Mishcon Cyber Watch - January 2015

Welcome to the January edition of Mishcon Cyber Watch. Its aim is to provide businesses and their advisors with a snapshot of what has been happening in the world of cyber fraud in the last month.



Retailer Office has been given a warning by the Information Commissioner after a hacker exposed the personal data of more than a million customers. The company escaped a fine, but has agreed to amend its privacy policy, to provide more training to staff, and to regularly test its website and servers.
Stuart Dredge,
The Guardian, 20 January 2015

The latest release of the Allianz Global Corporate & Speciality risk barometer shows that reputational risks is now 2nd in a list of the top business dangers for the UK, up from 9th in last year's survey, and cyber losses has risen from 7th to 3rd.
Mark Sands,
Post Magazine, 14 January 2015

UK-based Bitstamp, a bitcoin exchange for US dollars, has suffered a cyber-attack which has seen the theft of nearly 19,000 bitcoins, which equates to $5.2m. The company was forced to suspend operations for a short period.
Matthew Heller,, 6 January 2015



North Korea is suspected of being behind a massive cyber-attack on Sony in late November 2014, apparently in retaliation for Sony's The Interview. Large quantities of the firm's data was destroyed, unreleased movies were released onto file-sharing sites, and confidential documents that included passwords, social security numbers and salaries were leaked online. Sony later cancelled the release of the movie after threats of violence were made against cinema audiences should it be released
Matthew Garrahan, Hannah Kuchler and Kana Inagaki,
Financial times 6 December 2014 and 19 December 2014

Russian Roman Selenez is in court in the US on charges of hacking, identity theft and wire fraud that netted him over $17m through selling on stolen credit card data. The trial is set for later in the year,
Martha Bellisle,
Associated State Press & Local, 16 January 2015

A survey by IBM Security has revealed that cyber-attacks against US retailers have declined by almost 50% since 2012, but the number of actual records stolen remains at a high. This is caused by an increase in the number of records stolen in each attack, due to the improved techniques hackers are using.
Enterprise Innovation, 13 January 2015

The Department of Justice announced charges against Ryan Andrew Gustafson, a/k/a Jack Farrel, a/k/a Willy Clock, a U.S. citizen living in Kampala, Uganda, with conspiracy and counterfeiting for his role in an international cyber counterfeit currency operation.  According to the affidavit accompanying the criminal complaint, Mr. Gustafson used the online criminal forum Tor Carding Forum and his own online forum called Community-X to sell counterfeit federal reserve notes.
Department of Justice Press Release, 18 December 2014

Microsoft Corp.’s Xbox Live and Sony Corp.’s PlayStation Network Internet services were hacked, pushing the services offline.  A group known as the Lizard Squad claimed responsibility for the attack and an 18-year-old man in northwest England was recently arrested in connection with the incident.
Bloomberg, 16 January 2015

A group calling itself the Cyber Caliphate hacked into the Twitter and YouTube accounts of the U.S. Central Command, disclosing what appeared to be military plans and personnel records.  The two accounts were suspended shortly after 1 p.m. that day.  U.S. Central Command issued a statement saying that the accounts were compromised for a half hour and no classified information was disclosed.
US News & World Report, 12 January 2015



A group believed to have links with pro-Russian separatists launched a sustained cyber-attack on several government websites, including Angela Merkel's pages and the Bundestag website. NATO says that over 30 sophisticated attacks and cyber spying attempts with links to pro-Russian forces have been launched.
Stefan Wagstyl,
Financial Times, 8 January 2015

The details of 30,000 clients' names and account numbers from a Swiss bank, Banque Cantonele de Geneve, were leaked by a hacking collective known as Rex Mundi when the bank refused to pay the €10,000 ransom. The bank stands by its decision.
US Official News, 12 January 2015



Two computer experts have been accused of theft, attempted extortion and blackmail after hacking into the National Industrial Credit Bank in Kenya and threatening to release customer information if they were not paid Sh6.2 million in Bitcoins.
Business Daily, 14 January 2015



US intelligence agencies have estimated that North Korea may now be employing a 6,000 "hackerarmy". Western defences against Korean cyber-attacks are stymied by the fact that Korea is not 'online' in the same way that other countries are, so counterhacking operations would not work.
Guy Taylor
Washington Times, 7 January 2015

Cyber crime in India is rising at a significant rate and the number of attacks during 2015 is predicted to be almost double the level of 2014. A study by the Associated Chambers of Commerce & Industry in India and Mahindra SSG, claims that the growth rate is currently running at over 100%. The increase is considered to be closely tied to the rise in popularity of online banking.
Business Trends Asia 12 January 2015