Hack attack on eBay
Hackers redirected eBay users to a spoof site which masqueraded as the firm's welcome page but which actually captured their names and passwords.
Daily Mail, 18 September 2014
UK and US join forces to tackle cyber crime
Speaking at the first ever US-UK Global Cyber Security Innovation Summit in London, the Business Secretary will announce a £4 million competition for UK cyber businesses to develop ideas to tackle cyber security threats. He will also announce the appointment of a cyber security small business champion, and funding for projects that will drive growth and innovation in the sector. The competition will be run by the Technology Strategy Board, the government’s innovation agency, in 2015, which will award funding to the firms with the best ideas.
Dept of Business, Innovation and Skills press release, 16 September 2014
Peter Pan pantomime hijacked
Eastern European hackers sent out emails claiming to be a £145 invoice for 9 tickets to a performance of Peter Pan at Bournemouth Pavilion. Once opened, the email released a virus which captured sensitive commercial and personal data.
Daily Telegraph, 9 September 2014
Home Depot hacked
Up to 56m card details may have been stolen when Home Depot was hit by hackers. The attack lasted for 5 months before the retailers became aware of the problem in early September. The size of the attack makes it the largest breach of retailer on record.
Hannah Kuchler, 18 September 2014
Pizza firm loses $50,000
Zpizza, a Californian-based pizza chain, were victims of a hack attack on their credit card payment systems. 12 stores were targeted and the firm had to spends thousands of dollars on forensic audits, as well as paying fines to their credit card companies. The company estimated it ended up paying over £50,000, as well as losing customers who lost faith in the firm.
Associated Press, 10 September 2014
Heartbleed attack on US hospital
Tennessee-based hospital group Community Health Systems Inc was victim of a hackers who exploited the Heartbleed internet bug and stole the personal data of around 4.5m patients.
AJU News, 4 September 2014
US banks victims of suspected Russian cyber attacks
JP Morgan and several other major US banks have been victims of sophisticated cyber attacks which aimed to steal data or disrupt services. No direct fraud has been discovered but the FBI is investigating as the complexity of the attacks has led to suspicion that Russian hackers are behind the attacks, potentially state-sponsored as a retaliation to sanctions.
Tom Braithwaite and Hannah Kuchler,
Financial Times, 29 August 2014
Denial of service attacks on gaming companies
Sony's Playstation, Microsfot Xbox and Riot Games' League of Legends networks have all been victim of denial of service attacks. Main have been undertaken by hacker collective known as Lizard Squad.
United Parcel Service has had a breach in its computer systems which exposed more than 100,000 transactions to potential theft of confidential client information between January – August 2014.
Financial Times, 21 August 2014
Trade secrets from American defence contractors
The U.S. Attorney’s Office for the Central District of California announced the indictment of Su Bin (also known as Stephen Su, Stephen Subin, and Steven Subin), a Chinese national, on charges involving a computer hacking scheme involving the theft of trade secrets from American defence contractors. According to the indictment, Mr. Su worked with two others to hack into computer systems to obtain secret information about military programs. If convicted, Mr. Su faces thirty years in prison.
U.S. Attorney’s Office Press Release, 15 August 2014
Law firm sued for recommending wife hacks husband
Lawyers for a woman divorcing her husband recommended computer experts who could hack into her husband's computer and iPhone. The husband's lawyers have been given the go ahead to appeal the divorce ruling in what could be a landmark case concerning the use of information obtained legally. The Singapore High Court said that the law firm could be guilty of perjury, breach of professional ethics, and other crimes under the Computer Misuse Act.
The Straits Times, 17 September 2014
5m Google accounts leaked
An estimated 5m Google accounts, predominantly belonging to Russian users, are suspected to have been leaked online on a database which was linked to on Reddit. It is believed that the details did not come from a hack of Google itself but probably came via computers affected by malware.
The Independent, 11 September 2014
90% of Irish firms exposed to cyber attacks
Aon Risk Solutions says that cyber security risks are increasing for Irish companies, with over 90% of firms exposed to cyber risks but only 20% doing anything to protect themselves. 20% of Irish companies had suffered data breaches within the past 12 months. It also found that two thirds of companies routinely allowed employees to access confidential information via their own personal devices.
Irish Examiner, 6 September 2014
AFRICA & THE MIDDLE EAST
Islamic jihadists pose cyber terrorist threat
The chief executive of cyber security firm FireEye has warned that jihadists from ISIS and Al Qaeda will target the west with cyber terrorism. He claims that denial of service attacks and virulent cyber espionage viruses may be released, and says that ISIS has already had significant success using the internet to distribute terrorist information. He believes that they will plan an attack on a "sensational" target.
Financial Times, 19 September 2014
Nigerian bank worker steals £23m
Godswill Oyegwa Uyoyou, an IT worker at an Abuja commercial bank, stole £23m by hacking into his employers computer systems and transferring money into accounts help by accomplices.
The Times, 18 September 2014
Gulf Cooperation Council main target for cyber crime
IT experts have warned that the Gulf Cooperation Council is a prime target for cyber-criminal and that the area needs to undertake new and robust measures to protect itself. Security solutions company Bit9+ Carbon Black estimated that the average cost to settle data breaches is $5.4m. In 2012 one of the world's largest ever bank heists occurred in the Gulf when $45m was stolen from two Gulf-based banks by hacking credit card processing firms.
Gulf News, 16 September 2014