Huge hack of police data, Instagram takeover of a popular surfer’s account and more
Welcome to Cyber Security Today. It’s Wednesday June 24th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com.
Police departments hold a lot of sensitive investigation data, some of which they want to share online with other departments for investigations. As a result they have to be careful about protecting reports and how they get accessed. However, a hacking site called Distributed Denial of Secrets has copied and published 270 gigabytes of data from American police and the FBI it stole from a number of law enforcement data sharing portals. Called the BlueLeaks archive, it holds years of data from 200 police departments and law enforcement information sharing centres. Security reporter Brian Krebs has confirmed the leaked data is real. It includes nearly 24 years of documents, with names, email addresses, phone numbers, bank accounts involved in investigations, pictures and other data. What this group of victim agencies had in common was they used a Texas web hosting provider called Netsential. The hosting company told an investigator that the attacker probably compromised a user’s account as well as the company’s data upload feature to get into the police data sharing portals. By now organized crime groups and possibly other countries have combed through the publicly posted data and gotten valuable intelligence on who’s being investigated. It’s another example of how hackers break into one company to get into another.
Another popular Instagram user has been the victim of a phishing scam that locked her out of her account. Australian surfing star Blaze Angel Roberts has 40,000 followers, big enough to attract the attention of a hacker. The details aren’t clear, but apparently she was tricked into clicking on a link in an email message that presumably led to a fake login page, where she entered her username and password. With control of her email the hacker was able to persuade Instagram to give them control over that account. When a user wants to reset their Instagram credentials it asks the person to send them a photo of themselves holding a code Instagram has provided. So, naturally, the hacker did that. Instagram apparently never considered that the person in the photo was a hacker. Roberts tried and failed to convince Instagram it had been suckered. This story comes from security reporter Graham Cluley. The lesson here is to enable two-factor authentication on all your email and social media accounts. That way even if a bad guy has your user name and password they need something else to verify a login. Check your accounts to see if they offer two-factor authentication, and if they do, enable it.
Criminals continue trying to scare Canadians with telephone threats. A friend got a recorded call from someone claiming to be from Services Canada that their social insurance number is about to be suspended because of suspected fraud. All you have to do is press 1 to speak to someone for more details. What they probably want is personal information like your date of birth and other things for impersonation or access to your bank Canada Revenue account. Report calls like this to the Canadian Anti-Fraud Centre.
Finally, last week Australia said government departments and companies have been under sustained attack by a sophisticated group. The Australian Cyber Security Centre says the unnamed attacker takes advantage of proof-of-concept exploits, which are potential weaknesses that have been written about but not fully developed. However, careful IT professionals reading the notice would see it says the attacker also took advantage of a number of previously published vulnerabilities that have already been patched. It underscores the importance to all organizations of patching their software as soon as security updates are released. And, the Cyber Security Centre added, multi-factor authentication has to be used on any system with remote login access.
That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cybersecurity professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.