28 February 2020

IRM Weekly Cybersecurity Roundup: NIST roadmap released and more

NIST cybersecurity workforce roadmap released

The National Institute for Standards and Technology (NIST) has released a report outlining how to strengthen the future cybersecurity workforce through regional partnerships.

Named the “National Initiative for Cybersecurity Education” (NICE), the project aims to promote a network and ecosystem of consistent cybersecurity education, workforce development and training.

One way of achieving this, set out in the Strategic Plan, is to guide career development better by facilitating regional groups to identify cybersecurity routes to address the local workforce needs. NIST suggests that be developing these regional alliances will:

  • Ensure workforces are better aligned to the NICE Cybersecurity Workforce Framework
  • Enhance the pipeline of students looking to pursue a career in cyber
  • Upskill Americans allowing them to move into middle-class cybersecurity jobs

You can read more here.


Cyber-attack hits Mexican Government servers

“Email and archive servers” in a Mexican government department were the target of a cyber-attack last Sunday, but the government insists data has not been compromised.

Internet service providers were told to temporarily isolate networks and servers of the economy ministry in the Mexican government. The processing of some online forms has also been suspended to protect their legal status.

The government stated: “The ministry’s sensitive information as well as that of its users is not considered compromised”.

You can read more here.


Political cyber-attacker arrested

A 32-year-old has been arrested on suspicion of conducting cyber-attacks against a former US congresswoman.

Arthur Jan Dam has been arrested by the FBI, accused of carrying out a number of DDoS attacks targeting an opponent of former congresswoman Katie Hill.

It’s thought Dam caused four DDoS attacks on the websites of Hill’s rival in 2018 causing the website to go down for almost 24 hours. This downtime caused a financial loss of $5,000 and has also been blamed for the political losses sustained by the Democratic primary in California.

The FBI’s investigation found that the cyber-attacks came from a single Amazon Web Services account controlled by Dam. Geolocation data revealed that the attacks were launched from Dam’s residence and workplace.

The arrest by the FBI is an attempt to provide the bureau’s commitment to holding those who interfere with politics accountable.

You can read more here.


Clearview AI data breach leads to stolen client list

Facial recognition company Clearview AI has informed customers of a data breach which has led to its client list being stolen.

The company has more recently been in the press for reportedly scraping up to 3 billion images from social media sites to add to its database.

Whilst Clearview states that its servers, systems and networks were not compromised, the cyber-attacker was able to get hold of their customer list, the number of user accounts those clients have set up and the number of searches they’ve carried out.

Campaigners are calling for more information to be given about their image scraping policies as well as further details about the attack itself.

You can read more here.


Financial Conduct Authority owns up to data breach

The UK’s Financial Conduct Authority (FCA) has owned up to accidentally exposing the confidential details of approximately 1,600 customers who had filed complaints with the FCA.

They confirmed that details including names, addresses and phone numbers may have been accessible but clarified that no other financial or identify information was compromised.

As soon as they noticed the breach, the FCA removed relevant data from its website. They state: “We have undertaken a full review to identify the extent of any information that may have been accessible. Our primary concern is to ensure the protection and safeguarding of individuals who may be identifiable from the data”

They have reported the incident to the Information Commissioner’s office.

You can read more here.


Unsolicited “find my mobile” notification points to Samsung data leak

Earlier this week, many Samsung owners took to Twitter to complain of an unusual and unsolicited “Find My Mobile” push notification which appeared on their phones.

Samsung has now come out to admit that a “small number” of users were able to read other people’s personal data displayed to them.

A Samsung spokesperson said: “A technical error resulted in a small number of users being able to access the details of another user. As soon as we became of aware of the incident, we removed the ability to log in to the store on our website until the issue was fixed.”

Further concerns have been raised, as many users had disabled the ‘stock’ application on their phones, and so they are uncertain on why Samsung devices still allow for push notifications to come through.

You can read more here.