Tag Archive for: Actions

Alastair MacGibbon: Optus hack victims told to check for criminal actions by cyber security expert

/in


A cyber-security expert says Optus customers need to watch out for criminals impersonating them online after hackers potentially stole personal details from the entire telco’s client database.

Thursday’s massive cyber breach allowed hackers to access personal details, such as passport and drivers licence numbers, email and home addresses, dates of birth and telephone numbers, of around 10 million Australians. 

Alastair MacGibbon, who is chief strategy officer at cyber-security firm CyberCX and a former advisor to the prime minister, says Optus customers should beware.   

Chief strategy officer at cyber-security firm CberCX Alastair MacGibbon has warned Optus customers they could be impersonated by criminals

Chief strategy officer at cyber-security firm CberCX Alastair MacGibbon has warned Optus customers they could be impersonated by criminals

‘Personal information has been stolen,’ he told the ABC.  

‘A lot of personal information for several million people and slightly less information for about 6 million more.

‘They should be looking for whether criminals are mimicking them, or stealing their identity, trying to obtain credit in their name … etc.’

He said Optus could guard the interests of their customers is by paying for credit monitoring.  

‘That way you will be monitored by credit monitoring services if someone has been using your name and other details to obtain credit,’ Mr MacGibbon said.

It comes after a cyber-security expert warned Optus customers that they need to watch out for criminals impersonating them online after hackers potentially stole personal details from the entire telco's client database

 Nearly 10 million Optus customers have had their personal details stolen in what is believed to be one of the biggest cyber attacks in Australian history

The cyber expert warned the personal information gathered by a large organisation was ‘potentially valuable for criminals’. 

‘If you collect a lot of information it is more valuable so any company that collects a lot of information is at risk of this type of incident occurring,’ he said.

‘It appears this is about customer data being stolen.’ 

Mr MacGibbon said the breach was ‘pretty significant by Australian standards’.  

‘My understanding is that it is about 9 million people that have been impacted so I am going to say that’s probably the Optus database, which is very significant,’ he said.

‘This size is rare but not completely unlikely in a place like Australia.’ 

Mr MacGibbon said that the Optus breach might not be the work of a sophisticated group…

Source…

Ransomware Crisis: 11 Actions to Secure Critical Infrastructure

/in


Why Securing our Critical Infrastructure Matters

Operational Technology (OT) remains a key, but vulnerable, technology for organizations with critical infrastructure. The U.S. Government has defined critical infrastructure as those “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”

OT systems are crucial components in producing and delivering many of the resources that we rely on daily, such as clean water, fuel, and electricity. Other Industrial Control Systems (ICS) are fundamental to necessary services such as traffic light systems, automotive plants, and waste management facilities. Despite the societal importance and reliability of these systems, OT infrastructure remains insecure and vulnerable to cyberattacks that can cause physical harm to the public or interrupt the delivery of critical services.

Organizations operating critical infrastructure can mitigate the impact of security incidents and increase the resiliency of their OT infrastructure by following some key components of basic cybersecurity hygiene.

The Colonial Pipeline Ransomware Attack

Colonial Pipeline is a fuel pipeline company located just north of Atlanta, Georgia responsible for providing approximately 45 percent of the gasoline supply to the east coast of the United States.

On May 9, 2021, Colonial Pipeline released a statement acknowledging that they were a victim of data theft and ransomware attacks affecting their IT environment. Multiple news outlets reported that on May 7, the hacker group being called “Darkside” infiltrated the Colonial Pipeline network and stole over 100 gigabytes of proprietary data.

Upon confirming the May 7 incident was a ransomware attack, Colonial Pipeline immediately shut down a portion of its systems and remained offline until May 12 to both contain the attack and to protect the safety and security of its pipelines and the safety of the general public. Colonial Pipeline has engaged law enforcement…

Source…

FBI, Microsoft Strikes Against Hackers Are Harbinger Of More Pre-Emptive Actions

/in


First the FBI. Now Microsoft.

A day after the FBI revealed last week that it had pre-emptively disrupted a Russian-government backed botnet, Microsoft revealed that it had proactively thwarted an attempt by Russian hackers to attack Ukrainian entities.

James Morrison, who spent 22 years with the FBI as a senior computer scientist focused on cybersecurity, cybercrime and ransomware and is now CISO at Spring, Texas-based Ntirety, said he believes that the FBI and Microsoft’s aggressive actions are a harbinger of more pre-emptive strikes to come amid the ongoing war between Russia and Ukraine and heightened concerns over cybersecurity in general.

[RELATED: Huntress CEO On FBI Disrupting Russian Hackers: ‘I’m Pumped’]

“It’s not a coincidence,” said Morrison, adding, however, that he’s not saying the FBI and Microsoft collaborated behind the scenes on their separate actions against Russian cyberintruders.

Instead, he said, the actions are more a sign of the tense times—with increasing global cyberattacks and threats against government agencies and private institutions alike. Indeed, he noted that cyberattacks have increased by 800 percent since the start of the Russian-Ukrainian war, based on data from the FBI and Homeland Security.

As for Microsoft’s recent action against Russian hackers, he said it’s a “good thing” for cybersecurity in general. But he said a “little caution” is in order because such strikes must be legally permissible in each case.

In a blog entry posted late Thursday, Tom Burt, a Microsoft corporate vice president, customer security and trust, stressed that Microsoft obtained a court order before it moved against the Russian group, known as Strontium, which has been linked to Russian intelligence services.

In his blog post, Burt said that Strontium, which Microsoft has been tracking “for years,” was attempting to seize control of seven internet domains to launch attacks against Ukrainian institutions, including media organizations.

“[Strontium] was also targeting government institutions and think tanks in the United States and the European Union involved in foreign policy,” Burt wrote.

“We believe…

Source…

Three critical cyber security actions companies should take as employees continue remote work long-term – Jacksonville Business Journal

/in

Three critical cyber security actions companies should take as employees continue remote work long-term  Jacksonville Business Journal
“computer security news” – read more