Cyber Weekly Digest - Week #34
Updated: Aug 28, 2020
This week in cyber security is another filled with companies becoming victim to ransomware attacks and customer data breaches. The digest will look into the attacks on Brown-Forman and Carnival Corp as well as the Ritz data breach. Keep reading to find out about some of the biggest cyber security stories this week.
1. Two more large organisations have joined the growing list of those who have fallen victim to a ransomware attack. The group Sodinokini (REvil) claimed to have 1TB of corporate data belonging to Jack Daniel’s manufacturer, Brown-Forman. The US-based wine and spirits maker stated that they had successfully prevented the attackers from encrypting its files. The largest cruise operator Carnival Corp also suffered a ransomware attack. Attackers managed to access guest and employee data as well as encrypting “a portion” of the IT systems from one of its brands. Ransomware attacks can be detrimental to companies, such as Carnival Corp, who have been hit hard by the ongoing pandemic, as seen last week when Travelex was forced into administration.
2. Fortinet and IBM are joining forces to deliver a new cyber security training program. Fortinet is going to integrate its Network Security Expert training and certification with IBM’s SkillsBuild. The new program is focused on creating new cyber security career pathways and bridging the skills gap in the industry. IBM and Fortinet hope to make it easier for people to start their cyber security careers despite their background or previous life experience.
3. The Ritz revealed that it had suffered a security incident last week in which its food and beverage reservation system was compromised. Attackers impersonated Ritz employees and used call ID spoofing in attempts to obtain card and payment details from diners. The hotel has launched an investigation to identify what the cause of the breach was and how they can prevent a future attack.
4. New research highlighted that many airline companies have no published DMARC record. This means they have an increased risk of their identity being spoofed and leaving customers vulnerable to phishing. 61% of member airlines belonging to the International Air Transport Association do not have a published DMARC record, and 93% of global airlines in the study have not implemented to the advised level of DMARC protection. The global uncertainty on travel and airlines being a key target for cyber criminals, it is worrying that many airlines are potentially exposing their customers to phishing.
5. Last week’s Microsoft Patch Tuesday for August fixed 120 vulnerabilities; however, it has been revealed that one of the zero-day security flaws had been actively exploited for two years with Microsoft delaying fixing it. The flaw was first seen exploited in August 2018, leading to researchers notifying Microsoft of the weakness for the past 18 months. There has been speculation on why they had delayed patching the flaw however, Microsoft have not commented.