A hacking warning to schools from the FBI, email security controversy and France fines Amazon and Google.
Welcome to Cyber Security Today. It’s Friday December 11th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
Leading cybersecurity agencies in the United States including the FBI warned school boards this week they are increasingly being targeted by hackers. This comes after the Baltimore County public school system was hit by a ransomware attack late last month. It was just the latest American school board to be attacked. Ransomware gangs favour government targets because they have weaker defences than big corporations, and also because they are susceptible to pressure to pay to get back access to data, particularly confidential student data. Sometimes paying a ransom is cheaper than resurrecting infected computers. The bulletin said in August and September over half of all reported ransomware incidents involved kindergarten to Grade 12 schools. Not only are hackers using infected email phishing scams to get into school networks, the bulletin said, they are also finding weaknesses to exploit in unpatched software and remote desktop applications.
Schools and school boards are urged to install security patches as soon as possible, have reliable data backups and protect data access with two-factor authentication. For more advice see the full bulletin in the link above.
Security reporter Brian Krebs says a big American payment card processor called TSYS suffered a ransomware attack earlier this month. Since then the attackers have started publishing stolen data online. The company says no personal credit or payment card information was affected. Only administrative data was involved.
Is your organization doing enough to prevent its email domain from being copied? Is it doing enough to recognize phony email domains? These questions are being asked after a security vendor called Ironscales reported Microsoft Office365 failing to block an email spoofing campaign send from a fake “microsoft.com” domain. The messages urge recipients to log into a security portal to check so-called quarantined messages. The real goal is to capture passwords. What makes the scam convincing is the sender comes from “microsoft.com.” That shouldn’t happen. Ironscales suggests the attacker is getting away with it because Microsoft isn’t enforcing a security protocol called DMARC to prevent the creation of fake domains. DMARC authenticates an email sender’s domain. For its part Microsoft insists Office365 enforces DMARC. But it also notes end users can override the controls. Other experts note Office365 places rejected emails in the junk folder. These may be retrieved and acted on by a foolish user. One thing is sure: Employees need to be warned that it’s dangerous to log into any site after clicking on a link.
France’s data protection agency has fined Google and Amazon with fines because their French home pages put tracking cookies on people’s browsers without consent. Google and its Google Ireland unit were fined the equivalent of $120 million. Amazon was fined the equivalent of $42 million. Google and Amazon issued statements disagreeing with the regulator’s findings.
Finally, later this afternoon the Week In Review edition of this podcast will be released. It features a discussion with Dinah Davis of Arctic Wolf about significant data breaches in 2020 and lessons to be learned. Listen on your way home or over the weekend.
That’s it for now. Details about these stories can be found in the text version of this podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at cybersecurity professionals.
Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening.