Cyber News and Threats – 12th May 2017
Here are some of the latest updates on cyber threats and news that we’ve picked up in the last couple of weeks, including the NCSC weekly update for 12 May. All updates are open source and links given:
- US restaurant chain payment process system compromised – A US restaurant chain, Chipotle Mexican Grill, recently announced that unauthorised activity had been detected on its payment processing network.
- En Marche phishing attack – Thousands of internal En Marche party documents apparently obtained from a cyber attack were published on the internet on 5 May a few hours before the French campaign blackout deadline, meaning that neither Macron nor his rivals could respond substantively.
- The main news this week was the Intel AMT and Windows zero- days, but in addition Microsoft’s regularly scheduled updates fell this week with updates, many rated critical, for all supported versions of Windows and Microsoft Server products, as well as updates for Edge, IE, .Net Framework and MS Office.
- Cisco have released a number of updates for various of their products (Aironet, TelePresence, WebEx Meetings Server, Finesse, Unity, ASA, CallManager, CVR100W Wireless-N VPN Routers, etc.) that could variously allow execution of arbitrary code, obtaining of sensitive information or causing the target system to reload or crash.
- Elsewhere IBM fixed an unspecified flaw in WebSphere, HPE fixed multiple bugs in their Network Automation product, CA Client Automation suffers from a flaw that could allow local users to view passwords, Brocade has updates for Fabric OS and NetIron to fix and elevation or privilege bug and a bug that could cause the target to reload. QNAP released a fix for their NAS devices to address an unspecified flaw that could allow for remote code execution.
For the full text of the NCSC weekly Threat Report please go to: https://www.ncsc.gov.uk/report/weekly-threat-report-12th-may-2017
And in other news online:
NHS services in England and Scotland hit by global cyber-attack – The NHS has been hit as part of a global cyber-attack that threw hospitals and businesses in the UK and around the world into chaos. The unprecedented attacks appeared to have been carried out by hackers using a tool stolen from the National Security Agency (NSA) in the US. They affected as many as 74 countries and at least 16 NHS trusts in the UK, compromising IT systems that underpin patient safety. Staff across the NHS were locked out of their computers and trusts had to divert emergency patients. https://www.theguardian.com/society/2017/may/12/hospitals-across-england-hit-by-large-scale-cyber-attack
Scotland among top in UK in awareness of cyber crime – A new poll found Scots scored slightly higher than the UK average for awareness of cyber crime and data fraud. The Barclays digital safety index, based on the ability of 6,000 adults across the UK to protect data, devices and accounts as well as to spot digital threats. http://www.insider.co.uk/news/scotland-among-top-uk-awareness-10384619
NCSC programme to test alternatives to passwords – The National Cyber Security Centre has called on public sector organisations to join a repeat of its Secure by Default Partnership Programme, aimed at promoting best practice in reducing the reliance on passwords. The government cyber security body said the programme will not be limited to a specific technology but there will be a preference for open standards. It wants participants that handle information classified at OFFICIAL level to come up with equally or more secure alternatives to using passwords for IT security. http://www.ukauthority.com/cyber-resilience/entry/7109/ncsc-programme-to-test-alternatives-to-passwords
Personal data of millions put at risk by councils with no disaster recovery plan – The personal data held by local authorities for over 3.5m people in the UK is not protected by a Disaster Recovery (DR) plan, according to research published by storage solutions provider FalconStor Software. The lack of a DR plan could mean that should councils be affected by a cyber attack, equipment failure or human error, personal data could be permanently lost or fall into criminal hands. https://goo.gl/fP7F13
UK businesses concerned about cyber-risks linked to smart energy tech – The latest PwC B2B Energy Survey found that 65 percent of UK businesses are significantly concerned about the issue of cyber-risks and over half (51 percent) are worried that their client data isn’t handled with enough security by their energy supplier. https://www.scmagazineuk.com/uk-businesses-concerned-about-cyber-risks-linked-to-smart-energy-tech/article/655567/
AllPay gets UK government cyber protection certificate – The UK’s leading payment specialist has been certified by Cyber Essential Plus. Cyber Essentials is a Government-supported and industry-backed scheme which aims to verify that organisations have the appropriate security protocols in place to stave off a cyber-attack. https://www.finextra.com/pressarticle/69147/allpay-gets-uk-government-cyber-protection-certificate
Why the UK’s SMEs need protection against cyber threats – Cyber threats are one of the most common risks facing SMEs, a trend that is only likely to grow in the future. While SME decision-makers may believe they are below the threat radar, government figures show that a quarter of all businesses detected one or more cyber security breaches in the last 12 months. http://www.smeweb.com/2017/05/08/uks-smes-need-protection-cyber-threats/