Deloitte Cyber Attack – “Engage in proactive messaging to the broader base of stakeholders and the public regarding what is known and not known, and what the organization is doing,” is the advice that Deloitte itself provides on how to handle the strategic and reputational risk of a major cyber breach. So far the company is keeping quiet on its own situation, reporting only six customers being affected, the information lost being minor and everyone affected having been informed within the required timelines. Whether this remains to be the case will have to be seen with the current investigation ongoing. With the current affected customer number being so low, it may be appropriate to have only informed the wider world that there has been a breach and no more information provided. However, it has been rumoured that the breach is much more widespread and consequential in what is being currently reported and information is being withheld to not compromise the investigation. The Guardian reported today that the attackers may have seized the confidential emails, IP addresses, business plans and usernames and passwords belonging to customers and governmental agencies that have business with the company. Whatever this turns into, it is the third major financial agency this month to be breached after similar incidents at Equifax and the US Securities and Exchange Commission (SEC).
Continuing the analysis of the case, the cyber security website ‘The Register’ has tonight released an update on the Deloitte case on how the company’s corporate VPN passwords, usernames and operational details have been found within a public facing GitHub-hosted repository. Also, how the login details to a company proxy server has been visible for 6 months on an employee’s Google+ page. On top of this, internal and critical systems have been found facing the public internet with remote-desktop enabled, which should in practice all be placed behind a firewall with two-factor authentication, as per the company’s own cyber security recommendations. With the breach gaining momentum and more and more researchers looking into the company’s networks, the spotlight is going to remain on Deloitte and the heat turned up for a while yet. For the latest information on the Deloitte case please see the full story on The Register (https://www.theregister.co.uk/2017/09/26/deloitte_leak_github_and_google/).
China Bans WhatsApp – With China well known for its censorship of foreign companies on home soil, it should come as no shock that it now appears that WhatsApp messenger has been largely blocked throughout the country. Struggling to survive with the Communist government banning the app from sharing video and photos earlier in the year, it seems a full block, including text messages has now been implemented. With China having a long history of blocking Western-owned web services (171 of the world’s leading websites) through its Great Firewall it is unclear how long the app will remain inaccessible. By removing access to WhatsApp it forces Chinese citizens and foreigners to use other messaging apps like WeChat that offers the Chinese government access to its customers data. With next month’s upcoming National Congress gathering, which occurs every five years to select new leaders and determine new policy, security is high and China is continuing to crackdown on censorship and access to foreign services within its borders.
US Hospital Cyber Attack Simulation – US doctors along with InfoSec experts ran a mock cyber-attack simulation exercise on US hospitals over three days in Phoenix, Arizona, with alarming results. What begun as one hospital being struck with destructive malware that crippled critical services on day one, followed by digital assaults on surrounding hospitals and a physical attack on the final day, the most deaths recorded were on the first day. With elevators not operational, HVAC systems out and refrigeration for medicines shut down, it was these secondary effects that caused patients to theoretically die whilst staff attempted to move them to other medical facilities. The whole operation was to prove that current medical devices, systems and staff are unprepared for cyber-attacks and that if a major incident was to occur, people will die as a result. They referenced the recent WannaCry attack on the NHS and that with an increasingly connected medical world, these sorts of attacks will be repeated and will cause chaos not just in the US but worldwide. A warning that will sure to go unheeded.