Total Elimination of MSP with 400+ SME Websites Obliterated.
Updated: Oct 10, 2018
While it has been a slow week in terms of the number of breaches, the severity of the breaches that did occur this week is nothing short of disturbing. The information exposed on the open web by ALERRT could be used with far-reaching effects…including both physical and permanent consequences. A cyber-attack conducted against a small business hosting provider in Australia also highlights a “WORST case” scenario for a breach.
We strongly encourage everyone to take note of what a company crippled by a breach looks like. When you cannot contact your customers to tell them that you have been breached, because you don’t even have a complete list of who your customers are… well, this is a good example of how damaging a breach can be.
In other news…
GDPR is inspiring others around the globe to enhance privacy and breach notification laws!
Hey T-Mobile Customers, are your photos safe?
Big Brother aka “Google” is exposing us again!
Privacy and Breach Notification Laws are Spreading Globally California has enacted a law similar to GDPR. This statute is widely regarded as one of the strongest privacy laws in the country and goes into effect in 2020, giving those who do business in the state some time to prepare for the change. The bill assures that organizations have to tell a consumer if their data is being collected, who it will be shared with, and the business purpose for collecting personal data. California is not the only place that was inspired by the implementation of GDPR. Brazil has passed a data protection bill in early June that if made into law, would prevent organizations from collecting and processing Brazilians’ data without informing users. Breaches are also covered by the bill, which requires organizations to report breaches immediately with fines up to 4% of revenue for those who don’t comply.
Hello… Photos...... Samsung users beware/ Those who have Samsung phones should be careful what they keep in their photo gallery! There are reports of Galaxy users having their photos sent to random contacts without their knowledge. This bug seems to only affect T- mobile users, but it is probably best to lean on the side of caution, considering the ramifications of sending the wrong photo to the wrong person.
Gmail has its eye on you! Google has been allowing third parties to read through people’s inboxes, according to a report by the Wall Street Journal. While the creator of Gmail has promised to stop scanning emails on their platform to curate ads, the organization has been allowing third parties to access inboxes if the user has opted into email-based tools like travel itinerary planners. These third parties are not just using AI to snoop through messages either…oftentimes employees of the organization go digging for information themselves.
THREAT FOCUS: Australia - Cyanweb Solutions – Total Devastation Event
Exploit: DDos Attack, Web server compromise, data encryption/ ransomware & data destruction.
Risk to Small Business: Extreme/Total Devastation: This is a catastrophic event impacting Cyanweb and its 400 customers that relied on them for web hosting.
Risk to Exploited Individuals: Extreme/ Total Devastation: This breach may devastate the businesses that relied on Cyanweb. This will also impact those businesses downstream customers and the employees of the impacted businesses. The goal was maximum data loss/ total devastation.
Cyanweb Solutions: Digital marketing and web provider based in Perth.
Date Occurred/Discovered: June 27th, 2018
Date Disclosed: July, 2018
Data Compromised: Only 12% of customer data survived the attack. 1200- 2500 man hours of work between the 3 employees is estimated for a full recovery.
How it was compromised: A ‘professional’ group distracted the admin with a DDoS attack while simultaneously infiltrating the server and delivering a ‘seek and destroy’ payload.
Customers Impacted: 435 accounts.
THREAT FOCUS: United States - ALERRT
Exploit: Negligence (no password required to access web server.)
Risk to Small Business: High: A breach that is a result of negligence dramatically reduces confidence in the company by consumers.
Risk to Exploited Individuals: Extreme: Compromised PII, password and correspondence that can be used to target and exploit individuals including law enforcement.
ALERRT: A federally funded active shooter training center for law enforcement.
Date Occurred/Discovered: June 2018
Date Disclosed: June 2018
Work contact information
Personal email addresses
Who has taken ALERRT courses, with feedback
Full name of those who took the course
Histories on instructors
Instructors skills and training
Names of instructors
Places where people gather such as universities and malls
Officers home addresses
85,000 emails between staff and trainees dating back to 2011 incl:
Password reset emails
The courses taken
When the courses were offered
Highly sensitive information about weaknesses in response ability
Customers Impacted: 65,000 officers, but this information could be harmful to anyone in the U.S. given how it could be used by domestic terrorists or other bad actors.
THREAT FOCUS: United Kingdom - National Health Service
Exploit: Coding error/ misconfiguration leading to privacy violation.
Risk to Small Business: High: A breach of this size that essentially mislead those who specifically requested for their health information to be kept private would shake the trust of any customer. Privacy laws, including the EU’s GDPR, will impose harsh fines and penalties for similar incidents moving forward.
Risk to Exploited Individuals: Low: the data was exposed externally and picked up by hackers.
National Health Service: The public health services in the United Kingdom.
Date Occurred/Discovered: March 2015 – June 2018
Date Disclosed: July 2nd, 2018
How it was compromised: A supplier defect that did not properly indicate that the patient’s data was to be only used for medical treatment.
Customers Impacted: 150,000
POSTSCRIPT - Cyanweb Solutions breach
Often times there is no “why”, just a “because”!
The Cyanweb Solutions breach was well organized and a caused catastrophic damage to both Cyanweb and the hundreds of customers that replied on them for hosting support. It’s nearly impossible to quantify the overall financial impact that this breach has caused.
When conducting post-breach forensics, the first question often asked is “why” – what was their motivation to destroy this small business and potentially the hundreds of small businesses that relied on them? Some times, the answer is simply “because they could”. The group conducted this takedown overwhelmed Cyanweb with a massive DDos attack ( A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer systems attack a target, such as a server, website or other network resource, and cause a denial of service for users of the targeted resource. The flood of incoming messages, connection requests or malformed data packets to the target system forces it to slow down or even crash and shut down, thereby denying service to legitimate users or systems) and while distracted, they compromised the servers, escalated their access, encrypted user data and proceeded to destroy almost everything – including backups. It did not take long for Cyanweb to discover the attack, but by the time they did, 88% of their data was permanently deleted.
This attack demonstrates how quick and devastating an attack can be on a small business. Cyanweb was a trusted provider to hundreds of organizations, yet they lacked the proper security controls to secure their customer’s data, thus breaching their fiduciary responsibility. Whether we like it or not, we have to proactively invest in cybersecurity solutions to protect the continuity of our businesses and ensure those that count on us are secured.
Regardless of the size of your business or the industry you are in, everyone is a target.
Consider this: When you think about Cyber Security think about the ones you care the most about – your family. If you have children or young adults using Smartphones, Tablets or Laptops consider their vulnerability. Do you want to put their digital selves in the hands of pedophiles, scammers and cyber criminals. The purchase of children’s digital credentials (username/password) is big business on the Dark Web. Check out our inexpensive Individual or Family monitoring service – it’s a ‘no brainer’ for your peace of mind. CLICK HERE FOR PRICING
Disclaimer: Avantia Corporate Services Pty Ltd provides the content in this publication for general information only and has compiled the content from number of sources believed to be reliable. No warranty, implied or otherwise, is given as to its accuracy or fitness for use, no validation or investigation has been performed by Avantia Corporate Services or the Author as to its accuracy or reliability. Readers should conduct their own investigation and come to their own conclusions before taking any action.