Hacks, Attacks, and Counters: The Cybersecurity Holiday Weekend Review

weekend review december 26 2017

Happy somewhat belated Holidays!

However you chose to celebrate your respective annual traditions, we hope it provided a much-needed break from the constant inundation of cybersecurity headlines, threats, updates, and apocalyptic warnings. Our realm is one where stress is the default state of mind, so it’s healthy to step back and take a breath. With the new year closing in fast, it may be more important now than ever.

With the work-week commencing once again, we decided to bring you up to speed on the big headlines you may have missed over the break and provide some of our own thoughts on what they might mean.

Thursday, December 22: Nissan Canada Finance Confirmed Data Breach

Nissan Canada Finance, an arm of the global automotive manufacturing enterprise, announced a data breach occurred on December 11, 2017 that compromised a yet-unspecified number of past and present customers’ information; Nissan directly emailed all 1.13 million of them about the breach before its public announcement. The information compromised included names, addresses, vehicle information, loan amounts, and credit scores. There has been no word if payment information or contact information were also at risk.

Nissan Canada Finance is offering free credit-monitoring services through TransUnion for a year to all of their customers. They are working with cybersecurity experts to determine the perpetrators and extent of the breach.

Takeaway: This headline may appear just another example in a series of hacks with far-reaching implications that occurred over the year. But it speaks to the epidemic that is occurring online: data breaches becoming more frequent with more devastating results than ever before. Emphasizing how serious the threat is to the public might be the hurdle facing vendors in 2018.   

One of the challenges in protecting our personal data is simply the ubiquity of corporations and websites that have access to it or have it filed in their databases. The same issue faces enterprises: no matter how secure your own servers are, you do still need to deal with other companies—distributors, financial services, utilities, etc.—with servers that may be much easier to breach. Enterprises and solutions providers alike will have to figure out, via software and policy, how to protect financial information and privileged credentials as they continue to operate in the digital marketplace.

Monday, December 25: Facebook Messenger Malware Mining Cryptocurrency

Endpoint security vendor Trend Micro discovered a new cryptocurrency-mining bot—nicknamed “Digimine”—that uses Facebook Messenger to spread and function. The bot is spreading throughout Southeast Asia, with the infection vector of South Korea. Digimine only affects the Chrome desktop browser version of Messenger, but via that medium it can spread the infection to the account’s contacts if the account is programmed to log-in automatically.

Bots such as this are programmed to spread to as many computers as possible to increase the hackers’ cryptocurrency yield. Trend Micro warns that the bot could be programmed to completely take control of Facebook accounts later on if the hackers so chose.

Takeaway: Enterprises need to be aware that just because their computer doesn’t seem infected with malware doesn’t mean they aren’t infected. Modern bots and spyware are designed to remain hidden, beneath the notice of traditional anti-malware software detection, and continue to plague infected servers for as long as possible. Further, even the least malicious-seeming bot or external code can be modified remotely to become a far more serious threat, which benefits from having already bypassed your security. Consulting with your solution provider or verifying that your solution provider can adequately protect your data from these new threats is the first step to practicing good digital hygiene.

Ben Canner

Leave a Reply

Your email address will not be published.