Week 33 Cyberattack Digest 2018 – Cosmos Bank, Adams County, Apple and others

It is Monday again, and we are ready to give you an overlook on the latest incidents in the sphere of cyber security. As you remember, for a couple of weeks, the attention of attackers has been totally drawn to healthcare organizations, and this vector has finally changed. Let us have a closer look now.

Banks are the next target

by ETtech – 15 August 2018

An incident that exploded the internet last week took place on August 11. The heist was launched on the India’s Cosmos Bank in the city of Pune and was performed via simultaneous withdrawals across 28 countries, and the second attempt repeated on Monday. Specialists suppose that the attacker presumably used a malware injected on the automated teller machine (ATM) server. This method let the malefactor make almost 15,000 transactions in two hours. The attacker is also believed to have shifted 139 million rupees to the account of an organization located in Hong Kong by using the SWIFT global payments network. Banking expert Vishwas Utagi believes that “this is just a pilot project of the global hackers with the Cosmos Bank being a successful test run” and the case is considered an alarm to the Indian banking sector in general.

Leafminer is a new Dragonfly

by SC Media – 16 August 2018

Symantec has disclosed a Chinese cyberespionage campaign targeting Middle Eastern Government and Business Organizations recently. A hacker group known as “Leafminer” has been attacking governmental and business organizations in the Middle East since last year with the use of watering hole websites, vulnerability scans of network services on the internet, and brutefircing. “Leafminer’s interest in email data indicates that espionage is the primary motivation,” Einar Oftedal, vice president at Symantec commented. “The group is highly active and uses publicly available tools that don’t generally set off alerts, along with its own custom malware.” Specialists also noted that the group is ambitious and is eager to learn from more advanced malefactors: “Leafminer” seems to be mimicking certain Dragonfly’s techniques.

A Wisconsin clerk exposes records of 250,000 people

by SC Media – 16 August 2018

The county clerk of Adams County, Wisconsin, is reported to be the prime suspect in a data leakage that affected over 250,000 people. According to the officials, Cindy Phillippi managed to gain unauthorized access to critical computer records and released confidential data to a former employee. The actual breach was discovered last March, confirmed in June and disclosed in August. Compromised records contained personal identification information, personal health information and tax intercept information of some 258,120 people and related to the time period from Jan. 1, 2013 to March 28, 2018. “Further steps were taken to remedy the unauthorized access and there is limited access to the Adams County computer system and network. A long-term solution to prevent any future breaches is currently being examined and will be instituted as soon as feasible in light of current design and costs,” – stated the representatives of Adams County in the official press release. Also, Phillippi is going to be removed from her position.

Australian teen hacker pleads guilty

by SC Media – 16 August 2018

Not all the hackers have many years of experience, and the next case proves that. A teen from Melbourne, Australia, pleaded guilty in Children’s Court on Thursday after being arrested last year for breaching Apple’s secure computer systems multiple times. The schoolboy, whose name has not been publicly identified, presumably broke into Apple’s systems from his home and downloaded 90 GB of confidential data. Being an Apple fan, the juvenile hacker accessed authorized keys, and viewed customer accounts. The boy is said to be very well known in the international hacking community, according to his lawyer.

So, as you can see, any organization may fall victim of attackers – be it a bank, a manufacturing giant, whatever. Future hackers’ actions are hardly predictable, and the only thing to be done there is to be protected in advance. As always, follow us on Twitter, Facebook, and LinkedIn.

Do you want more?

Subscribe me to your mailing list