Following a chaotic end to 2020, which was a record-busting year for data breaches and security threats, January 2021 started relatively ‘quiet’, if you count 878 million records small.

When it comes to data breaches and security threats, 2020 ended on a low, with a record-busting total for data records breached and major security incidents that happened throughout the year. That’s why, despite a whopping 878 million records being breached in January 2021, it has actually seen the month pegged as a ‘quiet’ period, given the below-average rate of breaches and security incidents. That is small reassurance in the face of such big numbers, but we’re hoping it is indicative of a growing focus on quality cyber security and improvements being made by businesses and individuals. We’ll have to wait and see how 2021 pans out, but in the meantime, here are the top stories from January that you may have missed.

The SolarWinds attack remains top of the billing, as more details emerge.

In December, we reported details of the attack on SolarWinds, which saw businesses and government departments hit with a ‘back door’ into their networks. Further evidence uncovered by the US government and Microsoft has now revealed that the attack may have been running from as far back as October 2019 and that 30% of the victims of the attack actually have no direct connection to SolarWinds, highlighting that it is spreading through and out of client networks.

The end of Emotet?

You may or may not have heard of Emotet malware, but it is a prolific malware operation that led to it being dubbed the ‘most wanted’ malware in July 2020. The Emotet Botnet was originally used as a trojan horse to target the banking sector but has since evolved into an extremely advanced and effective method of spreading other malware. Last year, the bot got an update, enabling it to steal email attachments and use them to maliciously target contact lists with believable content. Now, law enforcement agencies across the globe have ‘dealt a blow’ to the Emotet operation working together to seize control of the botnet infrastructure, in a major blow to the malware. You can read all the details on the Europol Website.

As part of the seizure, a database of compromised records was also seized, and we are recommending that you check if your email address is on the list.

The end of Adobe Flashplayer

Adobe Flashplayer has long been plagued by security issues, facilitating the spread of malware and viruses across the web. Adobe has finally discontinued the software application, which was originally designed to facilitate sophisticated website applications, encouraging users to uninstall Adobe Flashplayer from their systems. They state “Uninstalling Flash Player will help to secure your system since Adobe does not intend to issue Flash Player updates or security patches after the end-of-life date.”

Adobe has issued instructions for removing the software from PCs and Macs, or you can speak to our team on 01453 700 800 and ask us to do it for you.

Hackney Council suffers an additional blow

Following the news in November that Hackney Borough Council systems had been compromised through ransomware, the Council suffered an additional blow at the start of the year, after hackers released some of the stolen files. The publication of the files includes personal details of staff and residents. While the publication was ‘limited’ and was only available to users on the dark web, it is still concerning to those affected and the potential future impact from nefarious actors.

Man arrested for ‘computer misuse’ which affected Leicestershire school

A 28-year-old man has been arrested, although not yet charged, under the computer misuse act, after Welland Park Academy in Market Harborough found wiped hard drives. Home computers and laptops being used by students for remote learning were found to have had their hard drives wiped, although there is no evidence as yet of data being stolen. A police spokesperson issued a statement saying “A man has been arrested in connection with a reported cyber attack at Welland Park School, Market Harborough. Officers received a report of a major IT outage at the school on Monday, January 18 that prevented the school from delivering remote learning and accessing material to support the children of keyworkers and vulnerable children who are attending school.”

“It was subsequently discovered that a sophisticated cyber attack had occurred which affected personal devices that connected to the school’s network. In all 92 personal devices have been affected.”

“Officers from the force’s cybercrime unit are investigating the incident and a 28-year-old man from Wellingborough has been arrested under section 1 and 3 of the Computer Misuse Act. Officers worked round the clock with the school and Microsoft to remove the threat to personal devices, which was swiftly achieved and work is continuing to restore the school’s IT capability as quickly as possible. There is currently no evidence of any data exfiltration. Officers would like to thank school staff, parents, and pupils for their support and cooperation during this investigation.”

This is a story that serves as another reminder to monitor computer user activities in your network and ensure that human intervention is not the cause of a cyber breach. Ask our team about CMDS on 01453 700 800, which helps protect your systems and prevent unauthorised activities.

Not so password smart as Mensa website hacked

An attack has been made on the Mensa website, resulting in the compromise of 18,000 member records, after failing to properly secure their website passwords. The passwords had not been encrypted or hashed, making it possible for malicious actors to unscramble them and gain access. Many of the stolen records were published online almost immediately, and the credentials of one of the Directors was used to hack the website itself, taking it offline. Read the full story

User error leads to arrest record loss

More than 150,000 arrest records have been accidentally deleted from police records as part of routine cleaning of the databases. Although they only relate to incidents in which someone was arrested and subsequently released, it may mean that police are unable to reopen investigations in light of new evidence or search for patterns and potential suspects if future incidents occur. The deleted data included fingerprints, DNA, and arrest histories. This serves as a reminder for why quality back-ups are a must, and the ability to restore data from old versions can prove essential. Read the full story…

Google Chrome updates security features to help users

Are you a Google Chrome user? The great news is that Google has announced a new feature that will help its users avoid sloppy password practice, and advise if one of your passwords has been compromised in a data breach. It is hoped that the initiative will help reduce password breaches, and particularly reduce credential stuffing where bots are used to test compromised passwords across the net, working on the assumption that people use the same password for multiple websites. The feature has already seen a 37% reduction in compromised passwords being stored in Chrome…

PWC report quantifies the impact of COVID19 on cybersecurity policies

A staggering 96% of businesses have shifted their cyber strategy due to Covid according to the annual cybersecurity outlook produced by PwC. 50% of businesses are planning to make it a part of every business decision. Read the full report here