March 2022 NewsletterPosted By: Mark Thursday 31st March 2022 Tags: business support, computer backups, cyber attacks, Cyber Safe, Cyber Security, IT services, Newsletter, technology
This month we investigate the Lapsus$ cyber attacks, increased cyber attack warnings and crypto scams because of the Russian-Ukraine war, the EU Digital Markets Act, the latest Apple releases… and, we’ve been to Tees Expo.
Lapsus$ Cyber Attacks
We first started to notice the significance of cyber attacks by the extortion group known as Lapsus$, this month, after they claimed they had stolen 1TB of data during an attack on NVIDIA and began leaking data online after the company refused to negotiate with them.
NVIDIA Cyber Attack Steals Certificates
NVIDIA confirmed the cyber attack that saw stolen employee credentials and proprietary data including the release of code signing certificates. A code-signing certificate allows developers to digitally sign executables and drivers so that Windows and end-users can verify file ownership and see whether they have been tampered with by a third party. A compromise here can allow malware to appear trustworthy and allow malicious drivers to be loaded in Windows.
Cyber Attacks See Microsoft And Samsung Source Code Posted Online
Next on the list came leaked source code for Bing, Cortana, and other projects stolen from Microsoft’s internal Azure DevOps server. An archive containing the source code of over 250 projects was released.
Not long after, Samsung were victims of a cyber attack and confirmed that a “security breach” had occurred, related to internal company data, after Lapsus$ had posted files to Telegram.
Serious Cyber Attack Opens Up Okta Identity Breach
This was quickly followed by data releases and service disruption from cyber attacks on other companies around the world, such as Vodafone and Ubisoft, with the most significant being identity platform Okta. Cyber security experts deemed this a significantly serious breach as the company’s services are used by many other companies to manage network and application access as well as user identities.
CEO of security outfit, Bulletproof, warned: “As the gatekeeper to the networks and data of thousands of organizations, a breach at Okta would have significant consequences.” It was significant enough for online behemoth, Cloudflare, which uses Okta as an identity provider, to announce it would be resetting the Okta credentials of employees.
At time of writing, there are reports that some of the main Lapsus$ players may have been tracked down, but it’s yet another reminder of the dangers posed to businesses from cyber attacks, ransomware, malware, and other cyber security risks. Even if Lapsus$ are taken down, other threat groups will fill the void.
LaneSystems At Teesside Expo
This month, LaneSystems attended the Spring Tees Expo at Wynyard Hall and there was certainly a spring in everyone’s step.
After a gruelling period caused by the pandemic, it made all the difference to be back greeting people in person rather than via a Teams/Zoom call. The relief really was clear while having those conversations with everyone we met.
Michel, Claire and Hayley all had a lovely day meeting/greeting faces old and new, and we’re happy to say we’ll be there again at the Autumn Expo in September. We hope to see you there!
Cyber Attack Warning Over Russian Invasion
The UK’s cyber authorities are supporting calls for “increased cyber security precautions” after Joe Biden and the White House claimed they have intelligence that suggests Russia is planning to conduct cyber attacks against U.S. targets and partners across the West.
With U.S. and Europe-imposed sanctions against Russia, along with aid provided to Ukraine to defend against the invasion, the White House says it expects the Kremlin to retaliate with cyber attacks against critical infrastructure and U.S./Western interests.
Russia is seen as a cyber superpower with a serious arsenal of cyber tools, and hackers capable of disruptive and potentially destructive cyber attacks. The notorious Conti ransomware group are already reported to be a vocal supporter of the Russian offensive.
All Sectors Vulnerable To Cyber Attacks
Although Ukraine has been subjected to cyber attacks during the war, it hasn’t seen anything as significant as experts expected. But now the belief is that Russia may go on a cyber offensive against Ukraine’s allies. Companies operating critical infrastructure have been involved in security briefings, including energy, transportation, communications, healthcare, emergency services, food & agriculture, and information technology.
Take Steps To Minimise The Dangers Of Cyber Attacks
The list of steps that the White House says all US organisations should apply with urgency are also relevant to UK businesses of all sizes.
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system;
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats;
- Check with your cyber security professionals to make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors;
- Back up your data and ensure you have offline backups beyond the reach of malicious actors;
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack;
- Encrypt your data so it cannot be used if it is stolen;
- Educate your employees to common tactics that attackers will use over email or through websites, and encourage them to report if their computers or phones have shown unusual behaviour, such as unusual crashes or operating very slowly;
Crypto Scams Take Advantage Of Russia-Ukraine Conflict
Whatever is going on in the world, people are there to try take advantage of it. The war caused by the invasion of Ukraine by Russia is no exception. While many charities and organisations are legitimately raising money for the Ukrainian people affected/displaced by the conflict, cybercriminals see an opportunity to take advantage of people’s good nature.
The last couple of months has seen a deluge of scams ranging from fake charity websites, social media adverts, forum posts and email phishing campaigns looking to steal sensitive information from potential donors to Ukraine.
Cyber criminals have been targeting inboxes with more than 100,000 emails per day attempting to trick people into donating to Bitcoin or Ethereum wallets setup by the scammers.
Others have bought paid advertising on Facebook in order to run their Crypto scams by purporting to be collecting on behalf of legitimate companies, such as Crypto.com.
Many websites have been set up running fake .com or .org addresses, copying legitimate sites or using URLs that closely resemble legitimate Ukraine organisations.
CNBCTV reports that another well-known scam involves the creation of a fake cryptocurrency called the ‘world peace token’ while posing as Ukrainian government officials.
Those looking to donate can find plenty of legitimate organisations and official donation links, such as UNICEF or Doctors without Borders (Medecins Sans Frontieres).
Never donate to any cryptocurrency wallet or website address sent to them via unsolicited emails.
EU DMA Targets Big Tech
In a huge regulatory move by the EU Parliament, Council, and Commission, new rules were introduced, in the form of the Digital Markets Act (DMA), to remove anti-competitive behaviour in the tech industry. Set to target tech giants, such as Google, Amazon, Microsoft, and Apple, the aim is to force them to open up their services and platforms to other businesses.
WhatsApp, Facebook Messenger, iMessage, the App Store, Google Play, and many other services belonging to large tech firms, are under the spotlight for restricting the markets. Some examples are:
- Apple will need to allow third-party payment options on their App Store rather than users having to use Apple’s own payment system.
- Google will need to offer alternatives to Google Search, Google Maps, their Chrome browser, etc, on Android phones. Both Apple’s iPhone, and Android phone manufacturers, such as Samsung, would have to allow users to uninstall proprietary software from their phones – something which is currently unable to be done.
- Messenger services, such as WhatsApp, iMessage and Facebook Messenger will need to cooperate with any smaller third-party businesses who might request access as well as making their messaging systems interoperate with each other to allow cross-platform sending of video and other rich content.
There will also be rules set for the handling and use of customers’ personal data.
The legislation is a response to a perceived monopolistic, closed-door, behaviour of Big Tech and will only affect companies with a value of more than €75bn (£63bn), annual sales of €7.5bn and at least 45 million monthly users.
The Digital Markets Act details will be checked and finalised, then made publicly available and sent for approval by the EU Parliament and Council. After being approved, the Act will go into effect 20 days after its publication and its rules would apply six months after.
EU antitrust chief, Margrethe Vestager, said “Large gatekeeper platforms have prevented businesses and consumers from the benefit of competitive digital markets”.
“The gatekeepers will now have to comply with a well-defined set of obligations and prohibitions,”
“This regulation, together with strong competition law enforcement, will bring fairer conditions to consumers and businesses for many digital services across the EU.”
Apple Launches Latest Tech At Peek Performance Event
March saw Apple hold their “Peek Performance” virtual media event, where they unveiled an updated iPhone SE and iPad Air, alongside a new desktop machine.
The third-generation iPhone SE, labelled their cheapest new phone, features the A15 Bionic chip used in the iPhone 13 and 13 Pro, improved battery life, tougher glass, 5G connectivity, a new 12Mp wide camera system, and more, all for a starting price of £419.
The new iPad Air release features a processor upgrade to their M1 chip, as used in the iPad Pro, as well as optional 5G connectivity, a new front camera with Center Stage, and faster USB-C connectivity. Prices starting around £569.
The new Mac Studio desktop sites in a 3.7-inch tall enclosure, looking a bit like a larger, more powerful Mac Mini. The computer comes with either the M1 Max chip, as found in the 14-inch and 16-inch MacBook Pro, or the new M1 Ultra chip. It can take up to 8TB of SSD storage and up to 128GB of memory. It features a wide range of ports and connections.
The all-new Studio Display is a 27-inch, aluminium-framed, 5k Retina display, with 12Mp ultra-wide camera, 6-speaker sound system and a mic. It has up to 600 nits of brightness and supports the P3 colour gamut. Built to accompany the Mac Studio but features a plethora of connections to connect, power and charge your other devices.
March also saw the release of iOS 15.4 and iPadOS 15.4, and the macOS Monterey 12.3 operating systems. A whole new set of features and bug fixes included.