Data security news, newest articles today, stories, notes 2021
Hello my dear readers, today we will talk about cybersecurity in USA & all the world, i have prepared the most interesting data security news for you!
Data security news today (14.06.2021):
The Secretary of USA – Anthony Blinken has revealed some details of the upcoming talks between US President Joe Biden & Russian President Vladimir Putin.
- US President Joe Biden intends to discuss with Russian president Vladimir Putin the fight against hackers who attack companies and encrypt their data for ransom. This was announced by Secretary of USA Anthony Blinken in an interview with Fox News.
“When it comes to cyberattacks for ransom, no responsible country should provide a haven for criminal organizations that engage in such activities,” Blinken said.
At the same time, the US Secretary of State agreed with Putin that relations between the US and Russia have fallen to the worst level in recent years.
Recall that the meeting of the presidents of Russia & the USA is scheduled for June 16 in Geneva.
So, hackers removed malware from infected networks three days before the attack report was published. Last month, the specialists of the information security firm FireEye discovered a Chinese malicious campaign.
- Hackers exploited a zero-day vulnerability (CVE-2021-22893) in Pulse Secure VPN devices for hacking defense contractors and government organizations in the United States & across Europe, here’s the data security news 2021…
The UNC2630 & UNC2717 groups managed to install web shells on Pulse Secure devices & use them to move around the internal network, as well as steal credentials, emails, & confidential documents.
- But now experts have reported that at least one of the groups began removing their malware from infected networks three days before the researchers published a report on the attack. The actions of the attackers look very suspicious and raise questions about whether the hackers knew about the detection by FireEye.
Data security news today: UNC2630 may have deliberately backed off!
This seems like a simple coincidence, but UNC2630 may have deliberately backed off & removed the evidence of the attack in order to protect other operations.
- In the new report, the experts also talked about four types of malware associated with attacks on Pulse Secure. Previously, experts were able to identify only 12 types of pests.
In addition, FireEye linked both groups to the Chinese government. The attackers allegedly acted for the purpose of cyber espionage.
Data security news – 10 most high profile cyberattacks of the XXI century!
Every year, people, corporations, and entire countries suffer from hacker attacks; billions are lost, and sometimes lives are lost. We recall the ten most high-profile cyber attacks over the past 20 years and their consequences
What is a cyberattack and what is it like?
- A cyberattack — or hacker attack is a malicious interference in the company’s information system, hacking of websites and applications, personal accounts and devices.
The main goals are to benefit from the use of this data or blackmail the owners. There are entire hacker groups that break into websites, infrastructures, and services to make themselves known. Such attacks are comparable to terrorist ones.
Cyberattacks are distinguished by the method of impact:
Malware: virus programs that infect your device. They block the operation of the device or individual services, install programs for data collection and surveillance, copy and / or destroy files.
Phishing: sending messages or emails with malicious code. When you click on the link, fraudsters gain access to your personal & payment data.
- Cyberattack through an intermediary (MitM): hackers intercept data and correspondence between two people or devices. This is done using a public Wi-Fi network or malware.
Denial of service (DDoS): Hackers initiate a continuous stream of requests or visits to a site or service. As a result, it collapses and stops working.
SQL injection: Malicious code is injected into a server that processes SQL queries (Structured Query Language), i.e. queries to structured databases. Sometimes, just enter the code in the search bar.
- Zero-day vulnerability (0-day): when vulnerabilities are attacked that the developers themselves have not yet discovered and have not managed to eliminate.
DNS tunneling: a cyberattack using the DNS protocol to transmit extraneous HTTP traffic and other protocols through port 53. DNS (English Domain Name System “domain name system”) is a distributed system for obtaining information about domains: IP addresses by host name (computer or device), mail routing, etc.
This is how hackers extract data from the system and redirect it to their environment or vice versa
1.WannaCry – the most massive virus of the decade
- When: May 2017;
- Who or what was attacked: computers running Microsoft Windows.
WannaCry is a malicious ransomware program that exploited a zero-day vulnerability in various versions of Windows.
- Getting into computers, the virus encrypted all the contents, and then began to demand money for unlocking. However, it was impossible to decrypt the files.
It was first discovered in Spain, and then in other countries. Russia, Ukraine and India were the most affected. Because of WannaCry, the work of banks, government organizations, and airports has stopped.
A number of British hospitals were unable to perform emergency operations. The virus code looked too primitive and as if it wasn’t written yet.
- Therefore, there were versions that the developer accidentally released it ahead of time. This is also supported by the fact that the decryption codes did not work. It is assumed that initially WannaCry was supposed to hit all devices on Windows.
The virus was stopped by researcher Marcus Hutchins under the nickname Malwaretechblog. He noticed that before encrypting the files, the program sends a request to a non-existent domain.
Hutchins registered this domain, after which WannaCry stopped causing harm. The Lazarus Group and other groups associated with the US National Security Agency are suspected of creating the virus: data on the vulnerability was known only to the NSA.
Damage: the virus managed to infect 500 thousand computers in 150 countries around the world and cause $1 billion in damage.
2.Petya/NotPetya/ExPetr — the biggest damage from a cyberattack
- When: June 2017;
- Who or what was attacked: large corporate networks of companies and government agencies around the world
The first version of the virus appeared in March 2016, but serious cyber attacks began in 2017. Not everyone agrees that it was the same virus in both cases, but a significant part of the code did match.
There were also disputes about the name: researchers from Kaspersky Lab prefer to call the virus New Petya, NotPetya or ExPetr.
Just like WannaCry, Petya and its later versions hit computers running Microsoft Windows. They encrypted files — or rather, a database with information about all the files on the disk – & data for loading the OS. The virus then demanded a ransom in bitcoins.
- But the decryption codes did not help, but, on the contrary, destroyed all the data on the hard disk. And the data security news was this: all data is erased…… At the same time, the virus gained full control over the entire infrastructure of the company, and the protection from WannaCry against it no longer worked.
In October 2020, the US authorities accused the hacker group Sandworm, consisting of employees of the Russian State General Staff, of involvement in the NotPetya virus and other cyber attacks.
- Ukraine suffered the most from the virus. Later we came to the conclusion that it was from here that the infection began. The reason is the automatic update of the accounting program M.T.doc, which is used by most companies and government agencies in the country.
Damage: The virus has affected companies and government agencies in Europe, the United States, Australia, Russia, Ukraine, India, and China.
Among the victims are Russian companies Rosneft and Bashneft, international corporations Merck, Maersk, TNT Express, Saint – Gobain, Mondelez, Reckitt Benckiser.
- In Ukraine, more than 300 companies were affected, including Zaporizhiaoblenergo, Dneproenergo, Kiev Metro, Ukrainian mobile operators Kyivstar, LifeCell and Ukrtelecom, Auchan store, Privatbank, Boryspil airport.
10% of the memory of all computers in the country was erased. The total amount of damage caused by hackers amounted to more than $10 billion.
3.The US election is a major political scandal
- When: July 2016;
- Who or what was attacked: the servers of the Democratic National Committee (DNC) and the Democratic Congressional Committee (DCCC).
Hackers used malware to remotely control servers and transfer files, as well as monitor all user activities within the network. After the cyberattack, the hackers cleaned up all traces of their activity.
- Hackers managed to gain access to the email of Democratic presidential candidate Hillary Clinton and her team. As a result, 30 thousand emails were published on WikiLeaks, including 7.5 thousand documents sent by Clinton herself.
Many of the documents were classified and related to the terrorist attacks on the US consulate in Benghazi in 2012. The rest contained personal details of Democratic Party members and sponsors, including their credit card numbers.
American Internet security experts blamed the attacks on Russian based hacker groups called Cozy Bear and Fancy Bear.
- Damage: The story of the correspondence caused a split within the Democrats and greatly shook their positions on the eve of the election.
The scandal negatively affected Clinton’s ratings and prevented her from defeating Donald Trump in the presidential election. It also laid the foundation for Pizzagate — one of the largest conspiracy theories in the United States.
Data security news: why do people believe in conspiracy theories?
On the eve of the new American elections in 2020, a Microsoft report was released. It reports 200 election related hacking attacks. And again, Russia is named among the main culprits.
4.Hacking Facebook – the most high profile data leak from the social network
- When: 2020;
- Who or what was attacked: personal data of Facebook users.
In March 2020, the British company Comparitech reported a data leak of more than 267 million Facebook users. Most of them belong to Americans. They could have been used to send phishing links.
Facebook Instagram and LinkedIn In August 2020, experts from DarkNet Data Leakage & Breach Intelligence (DLBI) discovered the personal data of 150 million Facebook, Instagram, and LinkedIn users on the internet!
- This time, the data was stolen from a server in the United States, which belongs to the Chinese company Shenzhen Benniao Social Technology (socialarks.com). It sells advertising and promotion in social networks.
Damage: After the first leaks, the US Federal Trade Commission ordered Facebook to pay a record $ 5 billion fine. This is 20 times higher than the largest sanctions that were applied for data leaks.
The reputation of the company itself against the background of regular leaks has been greatly shaken — as well as its position on the stock exchange. Read also: Big data innovation on the it infrastructure in USA.
The most high profile hacker attacks & data leaks of the first half of 2020
In September 2020, cybercriminals hacked into the database of Vastaamo, one of the largest psychotherapy centers in Finland.
- They stole the personal data of tens of thousands of patients, including recordings of sessions with therapists. In exchange for the info, the hackers demanded a ransom of €200-540 from each patient and €450 thousand from the center itself.
The Finnish Government has called an emergency meeting with the Minister of Defense. However, the attackers were never caught, and the patient data ended up in the darknet.
5.The sensational hacking of celebrity accounts on Twitter
- When: July 2020;
- Who or what was attacked: the Twitter accounts of Bill Gates, Elon Musk, Barack Obama, Jeff Bezos, Kanye West and other famous personalities in the United States.
In the hacked profiles, the attackers, on behalf of American stars, politicians and businessmen, called for sending bitcoins to the specified crypto wallet. They promised to return each transfer in double the amount. Apple and Uber corporate accounts were also affected.
Data security news №2: chipping people – arguments for & against
As technology advances, devices are becoming more compact. The quintessence of the trend is subcutaneous microchips, which can (or will soon be able to) do everything from managing home security systems to transmitting health data.
Pros and cons of chipping people:
Discussions about the advantages and disadvantages of people using microchips, which are usually needed to track the location of luggage and pets, have been going on for a long time.
On the one hand, the advantages are obvious:
- With the help of an implanted chip, an ambulance can, without wasting precious time;
- Get important information about the patient;
- A health insurance policy, medications taken;
- Allergic reactions, blood type, etc.;
- In the future, it will even be possible to monitor the vital functions of the body and get accurate data in real time.
They already allow you to manage your bank account and smartphone, pay for purchases and transport trips, regulate the opening of doors in the office or at home, add customer gym cards or store loyalty cards. And the number of everyday tasks they solve will only increase.
- But skeptics are sure that such technologies pose a great danger to the privacy of each carrier’s data and even its security;
- What if someone hacks into your medical implant? Or get access to a bank account or passwords? Will it track all your movements?
The Ethical Dilemma of Chipping People
In 2018, it became known that mass chipping began in Sweden, and now, according to Euronews, thousands of citizens of this country are already carriers of chips.
- In August 2017, 50 employees of Three Square Market, a U.S.-based vending machine company, voluntarily implanted the devices under their skin.
Technooptimists in Russia have also picked up the trend — some even (at their own risk) install the devices themselves.
However, the first attempts began long before that, although they were isolated and more experimental in nature. The first experiments with an RFID implant were conducted in 1998 by the British scientist Kevin Warwick.
- He still holds a positive view of the possibilities of implanting chips. He also believes that fears about tracking data about the location of the device carrier are not entirely justified.
“Certain information about a person can be easily collected without any implanted microchip,” he noted in a conversation with the BBC – ” The main thing is that he always has a choice.
If a company makes it a condition of getting a job by implanting a chip under your skin, it raises serious ethical questions.”
Well, & data security news №3: subcutaneous chip: advantages and threats of mass installation
Lawyers are more categorical in their concerns and warn of the possibility of total surveillance by corporations and the exploitation of employees.
- Some regulators agree: for example, the state of Michigan has proposed a bill prohibiting the chipping of company employees without their consent. Similar conversations have been going on for a long time in other states.
Constant surveillance, according to Mikhail Batin, the founder of the Science for Life Extension Foundation, can become a particularly serious problem in totalitarian countries.
Another fear that can generally be called justified is the possibility of hackers hacking the device. Even the techno-optimist Hannes Sieblad, the founder of Bionyfiken, known for hosting special “chip parties” around the world, warns about the insecurity of data in the chip.
- “The chip is very easy to crack, so I do not advise you to put information there that you would like to keep secret,” he said in an interview with CBS.
While, however, it is not necessary to be very afraid of this, at least for one reason: a potential hacker simply will not know that you have a chip in your body.
Now the technology is used by a relatively small number of people. However, this problem will become more serious when the implantation of chips will be massive.
A dangerous virus is spreading in WhatsApp, ESET: WhatsApp users are threatened by a worm virus!
Android users should beware of malicious software that is distributed via WhatsApp. It is reported that the virus worm disguises itself as a mobile application, which is offered to download from a fake page similar to the official Google Play store.
- Cybersecurity researchers have discovered a new virus that infects users with Android based devices, according to the official ESET blog. The dangerous worm spreads through the Quick Reply auto response system.
Data security news WhatsApp:
“This malware is distributed via the victim’s WhatsApp, automatically responding to any notification in a WhatsApp message. The link leads to a fake and malicious Huawei Mobile app,” said Lukas Stefanko, a cybersecurity specialist at ESET.
Twitter user @ReBensk was the first to report the malware. Subsequently, Stefanko published a video that clearly demonstrates the infection process, which took the expert only half a minute.
Once installed on the device, the virus requests access to notifications, carrying out an attack through the quick response function in WhatsApp.
- In response to any message from the victim in the messenger chat, the infected device sends a link to a fake application that must be downloaded from a website masquerading as Google Play.
In the current version, the malicious code sends automatic responses only to the victim’s WhatsApp contacts no more than once an hour.
- The tip: if you want to know the latest data security news, pay attention to your smartphone, in particular to the whatsapp messenger…
This tactic allows you to avoid arousing suspicion for a long time from people from the contact list who are included in the mailing list.
- According to ESET experts, the new virus is mainly used to distribute advertising & fraudulent schemes for subscribing to various services. However, the potential of malware is much more dangerous.
“The detected virus could spread more dangerous threats, since the message text and the link to the malicious application come from the attacker’s server. That is, it is able to distribute banking Trojans, ransomware or spyware, ” Lukas Stefanko said.
To protect yourself, ESET experts recommend that you do not click on suspicious links, download applications only from Google Play, and use antivirus software.
- As a popular service, WhatsApp is often the target of cyber fraud and hacker attacks. Last fall, the Business Insider portal reported that in the Google Play and App Store stores, you can find a large number of applications that monitor messenger users.
These services use the WhatsApp function, which signals that the user is online. As it turned out, even from these seemingly insignificant data, you can collect a package of habits of a person if you analyze their activity over several weeks or months. Well, that’s all the data security news for today. Read also: Control computer with thoughts – Facebook new idea in the future!