The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

Friday Five 9/25

by Colin Mullins on Friday September 25, 2020

Contact Us
Free Demo
Chat

Insider data breaches, COVID contact tracing apps, and FBI indictments - catch up on the week's news with the Friday Five!

1. Shopify breach: Help center employees are a unique breed of insider threat by Bradley Barth

A data breach by two employees of Shopify’s support team has raised the issue of whether certain roles within a company should be more stringently monitored. As members of the support team, the employees had access to a wide range of potentially important data such as clients’ systems, websites and customer portals, and potentially even their transaction logs. This stolen information could be sold or used for phishing attacks. The extent of the breach has not been fully released, but it’s clear many Shopify merchants were affected. To avoid future problems, researchers suggest that companies like Shopify reduce access to more privileged information and adopt a zero-trust approach companywide. It also highlights the importance of looking for insider threats when devising a security strategy.

Read more

2. Take-up of NHS contact-tracing app could be only 10% by Sarah Boseley

Government sources think that downloads of the NHS COVID contact tracing app could be as low as 10%. The low figure is concerning as the original target number in April was 80%. As well, because not everyone has a smartphone, that 80% download rate would only reach 56% of the population, which makes the 10% number even more concerning. Using Google and Apple technology, the app will alert users if they are within 2 meters for more than 15 minutes of somebody who has tested positive. The app will also advise on self-isolation and let users check into a location with a QR code without having to physically give information any time they go somewhere. Even if downloads are lower than expected, researchers are hopeful that the app will still encourage responsible behavior, which next to developing a vaccine, has proven to be the most effective method of mitigating the virus.

Read more

3. FBI hopes a more aggressive cyber strategy will disrupt foreign hackers by Sean Lyngaas

As evidenced by a flurry of US indictments against Chinese and Iranian hackers, the FBI is hoping a more aggressive cybersecurity strategy will disrupt foreign adversaries. The FBI anticipates closer collaboration with other intelligence agencies and data-rich private companies, along with harsher consequences, will deter hackers as well. Some of these more aggressive tactics include putting suspects in handcuffs (through more aggressive extradition), exposing someone’s identity through an indictment, or providing data for a counter hack by the US government. A specific example of the new approach is the FBI’s recent decision to publish a detailed analysis of Russia’s GRU’s cyber espionage operations. To ensure this approach succeeds organizationally and not just in individual pockets, the FBI might have to expand the number of cyber-focused personnel, known as legal attachés, at US embassies. The FBI and CISA are also stressing humility and more collaboration with private companies to get their expertise. It’ll be interesting to see whether the new strategy leads to any tangible decrease in successful foreign cyberattacks.

Read more

4. How Twitter Survived Its Biggest Hack-and Plans to Stop the Next One by Nicholas Thompson and Brian Barrett

The article explores the internal dynamics of the July 15 hack of Twitter and how Twitter is preparing to stop the next attack. Reflecting on the breach, Twitter realized that many of its employees had access to too much information. Also, the fact that a phishing attack caused a full shutdown shows how unprepared Twitter was for a breach. The shutdown required Twitter to revert to a zero-trust model, which meant that starting with CEO Jack Dorsey, and then going down the organizational chart, every single person needed to get onto a video conference with their supervisor and manually change their passwords in front of them. As a result of the hack, Twitter now requires every employee to use physical two-factor authentication. The article stresses that the damage could have been far worse. Based on the information the hackers got, such as access to direct messages, the scammers could cause far more damage than a Bitcoin scam, they could tweet something incendiary from an important political account on election day or release selectively edited or false information from the direct messages of an influential Twitter account. Another concern is whether Twitter is doing enough to protect important accounts. Currently, it asks important accounts to use two-factor authorization but doesn’t require it. Two other interesting tidbits: first, desperate to stop the breach, Twitter shut down all blue checkmark accounts, and any that had changed their passwords in the last week, which caused an information bottleneck, for example, the National Weather Service couldn’t send out a tornado warning, and most major media companies couldn’t tweet about the hack; second, it revealed that world leaders are kept in a different server set, which might be why President Trump’s Twitter was not affected but people like Bill Gates, Elon Musk, and Joe Biden were affected.

Read more

5. FBI, CISA Warn of Disinformation Campaigns Targeting 2020 Election Results by Ionut Arghire

The FBI and CISA issued a warning this week that threat actors plan to launch a disinformation campaign to target the 2020 elections. The alert stresses that disinformation could threaten the credibility of democratic institutions in the United States. The warning expects the threat to originate from foreign actors and cybercriminals and could come through newly created websites, changes made to existing websites, and social media containing false information. The potential uncertainty created by the large amount of mail-in votes and a longer election window could produce a scenario where malicious actors try to delegitimize the results of the election. Though foreign actors may try to disrupt the election, the FBI and CISA stress that the underlying data and internal systems will remain uncompromised. They also ask the public to verify information before they share potentially misleading content on social media and that they trust election officials for final election results. Finally, the FBI and CISA hope that the public reports potential election crimes, such as disinformation, to the government.

Read more

Tags: DataBreach, COVID-19, FBI