CyberSecurity Pulse 2016-08-18

CyberSecurity Pulse 2016-08-18

“You cannot solve a problem from the same consciousness that created it. You must learn to see the world anew.”
Albert Einstein

Analyst Insight

Stepanova's Case: When Information Leakage Leads to Serious Real-Life Problems

Undoubtedly, one of the controversies that has shaken the Olympic Games in Rio 2016 has been the disqualification of part of the Russian delegation, one of the great world powers of sport. Following the athlete Yuliya Stepanova inform World Anti-Doping Agency of the practices being carried out in her country to improve the performance of their athletes illegally, the athlete was forced to leave to Germany and then to the United States.

CyberSecurity Pulse 2016-08-18Unfortunately, this week has been aired in the news that the World Anti-Doping Agency (WADA) has been alerted about an alleged hack of its site. Furthermore, illegitimate accesses would have also been detected to the account of the 800m runner in the platform, a fact that makes Stepanova fear for his life due to the personal information stored in the system in charge of the management and administration of the Wada antidoping programme. This issue is particularly relevant as this is the platform which is responsible for controlling the athletes personal information linked to their location as part of the efforts conducted by the organization to make the necessary doping controls anywhere in the world 24/7.

We can see how much personal information is being leaked online because of the bad policies of the services we use or due to the lack of awareness of the users about the information we yield to many of the platforms. The truth is that more often than not, we are not conscious about how valuable our information is until we see it exposed in incidents like the one described. Because of that, and to avoid at least some incidents that may take place due to our bad password policies, from ElevenPaths we encourage you to activate the Two Factor Authentication (2FA) in those services in which you can do it provided that it is a good practice that can make you evade many problems.

» More information at BBC

Top Stories

Request for Information About the Future of Digital Economy

CyberSecurity Pulse 2016-08-18With the aim of promoting safety standards in the field of digital economy and prevent attacks on its infrastructure and services, the Commission on Enhancing National Cybersecurity has requested information on the present and future state of this sector. The commission will make detailed recommendations to strengthen cybersecurity in the public and private sector and to promote the use of technologies, policies and best practices that tend to consolidate them. Amongst the topics of interest to the commission are the cyberinsurances, critical infrastructures, IoT, identity management and political awareness and education.

» More information at the Federal Register

Cybersecurity in the Supply Chain, a Headache for the US

CyberSecurity Pulse 2016-08-18The National Counterintelligence and Security Center will provide officials of the US classified reports on threats to the supply chain service providers working in telecommunications, energy and finance. Apart from highlighting the importance including members in charge of planning sessions to prevent cyberattacks, the NCSC urges companies to know well their suppliers to avoid those linked to US enemies. The reports will be released within two months and will include background information about the attackers and the countries responsible.

» More information at ComputerWorld

Rest of the Week´s News

Bitfinex Offers a Reward of $3.5 Million for Info That Help to Recover Stolen Bitcoins

Early August, the Bitcoin plunged just over 20% after news of the security breach suffered by Bitfinex that led the theft of 120,000 Bitcoin. Now, the exchange is willing to offer 5% of the lost funds (nearly 6,000 BTC) as a reward for the recovery of the stolen bitcoins.

» More information at Security Affairs

The Alleged NSA’s Unit The Equation Group Has Been Hacked

A group of hackers calling themselves The Shadow Brokers claimed to have hacked Equation Group, a group allegedly associated with National Security Agency (NSA). This group has dumped a bunch of its alleged hacking arsenal (malware, private exploits, and other tools) online.

» More information at Security Affairs

Iran Investigates If Series of Oil Industry Incidents Were Caused by a Cyberattack

After weeks of speculation on the cause of an unprecedented string of fires and explosions in major Iranian oil and gas facilities, Iran’s Supreme National Cyberspace Council has said that it is looking into cyberattacks as a possible cause.

» More information at TIME

Further Reading

Sage Software Firm Hit by Data Breach

» More information at BBC News

DDoSCoin: New Cryptocurrency Pays Users for Participating in DDoS Attacks

» More information at The Hacker News

Guccifer 2.0 Leaks Personal Info of Nearly 200 Congressional Democrats

» More information at The Hacker News