CyberSecurity Pulse 2016-08-18
|“You cannot solve a problem from the same consciousness that created it. You must learn to see the world anew.”|
Stepanova's Case: When Information Leakage Leads to Serious Real-Life Problems
Unfortunately, this week has been aired in the news that the World Anti-Doping Agency (WADA) has been alerted about an alleged hack of its site. Furthermore, illegitimate accesses would have also been detected to the account of the 800m runner in the platform, a fact that makes Stepanova fear for his life due to the personal information stored in the system in charge of the management and administration of the Wada antidoping programme. This issue is particularly relevant as this is the platform which is responsible for controlling the athletes personal information linked to their location as part of the efforts conducted by the organization to make the necessary doping controls anywhere in the world 24/7.
We can see how much personal information is being leaked online because of the bad policies of the services we use or due to the lack of awareness of the users about the information we yield to many of the platforms. The truth is that more often than not, we are not conscious about how valuable our information is until we see it exposed in incidents like the one described. Because of that, and to avoid at least some incidents that may take place due to our bad password policies, from ElevenPaths we encourage you to activate the Two Factor Authentication (2FA) in those services in which you can do it provided that it is a good practice that can make you evade many problems.
Request for Information About the Future of Digital Economy
With the aim of promoting safety standards in the field of digital economy and prevent attacks on its infrastructure and services, the Commission on Enhancing National Cybersecurity has requested information on the present and future state of this sector. The commission will make detailed recommendations to strengthen cybersecurity in the public and private sector and to promote the use of technologies, policies and best practices that tend to consolidate them. Amongst the topics of interest to the commission are the cyberinsurances, critical infrastructures, IoT, identity management and political awareness and education.
Cybersecurity in the Supply Chain, a Headache for the US
The National Counterintelligence and Security Center will provide officials of the US classified reports on threats to the supply chain service providers working in telecommunications, energy and finance. Apart from highlighting the importance including members in charge of planning sessions to prevent cyberattacks, the NCSC urges companies to know well their suppliers to avoid those linked to US enemies. The reports will be released within two months and will include background information about the attackers and the countries responsible.
Rest of the Week´s News
Bitfinex Offers a Reward of $3.5 Million for Info That Help to Recover Stolen Bitcoins
Early August, the Bitcoin plunged just over 20% after news of the security breach suffered by Bitfinex that led the theft of 120,000 Bitcoin. Now, the exchange is willing to offer 5% of the lost funds (nearly 6,000 BTC) as a reward for the recovery of the stolen bitcoins.
The Alleged NSA’s Unit The Equation Group Has Been Hacked
A group of hackers calling themselves The Shadow Brokers claimed to have hacked Equation Group, a group allegedly associated with National Security Agency (NSA). This group has dumped a bunch of its alleged hacking arsenal (malware, private exploits, and other tools) online.
Iran Investigates If Series of Oil Industry Incidents Were Caused by a Cyberattack
After weeks of speculation on the cause of an unprecedented string of fires and explosions in major Iranian oil and gas facilities, Iran’s Supreme National Cyberspace Council has said that it is looking into cyberattacks as a possible cause.