Security News – Wk2 Feb 2016

We start off this week with news of Adobe’s Creative Cloud deleting data on Apple MACs – not a security issue in itself but still a serious issue. I’m sure there’s a lot of pissed-off people out there – losing data due to someone else’s problem is not nice.

Onto security-specific news, the UK GCHQ intelligence agency’s hacking of computers, mobile devices, smart devices, and computer networks has been ruled to be legal, no matter where it happens in the world, and that it is compatible with the European convention on human rights. So says the Investigatory Power Tribunal, a UK court that hear and decides on complaints regarding surveillance by public bodies. Hmmm, yes, um, hack away GCHQ!

The Hollywood Presbyterian Medical Center, an “acute-care facility” located in Los Angeles, has had its computer systems compromised by hackers. The attackers are asking for 9,000 Bitcoin (approximately $3.6 million) in exchange for giving the hospital access to the systems again. This hack follows similar ones where data on web servers or computers are encrypted and the hackers ask for a ransom.

Hackers have recently used a previously compromised passwords to breach both TaxSlayer and Alibaba. “As a result of ongoing security reviews, TaxSlayer identified on January 13, 2016 that an unauthorized third party, whom we believe obtained your username and password from another online service, may have accessed your TaxSlayer account between 10/10/2015 and 12/21/2015,” TaxSlayer director of customer support Lisa Daniel wrote in a notification letter [PDF] to those affected.

Separately, hackers in China used a database of 99 million usernames and passwords stolen from other websites to target accounts at Alibaba’s Taobao shopping site, and found that 20.59 million of the username and password combinations also worked for Taobao, Reuters reports. That’s a 1-in-5 hit ratio which shows just how much password reuse is going on. This is exactly why password managers ares such a boon – they allow you to maintain different credentials for each site you use as well as provide auto login functionality.

HSBC’s Internet banking services were unavailable for several hours on January 29, 2016 as the bank’s system came under a DDoS attack, BBC News reports. “HSBC has successfully defended against the attack, and your transactions were not affected.” Yes exactly, this is why services were unavailable …

Locally, Anonymous have been busy hacking everything in sight. I first noticed this 2 weeks ago when the wpmc.co.za site served up 2 words – Aziz Siyaad … and nothing else. I hate it when I can’t get my racing program for the day at Killarney. The site’s up again but it’s not alone in serving up white-space. The SA government’s GCIS database has been leaked online as part of an attack that is said to encompass more than 200 sites.

A survey by Balabit, shows that social engineering and compromised accounts comprise 2 of the most common methods for hacking. This means that security remains in the hands of end-users.  Be warned.