Cyber security weekly summary 17 - 23 April

During the last week, two potentially serious personal data breaches were uncovered. The first incident concerned new information about last December's data breach which has reportedly affected guests of 12 American hotels within the InterContinental Hotels Group (IHG). A recent statement on the IHG website, however, clearly indicates that the incident was much graver, as signs of the malware which was designed to steal guests credit card data were found in many more locations (IHG encompasses many major hotel brands such as Holiday Inn, InterContinental and Crowne Plaza). Based on the analysis of the look-up tool, which IHG placed on its web, it can be estimated, that more than 1100 properties (mainly in the Americas) were affected. The active phase of the virus, during which fraudulent payments on hotel visitors' accounts occurred, was from September 29 to December 29, 2016. The malware is believed to be able to steal guests' credit card numbers, expiration dates, and verification codes.

The second yet unconfirmed case concerns the allegedly leaked data of 1.7 million Snapchat users, by the hands of disgruntled Indian hackers, in response to a statement of Snapchat CEO, Evan Spiegel, who supposedly referred to India as a poor country at a meeting in September 2015. The hackers, who reportedly originally found the vulnerability in Snapchat's database during their white hat operation, aimed at fixing the security issues in company's software, have loaded the user details on Dark web. Snapchat, which is currently resented by Indians on social media, hasn't confirmed the leak. Spiegel's alleged claim is presented as a fabrication of former employee, who holds a grudge against the firm.

On 20 April, the CBS news channel reported that the CIA is conducting a massive internal investigation into an incident which led to the leak of their cyber practices documentation on WikiLeaks. The intelligence service, in cooperation with their colleagues from FBI, is looking for the insider responsible for one of the worst security breaches in CIA history. Primary suspects are hundreds of CIA employees and contractors who had reportedly access to the classified documents. WikiLeaks, whose representatives will reportedly face charges from US Justice department, stated that their source is former security contractor. The server is facing heavy criticism from the new CIA director Mike Pompeo who called the platform "A non-state hostile intelligence service often abetted by state actors like Russia".
 
On 20 April German channel NDR informed that the investigation of documents, stolen from a parliamentary committee in December and their subsequent publication on WikiLeaks will be extended to the chancellery as well as Bundestag employees. The files contained the extent of cooperation between German intelligence services and the U.S. National Security Agency (NSA), which is a highly controversial topic as their collaboration encompassed both spying on German citizens and on the political representation of allied countries. So far, the document theft was primarily associated with Russian hackers, who attacked the Bundestag in 2015 and have repeatedly perpetrated cyber espionage campaigns against German politicians.

About author: Roman Šulc

Partners

Tento web používá k analýze návštěvnosti soubory cookie. Používáním tohoto webu s tím souhlasíte. Další informace