A new ransomware threat, a warning for GitHub users and Apple security updates.
Welcome to Cyber Security Today. It’s Wednesday June 3rd. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
For an organization being infected with ransomware is scary. Ransomware scrambles corporate data, with the criminals demanding money to get the decryption key. But a hacking group has found a new weapon to add to it: The threat of auctioning off stolen data to other criminals. So pay up to get the decryption key or not only won’t you get access to your data, any data we also copied will be sold to others. Then you’ll look really bad to customers. One of the first victims is a Canadian agriculture services company. To convince the company the crooks really have stolen data they released a couple of documents. One is a loan application with the customer’s name, address, social insurance number and date of birth. That information can easily be used for impersonation. Organizations used to be able to protect themselves with data backups. No more. With this evolution there’s more pressure on victim firms to pay up. Ransomware has emerged as one of the biggest threats to companies and governments. The best way to fight it is by regularly training employees to slow down and think before clicking on attachments. Malicious attachments can carry ransomware. Another defence for firms to make sure employees use multifactor authentication on top of usernames and passwords for logging into systems and applications.
Bad news for software developers who use the GitHub website for open source projects: Some have been infected with malware. For those who don’t know GitHub is a place where developers can use open source tools for honing software code. Some developers also allow others to collaborate on projects in an open source process. But this week GitHub’s security team issued a warning that 26 open source projects using a development environment called Netbeans had been compromised. The malware that had been installed is called a backdoor. It would have allowed hackers to secretly get into whatever company had installed the final version of each software application and copy data. The application developers didn’t know their projects had been hacked. One problem with GitHub is some developers allow all or parts of their projects to be copied by others. If their code is infected, that spreads to other projects. So GitHub — which is now owned by Microsoft — scans code to warn of vulnerabilities. But GitHub developers also have to use security scanning tools of their own to make sure their code hasn’t been tampered with.
Police in New York City have charged a man with conspiracy to engage in computer hacking, trafficking in stolen payment card numbers and money laundering. This comes after his arrest in March after flying into the city from Ukraine carrying computers and other digital media with hundreds of thousands of stolen credit and debit card numbers. It is alleged the man was part of a gang that hacked into systems to steal data and sell it on criminal websites.
Finally, Apple device owners including those with iPads, iPhones, Mac computers, Apple TVs and Apple Watches should make sure they’re receiving security patches. A big one was released this week that plugs a big hole that can be created if users jailbreak their operating system. Jailbreaking allows users to install custom tweaks and apps not sold in the Apple store. However, they can also create security vulnerabilities. This patch also erases any jail breaking that has been done. Also recently fixed is a problem with the ‘Sign in with Apple’ capability that allows users to sign into websites with their Apple devices. Skilled owners of Android devices can also jailbreak their smart phones and tablets. It’s a dangerous activity on any platform that should be avoided.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.