Cyber and Privacy Update 19 Apr 2019
Friday 19 April 2019 Edition 10
Ransomware-raided Aussie businesses pay up
Despite firm advice to the contrary from security professionals and law enforcement, plenty of Australian ransomware victims say they have paid digital extortionists and after doing so, many report they were able to restore access to their data. Telstra's 2019 security survey claims 51 per cent of Australian respondents that were attacked by ransomware paid up, and 79 per cent would do it again if they did not have backups available. More than three-quarters of Australian businesses that paid ransoms reported that they were able to get their data back. An interesting statistic, that points to the developing trends with respect to payment of ransoms.
Click here for article: https://bit.ly/2VNwj6U
Wipro hacked, internal systems used to attack customers: report
Wipro (an international IT Services group) is currently investigating what appears to be a serious breach of its networks and systems, which are apparently being used to launch attacks on customers, forcing the outsourcing giant to build a private email service to replace compromised corporate system. The attack is being viewed as a state-sponsored exercise. The sources told Krebs that Wipro systems are being used as launchpads for attacks on the outsourcer's customers.
Click here for article: https://bit.ly/2GPCYIL
ASD confirms data stolen in Parliament IT breach
Australian Signals Directorate chief Mike Burgess has confirmed data was stolen by a state-sponsored actor during February’s malicious attack against Parliament House. In what appears to be the first public admission of the data exfiltration, Burgess told senate estimates last week that a limited amount of non-confidential data had made its way into the hands of attackers. It was revealed during the agency’s damage assessment of the security breach, which has now been wrapped up and handed to government for consideration.
Click here for article: https://bit.ly/2LjxLxo
Kaspersky: 70 percent of attacks now target Office vulnerabilities
Microsoft Office products are today's top target for hackers, according to attack and exploitation data gathered by Kaspersky Lab. In a presentation at its security conference --the Security Analyst Summit-- the company said that around 70 percent of the attacks its products have detected in Q4 2018 are trying to abuse a Microsoft Office vulnerability. That's more than four times the percentage the company was seeing two years before, in Q4 2016, when Office vulnerabilities had accounted for a meager 16 percent. This serves as an excellent counter argument in that organisation don’t need to be targeted per se, rather just an organisations vulnerabilities, which they may not be aware of.
Click here for article: https://zd.net/2IYLRkM