While challenging, 2020 drove a long-overdue review of our approach to cybersecurity for many, especially with the explosion of COVID-19 themed cybercrime targeting remote workforces.
As we enter a new year, it’s imperative that businesses continue nurturing cyber resilience among our customers, so they’re prepared to minimise the impact of any incoming disruptions and/or cyber threats coming their way. 2021 has just begun and it is already rife with stories of disruptive cybercrime - a reminder that cybercriminals continue to be on the move, launching targeted attacks with speed and sophistication.
Below, we summarise a few cyber-attacks that have been making headlines this year. Share these with your teams as examples of the different ways cybercriminals are infiltrating businesses and as motivators to continue solidifying their cyber defence measures.
1) Verified Twitter accounts hacked in $580k cryptocurrency scam
Twitter users were targeted by cryptocurrency scams claiming Bitcoin and Ethereum giveaways from Elon Musk, Tesla, or Tyler Winklevoss of Gemini Exchange. Legit Twitter accounts were reportedly hacked to send fake tweets promoting a scam where Musk (among others) was allegedly giving away free cryptocurrency. These tweets contained links to fraudulent landing pages that stated that if users sent cryptocurrency to a listed address, they would receive twice the amount. At the time of writing, over $580K had been lost in a week.
More details here: https://www.bleepingcomputer.com/news/security/verified-twitter-accounts-hacked-in-580k-elon-musk-crypto-scam/
2) Accellion software hack impacts several entities
In one of 2021’s first major security incidents stemming from a third-party cloud vendor, several organisations were impacted following a cyber-attack on a file-sharing system belonging to Californian cloud company Accellion. Unknown attackers reportedly exploited a vulnerability in the standalone “Accellion File Transfer Appliance (FTA)” and illegally accessed sensitive data stored on and shared with the application. Companies affected included law firm Allens, the Reserve Bank of New Zealand and Australia’s corporate watchdog, The Australian Securities and Investments Commission (ASIC). All these companies used Accellion’s software to transfer documents and attachments.
More details here: https://www.smh.com.au/business/banking-and-finance/corporate-watchdog-asic-hit-with-cyber-attack-20210126-p56wtr.html
3) Ubiquiti customers alerted of a potential data breach
Networking device maker Ubiquiti disclosed that a security incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear. Exposed data potentially included names, email addresses and passwords. In an email to customers, the company urged all users to change their passwords and enable two-factor authentication.
More details here: https://krebsonsecurity.com/2021/01/ubiquiti-change-your-password-enable-2fa/
4) Malicious emails impersonating The Federal Trade Commission
In January, the Federal Trade Commission warned of a malicious email purporting to be from the agency’s chairman, Joe Simons. Claiming recipients were eligible to receive “coronavirus relief money”, the multi-staged email scam demanded that they pay taxes to receive the money. The scam employed multiple tricks to boost its legitimacy, including issuing a fake certificate from the Department of Treasury and a fake letter from the Internal Revenue Service.
More details here: https://www.consumer.ftc.gov/blog/2021/01/coronavirus-relief-scam-impersonates-joe-simons-federal-trade-commission
5) UK NHS COVID-19 vaccination phishing attack
Reports circulated towards the end of January about a phishing campaign purporting to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine. Multiple variants of the phishing emails were reported, all claiming to be from the NHS at noreply@nhs.gov.uk (the real NHS domain is nhs.uk) and using an email subject along the lines of: "IMPORTANT - Public Health Message| Decide whether if you want to be vaccinated." The phishing email asked recipients if they wished to accept or decline the invitation to schedule their COVID-19 vaccination. The email led to a fake NHS- branded phishing page asking recipients for personal information, including their mother's maiden name, addresses, mobile numbers, credit card and banking data.
More details here: https://www.bleepingcomputer.com/news/security/beware-of-this-active-uk-nhs-covid-19-vaccination-phishing-attack/
This isn’t a comprehensive list, and we’re sure there are many other organisations who have been impacted by cybercrime since the start of the year. The damage sustained by companies as a result of cyber-attacks goes far beyond the immediate financial losses, and no doubt these firms, and others that we haven’t mentioned, are still working through some of the implications.
Malicious emails remain one of the most prolific ways fraudsters infiltrate networks, so we also recommend taking a defense in depth approach to your business email security. No one vendor can stop all threats, so don’t leave your business exposed. If you are using Microsoft 365 or G Suite, you should also have third-party solutions in place to mitigate your risk. For example, using a third-party cloud email solution like MailGuard to complement Microsoft 365. For more information about how MailGuard can help defend your inboxes, reach out to our team at expert@mailguard.com.au.
As we enter 2021, let these cyber-attacks serve as a motivator for all of us to practice good cyber hygiene, and to remain vigilant.
