Basic security steps to foil cyberattacks, global data centre company hit with ransomware and watch for fake Facebook login warnings.
Welcome to Cyber Security Today. It’s Friday September 11th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Another report from experts says organizations can do a lot to prevent successful cyberattacks with basic security procedures. This latest report comes from a North American cybersecurity insurance provider called Coalition, which this week released an analysis of claims it received in the first half of the year. By its calculation cybersecurity losses by organizations are increasing in frequency and severity compared to 2019. And the year isn’t over. The biggest number of claims — 41 per cent — came from victims of ransomware. What can organizations do to lower the odds of being hacked? Five things, says the report: Make sure the firm has secure data backups, implements basic email security procedures, has an anti-phishing solution, verifies transfers of money are legitimate, makes staff use a password manager and — I hate to be repetitive — add multi-factor authentication for all log-ins.
Equinix, a California-based company that rents out space to organizations in its data centres around the world, has acknowledged some of its internal systems were hit by ransomware. Most customers have their own servers in Equinix data centres and their systems were not impacted. According to the news site Bleeping Computer extortionists are asking $4.5 million in bitcoin to get keys to unlock scrambled data and get back data they copied. To prove the threat is real the hackers have posted a screenshot of what is supposed to be some of the Equinix data folders.
Security researcher Bob Diachenko has found another company whose employees left sensitive data exposed to the Internet. The company is Razer, which makes laptops and computer peripherals for avid gamers. As often the case the problem was an Elasticsearch cluster, a specialized search engine companies use to collect and analyze chunks of data on all their servers. Any employee collecting data with Elasticsearch has to be careful the new store of information won’t be open to anyone on the Internet. Diachenko thinks information on 100,000 people was included in the data he came across. As he points out, in the wrong hands customer information can be use for phishing messages that lead to fraud and theft. He alerted the company, but it took three weeks for Razer to take the database offline. Apparently, Diachenko said, the complaint fell into the hands of non-technical support managers before getting to the right person. Here’s a lesson to all organizations: You must have a process to quickly handle security-related complaints.
Many email and social media providers keep track of the devices you log in on for security reasons. For example, if you always log in with the same laptop, the service detects and stores that information. Then if a hacker gets your password and tries to log in from an unfamiliar computer or smart phone, the service emails you a notice. Something like, ‘A user just logged into your account from a new device. If this was you, ignore this notice.’ But someone is creating fake Facebook notices in some sort of scam. British-based security reporter Graham Cluley recently came across the evidence. One of his readers got what appeared to be an official Facebook notice, which included two options to click on: ‘Yes it’s me’ and ‘Report the user.’ Interestingly, clicking on either button made a list of email addresses pop up. It seems the scammer made a mistake. Presumably the scam was supposed to lead to a fake Facebook page where the victim might have been asked to log in, thus giving away their Facebook password. The lesson here is be careful with warning messages. Check the email header to verify the sender before clicking on any link or button and entering login information.
Finally, the Canadian government’s Centre for Cyber Security warns IT departments that a number of major tech companies have recently issued security updates for their products. These include IBM, Siemens, Schneider Electric, SAP, Citirx, Intel and Adobe. Make sure you know about these patches and install them as soon as you can. And Palo Alto Networks has issued fixes for the PAN-OS operating system in its next-generation firewalls.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.