is usually a legitimate sign-in method, users should be cautious if it is the only method of login, or if the app has other signs of poor quality. As a precaution, Meta recommends that users change their password regularly, enable their two-factor authentication system, and turn on the login alerts which notify users should anyone try to access the account. Read the full report +
Canadian Research highlights vulnerabilities for SMEs
The Small and Medium Sized Businesses Vulnerabilities Report considers the IT and cyber vulnerabilities of responding SMB businesses, including 3,200 in Canada and 16,175 across the US. While not inclusive of data from the UK, the industry and profile of these businesses is comparable to our own shores, highlighting some of the worrying vulnerabilities that exist in small enterprises. According to the data, 8 in 10 SME businesses are at risk from an attack, and there is little to no knowledge or mitigation of three key vulnerabilities:
- Spoofing attacks: in a spoofing attack, hackers closely mimic a business, making it look like a legitimate source and using the business’s profile to elicit sensitive information. It is all about fooling the user into providing their own access. Of those surveyed, 82% are at risk from spoofing attacks.
- Clickjacking: clickjacking happens when hackers are able to exploit website vulnerabilities and use it to insert additional content within a website’s content. The purpose is to hijack or replace part of the web page, and use it to capture data through corrupted text boxes or forms, so that they can gain access and install malware. 64% are at risk of this type of attack.
- Session riding: if hackers have gained some sort of access to your system, or have captured your attention with a rogue site, session riding happens after you are already authenticated, but before you have completed your activities. Hackers send a legitimate request such as “input password” or “change password” enabling the hacker to capture your data and use it for onward hacking. Typical uses include stealing data or installing ransomware.
Prosecution highlights your risk from employees
A 40-year-old man from Hawaii faces up to 10 years in prison after admitting that he duped his employer into thinking there was a cyber attack, in order to elicit kudos and a pay rise. He deliberately sabotaged his employer’s IT systems, misdirecting email traffic and preventing website access, as well as locking the domain registrar details to prevent the issue being rectified. His intention appeared to be recognition and a salary increase, as he left the problem for several days before changing the settings back. This is why user access policies and activity tracking can prove vital in protecting your business. Read the full story +
Fashion retailer Zoetop that operates the Shein brand, fined $1.9million over data breach response
Personally identifiable data, including the login details of 39 million Shein customers, were stolen back in 2018 after parent company Zoetop was targetted by hackers. Now, following extensive investigation, the parent brand has been fined $1.9million for failing to properly safeguard customer data, and for lying about the extent of the breach, as well as only contacting a handful of customers.
WhatsApp down for two hours
Meta owned messaging app WhatsApp went down for approximately 2 hours on 25 October, affecting all of its two billion users. More than 12,000 outage reports were submitted in the first half an hour, but was quickly rectified by the parent company. WhatsApp declined to explain the cause of the outage.
Luxury car brand Ferrari was hacked at the beginning of October with hackers releasing 7GB of data for sale and claiming they have obtained internal documents, datasheets, repair manuals, and other information.
Australian breaches continue
Just weeks after the breach at telecoms operator Optus, the breaches keep on coming for Australia. The top story was breaking news that Optus’ main rival Telstra was the latest victim, with a breach that impacted past and present employee data of some 30,000 employee contacts.
Other things that might interest you