Editor’s Note: This is your weekly cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive weekly updates here.
Facebook has had a very difficult few weeks. First it was the Cambridge Analytica scandal, and now it’s an admission from CEO Mark Zuckerberg that “malicious actors” have probably gotten access to personal data from the Facebook’s 2.2 billion members. Worse is the admission that the company wasn’t able to identify the problem until the scandal hit. Despite Zuckerberg’s hearing before the House Energy and Commerce Committee this week, lawmakers say prompt federal action is unlikely.
As discussed in the New York Times, “The breach was a stunning admission for a company already reeling from allegations that the political data-mining firm Cambridge Analytica inappropriately accessed data on as many as 87 million Facebook users to influence elections. Over the past few weeks, the scandal has mushroomed into investigations across continents, including a probe by the U.S. Federal Trade Commission. Zuckerberg himself will be questioned by Congress for the first time on Tuesday.”
Facebook Chief Operating Officer Sheryl Sandberg acknowledged in an interview with Bloomberg Newsweek that Facebook is “reviewing products and data policies to find further ways to protect users from being exploited, after political consultant Cambridge Analytica obtained information on as many as 87 million people without their permission.”
With so much personal data exposed, what can Oregonians do?
While Facebook did shut down a feature that lets people search for Facebook users by phone number or email address, there are things users should do to protect themselves. While in Facebook, consider going into Settings and updating your Privacy settings or even changing information about when and where you were born, or changing your phone number. While the information has been required as part of using Facebook, users don’t have to give the correct information. Others have even gone so far as to delete their Facebook account. You can also check out the Facebook newsroom which provides updates on the crisis and what Facebook is doing to fix the problem.
To pay or not to pay, that is the question
While news about privacy concern for people and companies has grabbed headlines, local government municipalities have been hit by ransomware attacks. Hackers went after the City of Atlanta and demanded $51,000 in bitcoin as a ransom. Many of the city’s computer systems remain offline. So what’s a city to do in order to fight being extorted? Yarrow Point Mayor Richard Cahill, whose city was held hostage by cyber criminals in 2017, says it’s all about risk management.
“It’s all risk management, and a make versus buy decision. We followed a very strict protocol when deciding how to act and had the assistance of our insurance provider. In the end, our liability was limited by our deductible and we paid the ransom.”
Another week, another breach of customer data
Delta joined the list of companies that has admitted to being hacked. Customer data, including credit card information, may have been compromised. The breach in data occurred last fall but the company only become aware of it in late March.
According to the Seattle PI, “The incident affected 7.ai, a company that provides online chat services for the airline, and left payment information of some customers – including names, addresses, credit card and CVV numbers – potentially exposed. The breach did not affect travel booked via the airline’s FlyDelta mobile app, but if you bought a ticket through the airline’s website using a desktop or laptop and manually entered your credit card to make the purchase between Sept. 26 and Oct. 12, 2017, you may be at risk.”
Ways to protect against ransomware
Even with all of the disturbing news coming out about ransomware attacks, Microsoft is doing something to help people who use OneDrive and Outlook.com protect themselves. While most of the focus on ransomware has been on breaking into computer systems, personal data stored in the cloud, which include OneDrive and Outlook.com, can be hacked and held for ransom.
According to news site TechConnect, “On Thursday Microsoft announced the ability to “roll back” the files stored in OneDrive to versions stored up to a month ago, to help you return to a point before you were infected by malware. The company also said it will use its automated threat-detection systems to figure out when the ransomware began infecting those files and alert you via your phone that an infection has taken place.”
In a blog post from Kirk Koenigsbauer, the corporate vice president for Microsoft Office, “With the growing presence and sophistication of online threats like viruses, ransomware, and phishing scams, it’s increasingly important to have the right protection and tools to help protect your devices, personal information, and files from being compromised.”
Users should consider erasing all of their files that are stored in the cloud and refreshing their PC. As for Microsoft, they said that the new OneDrive protections are designed to address these issues and that it is a safe location for all of your files and that even if OneDrive somehow becomes infect, users can access their older data which has not been infected.
Sponsor blogs of interest
- Anatian: A STUDY IN EXPLOIT DEVELOPMENT – PART 1: SETUP AND PROOF OF CONCEPT
- Anatian: A STUDY IN EXPLOIT DEVELOPMENT – PART 2: TAKING IT TO THE NEXT LEVEL