Cybersecurity News of the Week, April 11, 2021

Individuals at Risk

Cyber Privacy

Clubhouse data leak: 1.3 million scraped user records leaked online for free: So far, it seems like it’s been the worst week of the year for social media platforms in terms of data leaks, with Clubhouse seemingly joining the fray. Days after scraped data from more than a billion Facebook and LinkedIn profiles, collectively speaking, was put for sale online, it looks like now it’s Clubhouse’s turn. The upstart platform seems to have experienced the same fate, with an SQL database containing 1.3 million scraped Clubhouse user records leaked for free on a popular hacker forum. CyberNews, April 10, 2021

Are You One of the 533M People Who Got Facebooked?: Ne’er-do-wells leaked personal data — including phone numbers — for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out. KrebsOnSecurity, April 6, 2021

Cyber Defense

Acting U.S. Attorney Offers Tips for Keeping Families Safe Online: Charleston, South Carolina — Following the recent sentencing of a Cheraw man for transferring obscene material to a minor, Acting U.S. Attorney M. Rhett DeHart urges the public to take necessary precautions to keep themselves and their families safe from online predators. US Dept. of Justice, March 31, 2021

Cyber Warning

Non-Fungible Tokens: Of Course They’re Attracting Scammers: Ownership of Digital Assets Selling for Large Amounts of Bitcoin? Cue Fraudster Love. BankInfoSecurity, April 2, 2021

Cyber Humor

Information Security Management for the Organization

Cybersecurity in the C-Suite & Board

New WEF Principles for Cybersecurity Board Governance Address Expansion, Organizational Scope of Cyber Risk: Cyber risk climbs the organizational priority ladder every year, but it accelerated in a unique way with the pandemic conditions of 2020. The World Economic Forum’s newly-released principles for board governance of cybersecurity offer a base of best practices for dealing with this new reality, with a new element being a strong emphasis on organization-wide implementation of cybersecurity culture. CPO, April 6, 2021

Information Security Management

CISA Launches New Threat Detection Dashboard: Aviary is a new dashboard that works with CISA’s Solar Winds Sparrow threat detection tool. DarkReading, April 9, 2021

Post-Ransomware Response: Victim Says ‘Do the Right Thing’: If your organization, despite its best cybersecurity efforts, suffered a ransomware outbreak today, would it be well prepared to “do the right thing” with its response? BankInfoSecurity, April 8, 2021

Zero-Day Bug Impacts Problem-Plagued Cisco SOHO Routers: Cisco says it will not patch three small business router models and one VPN firewall device with critical vulnerabilities. ThreatPost, April 8, 2021

How Vulnerability Management Can Stop a Data Breach: Vulnerability management may not be the sexiest topic. But, while buzzier topics are certainly important, vulnerability management may just be the key to an effective data security strategy. According to a Ponemon Institute report, 42% of nearly 2,000 surveyed IT and security workers indicated that they had suffered a data breach in the last two years that could be blamed squarely on unpatched vulnerabilities. In this article, we’ll pull back the curtain on why vulnerability management matters and what we can do to support it. SecurityIntelligence, April 8, 2021

Supply‑chain attacks: When trust goes wrong, try hope: How can organizations tackle the growing menace of attacks that shake trust in software? WeLiveSecurity, April 7, 2021

Verizon Mobile Security Index: COVID-19 unearths new cyber threats for businesses: Nearly half (49 percent) of businesses surveyed said that changes to remote working practices made during lockdown adversely affected their cybersecurity. Verizon, April 6, 2021

Cyber Warning

Attackers Blowing Up Discord, Slack with Malware: One Discord network search turned up 20,000 virus results, researchers found. ThreatPost, April 7, 2021

Secure The Human

4 Critical Elements of Effective Security Awareness Campaigns: Data security is top-of-mind for organizations of all sizes. It’s a concern that isn’t likely to subside any time in the near future. In fact, concerns have actually heightened — morphing and evolving — as millions of employees are now working from home. This has the potential to make organizational data even more prone to data breach than before. Crafting and implementing an effective security awareness campaign can help. CPO, April 9, 2021

Cyber Update

This nasty ransomware hacks your VPN to break into your device: Cybercriminals continue to target unpatched Fortigate VPN servers. TechRadar, April 8, 2021

Cybersecurity in Society

Cyber Crime

Another Cyber Attack Affecting Water Supply: On March 27, 2019, the Post Rock Water District in Ellsworth, Kansas experienced a cyber security breach that threatened drinking water safety. The hacker was former employee Wyatt Travnichek, 22, who had worked at the plant from January 2018 until January 2019. Though Travnichek resigned, he remotely accessed one of a Post Rock Water District computer to shut down the cleaning and disinfecting procedures that make water potable. CSHub, April 9, 2021

Data from 500M LinkedIn Users Posted for Sale Online: Like the Facebook incident earlier this week, the information — including user profile IDs, email addresses and other PII — was scraped from the social-media platform. ThreatPost, April 9, 2021

What goes around comes around: hackers leak other hackers’ data online: Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity, and current balance. In addition to user data, the database exposed all compromised data traded on the website, including 623,036 payment card records issued by the banks from the USA, Canada, the UK, China, Singapore, France, Brazil, Saudi Arabia, Mexico; 498 sets of online banking account credentials and 69,592 sets of US Social Security Numbers and Canadian Social Insurance Numbers. Group-IB notified the national CERTs in the above-mentioned countries about the breach so they could take the necessary steps to mitigate the threat. Group-IB, April 8, 2021

How a VPN vulnerability allowed ransomware to disrupt two manufacturing plants: Patching in industrial settings is hard. Ransomware shutting down production is harder. ars technica, April 7, 2021

Cyber Insurance Firm Suffers Sophisticated Ransomware Cyber Attack; Data Obtained May Help Hackers Better Target Firm’s Customers: One of the largest insurance firms in the U.S. CNA Financial was reportedly hit by a “sophisticated cybersecurity attack” on March 21, 2021. The cyber attack disrupted the company’s employee and customer services for three days as the company shut down “out of an abundance of caution” to prevent further compromise. CPO, April 5, 2021

Ubiquiti All But Confirms Breach Response Iniquity: For four days this past week, Internet-of-Things giant Ubiquiti did not respond to requests for comment on a whistleblower’s allegations the company had massively downplayed a “catastrophic” two-month breach ending in January to save its stock price, and that Ubiquiti’s insinuation that a third-party was to blame was a fabrication. I was happy to add their eventual public response to the top of Tuesday’s story on the whistleblower’s claims, but their statement deserves a post of its own because it actually confirms and reinforces those claims. KrebsOnSecurity, April 4, 2021

Ransomware group targets universities in Maryland, California in new data leaks: The Clop ransomware group has posted financial documents and passport information allegedly belonging to the University of Maryland and the University of California online. ZDNet, March 30, 2021

Know Your Enemy

Ransomware cartel model didn’t fulfill potential, yet, but served as cybercrime proving ground: Counter to initial fears, researchers say the ransomware cartel formed by the Maze cybergang starting in May 2020 never hit its stride. SC Magazine, April 7, 2021

National Cybersecurity

Nation States, Cyberconflict and the Web of Profit: Today we announced the findings of a new study – Nation States, Cyberconflict and the Web of Profit – showing that nation state cyberattacks are becoming more frequent, varied and open; moving us closer to a point of ‘advanced cyberconflict’ than at any time since the inception of the internet. The research – which was conducted by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey, and sponsored by HP – highlights there has been a 100% rise in ‘significant’ nation state incidents between 2017-2020. Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35%), followed by cyberdefence (25%), media and communications (14%), government bodies and regulators (12%), and critical infrastructure (10%). ThreatResearch, April 8, 2021

Biden budget request calls for major investments in cybersecurity, emerging technologies: President Biden called for over $1.3 billion in cybersecurity funds as part of his proposed budget request sent to Congress on Friday, along with major investments in emerging technologies such as quantum computing and artificial intelligence. TheHill, April 8, 2021

Legal Structures are a Barrier to Fighting Cybercrime: In recent posts we have documented the incredible growth and impact of cybercrime and the total failure of governments around the world to address, or even truly acknowledge, their responsibility to police the issue. Internet Security Alliance, March 2, 2021

Defining success and mapping the road ahead for public-private partnership and critical infrastructure cybersecurity: Sean Atkins is a PhD candidate in security studies and international relations. His research focuses on national defense in cyberspace and cyber statecraft. He is also an active-duty US Air Force officer whose service ranges from national cyber policy development to multiple counterinsurgency operations deployments. Internet Security Alliance, February 16, 2021

Cyber Fine fined €475,000 for late reporting of data breach: Travel firm delayed reporting the breach by 22 days, exceeding the 72-hour limit. Computing, April 1, 2021

Cyber Talent

Women Are Facing an Economic Crisis & the Cybersecurity Industry Can Help: Investing in women’s cybersecurity careers can bring enormous benefits and help undo some of the significant economic damage wrought by the pandemic. DarkReading, April 9, 2021

Become A CyberGuardian

Protect your community: take the CyberGuardian Pledge, join our email list, get invited to events.

Take the Pledge