Hacks, Attacks, and Counters: The Cybersecurity Weekend Review

We’ve stated before that cybersecurity professionals are in the midst of a digital, almost invisible war with their nefarious hacker counterparts. And the trouble with war is that it rarely takes a holiday or a weekend off. The barrage is constant and ever-present. Therefore, so must our defense and preparations against breaches, leaks, and other attacks.

We’ve also mentioned the importance of staying current with cybersecurity trends and of the need for communication between InfoSec professionals, experts, and observers in order to best fortify our defenses. And in the haze of much-deserved weekend R and R or in the waterfall of social media, it can be easy to miss some of the big cybersecurity headlines—and thus easy to fall behind.

With that in mind we’ve compiled those big headlines from the weekend, along with takeaways to think about as we go through the week.

Friday, December 15: 19 Million Californian Records Held Ransom

Voter registration records for over 19 Million Californian citizens were deleted and held for ransom in Bitcoin by attackers. The hackers demanded 0.2 Bitcoin, worth about $3,500. The information was stored on an unsecured MongoDB database, and the identity of the database’s creator is unknown.

Takeaway: Most in the cybersecurity field will roll their eyes at leaving such valuable information in an unsecured database. But that may speak to a larger issue–what seems obvious to the experts isn’t translating to the public at large or even those in the halls of power. After all, whoever made this database clearly had access to the records, which means they could be part of political campaigns or political action committees—qualified individuals who still left the information digitally lying around. Surveys show that the plurality of Americans engage in dangerous cybersecurity behaviors online which renders any security network selected moot. Without some instruction or self-awareness, we could be putting ourselves at risk.  

Saturday, December 16: North Korea Attempting to Steal Bitcoin

The Lazarus Group—a hacking team with alleged ties to North Korea and famous for the 2014 Sony breach—has been conducting a spearphishing campaign against the cryptocurrency industry in an apparent attempt to steal Bitcoin, according to researchers. The hackers are using links disguised as job openings or as Microsoft Word documents with invitations to edit to download malware that would grant them remote control of employee computers. Researchers believe these attacks are ongoing, and the ties to North Korea are currently only supposition.

Takeaway: With one Bitcoin valued at over $19,000, attacks on cryptocurrency are only going to increase in the next year as hackers see a lucrative and relatively easy target. But more than that, these attacks emphasize (and for some experts are sure to confirm) the peril of insider threats. The majority of insider threats are non-malicious, stemming only from apathy and ignorance. Much like the headlines above, this highlights the need for education as part of any security solution. Without it, even the best security becomes a paper tiger.

Thursday, December 14: Visa Survey Discovers Mass Interest in Biometrics

A little before the weekend, Visa conducted a 1,000 person survey and discovered that the majority of Americans were interested in and familiar with biometrics as a more convenient and secure alternative to traditional passwords. 70% of respondents find biometrics easier than passwords. The survey also found that fewer than one-third of respondents use unique passwords for their accounts.

Takeaway: IAM and IDaaS are becoming more and more profitable and prominent in cybersecurity as the importance of securing credentials gain recognition. Visa’s findings confirm that the public is interested in the field, and they are more than willing to adapt to innovations and shake off traditional password paradigms. Despite the education gap we’ve noted above, the public is starting to demand greater identity management, which may dictate how the market evolves in the next few crucial years.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner