KW 21: Easyjet cyberattack hits millions of customers, Supercomputers hacked across Europe, New security law provides for BSI expansion

NEWS

Easyjet cyberattack hits millions of customers: Hackers accessed email addresses and travel details of approximately 9 million Easyjet customers in a sophisticated cyber attack, Easyjet announced Tuesday. The company’s investigation also found that credit card details were accessed for more than 2,200 customers but said there was no evidence any data had been misused. Sources close to the investigation claimed the attack had the hallmarks of an ongoing Chinese campaign against travel companies, Reuters reported.
politico.eu, telegraph.co.uk

Report warns of security gaps in Industry 4.0: In a new research report, security company Trend Micro warns of unconventional hacker attacks on networked industrial plants. To investigate the issue, the company used an Industry 4.0 laboratory in Milan, which houses current production facilities. Udo Schneider, IoT Security Evangelist Europe at Trend Micro, warns of new methods of attacking these systems: “In the past, cyberattacks on production systems mainly used conventional malware, which can be stopped by common network and endpoint protection solutions. However, it is likely that advanced attackers will develop operational technology (OT) – specific attacks that will then fly under the radar.”
datensicherheit.de

Supercomputers hacked across Europe: Multiple supercomputers across Europe have been infected this week with cryptocurrency mining malware and have shut down to investigate the intrusions. Security incidents have been reported in the UK, Germany, and Switzerland, while a similar intrusion is rumored to have also happened at a high-performance computing center located in Spain. None of the organizations published any details about the intrusions. However, the Computer Security Incident Response Team for the European Grid Infrastructure, a pan-European organization that coordinates research on supercomputers across Europe, has released malware samples and network compromise indicators from some of these incidents. Making matters worse, many of the organizations that had supercomputers go down this week had announced in previous weeks that they were prioritizing research on the COVID-19 outbreak, which has now most likely been hampered as a result of the intrusion and subsequent downtime.
zdnet.com

FBI warns against Chinese targeting of corona research groups: The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a public service announcement warning organizations researching COVID-19 of likely targeting and network compromise by the People’s Republic of China. Health care, pharmaceutical, and research sectors working on COVID-19 response should all be aware they are the prime targets of this activity and take the necessary steps to protect their systems.
fbi.gov

IoT as a security risk in the virus crisis: An analysis by Extrahop, a provider of cloud solutions, shows that the coronavirus crisis has led to more security gaps in connection with IoT. While the use of in-house networked devices decreased in companies, devices such as IP phones and printers often remained online, which can pose a security risk for companies. Although significantly more cameras were used by companies to monitor abandoned sites, these can also be attacked by hackers. Sri Sundaralingam, Vice President Cloud and Security Solutions at Extrahop, says that for many companies, IoT management may be “just a side issue, or at least something they didn’t initially see as a long-term task. Now that availability and security issues in the area of remote access are becoming more acute, businesses have to be more careful.”
funkschau.de

Threat Defend Platform: Attivo lures cyber criminals into a trap it-business.de
Remote Working: IT security in times of COVID-19 it-daily.net
User data: Hacker publicizes Tesla data leak finanzen.net
Blockchain consultant: 15-year-old hacker allegedly stole 24 million dollars futurezone.at
Diplomat: Israeli hacker attack paralyzed port in Iran krone.at

NUMBER OF THE WEEK

Hackers were able to capture 500 gigabytes of customer data from the Palatinate energy and water supplier Technische Werke Ludwigshafen.
spiegel.de

BACKGROUND

New security law provides for BSI expansion: German Interior Minister Horst Seehofer’s “IT Security Act 2.0” is taking shape. A new draft law envisages the massive expansion of the Federal Office for Information Security (BSI). There are said to be a total of 583 new positions, including in particular those for consumer protection and consumer information. In addition, the BSI will be given new powers for the IT protection of public networks, including the German parliament. A new IT security law is currently being coordinated. A total of 73 pages describe how IT security should be increased in Germany. Critics fear that the new law will give the BSI too much power. But according to the interior ministry, “it is not about investigating the BSI’s penetration into PCs and smartphones etc.”, but about reducing the threat from botnets and the like.
rp-online.de

Security risks in education: The coronavirus crisis has led to a rapid acceleration of digitization in education. IT security experts face new challenges due to the sharp increase in the number of end devices. According to a Solarwinds survey, less than half of those in education consider their endpoint security skills to be up to par. Another survey shows that inexperienced teachers and students in particular pose a security risk. Sascha Giese, Head Geek at Solarwinds, recommends IT departments to provide enough capacity for VPN connections. Institutions could create dashboards that combine information such as server response time and memory and disk usage to help predict and fix potential problems before they affect education. Unsafe passwords remain a major problem. Educational institutions should ensure that stricter guidelines are enforced in this area.
security-insider.de

QUOTE

“The attacks are not surprising. Cyber attacks initiated by nation states are targeting possible locations for COVID-19 research. The aim is to gain political and economic benefits through early access to new knowledge. Remote access and abuse of privileges like SSH will almost always be an important factor in any infrastructure attack.”
Andreas Müller, DACH Director at Vectra AI, spoke about cyber attacks targeting European supercomputers.
datensicherheit.de

SECURE?

Tougher penalties for hospital hackers in Bavaria: Cyber attacks on hospitals in Bavaria will be punished more severely in the future. A Federal Council initiative by the German state aims to ensure an increase in the penalties for attacks on critical infrastructure. So far, the perpetrators have often been fined. This will now be changed. “It has to make a difference in the criminal code whether someone spies on the shopping behavior of an individual or the sensitive data of a hospital,” said Bavaria’s Minister of Justice Georg Eisenreich.
kma-online.de

Newsletter subscription

Subscribe to our free weekly newsletter for a compact overview of safety and security topics:

Safety-Security-Ticker

More digital news briefings

Our political briefings