Category: North America

The Weakest Link: DoD Data Exposed by Third-party

Overview: Reservations management company AutoClerk found itself in hot water last week when it was discovered that one of its databases was exposed online. The database, which is 179 GB in size and is hosted on Amazon Web Services, held client information including full names, unencrypted login information, phone numbers, addresses, travel dates, room numbers, […]

New York Financial Companies must comply with cybersecurity regulation

March 1, 2019 marks the final implementation of the New York Department of Financial Services’ (NYDFS) cybersecurity regulation covering DFS-regulated entities and licensed individuals. Regulation 23 NYDFS 500 forces financial institutions to be more transparent and protective of the data they store and process in their financial systems. The regulation is designed to ensure businesses […]

Global Weekly Executive Summary, 02 November 2018

China Telecom and BGP Hijacking In an article in Military Cyber Affairs, researchers claim to have uncovered evidence that China Telecom has been deliberately using Border Gateway Protocol (BGP) hijacking to selectively divert internet traffic originating in the US and Canada through China.   Source: Military Cyber Affairs, China’s Maxim – Leave No Access Point […]

Global Weekly Executive Summary, 3 August 2018

VPNFilter In July 2018, the VPNFilter malware reportedly tied to a Russian military intelligence agency infected a chlorine station connected to Ukrainian water treatment and sewage plants. This intrusion is the latest in a string of disruptive Russian cyberattacks to target critical infrastructure in the past three years. VPNFilter also made news in the US […]

Facebook and Cambridge Analytica Infosheet

In 2014, London-based data analytics and political profiling firm Cambridge Analytica gained access to the personal data of over 50 million Facebook users and used that information to match profiles to electoral rolls and create what the firm calls “psychographic modeling” that could later be used to micro-target users with personalized political ads leading to […]

Global Weekly Executive Summary, 29 SEPT 2017

Deloitte Data Breach Multinational accounting and auditing firm Deloitte was the victim of a major cyberattack that lead to unauthorized access to the company’s internal email systems. Staff and client data was stolen, including usernames, passwords, IP addresses, business diagrams, and health information and email “attachments with sensitive security and design details.” When did it […]

Equifax Megabreach Update: How, who, and more

Last week, we reported that the major credit reporting company Equifax announced a massive data breach affecting up to 143 million US customers last week on 7 September, but the developing story over the course of the week has gone from bad to worse. How the Breach Occurred After days of speculation, on 13 September, […]

Equifax Breach affects 143 Million in the US

Equifax Data Breach Credit reporting agency Equifax announced a massive data breach on 7 September that it says could potentially impact 143 million US customers. Equifax is one of the three largest US credit bureaus that collects and maintains consumer financial data for hundreds of millions of people in the US and Canada. According to […]

Global Weekly Executive Summary, August 11, 2107

eLoran: New Interest in Radio Navigation Technology after GPS Jamming Incidents Recent incidents of GPS interference and jamming and the possibility of cyberattacks have renewed interest in earth-based radio navigation systems. South Korea, the US, Russia, and Britain have all independently been exploring Enhanced Long Range Navigation, or eLoran, with the aim of updating the […]

NotPetya Ransomware Disrupts Merck Vaccine Production

Merck, a global leader in drug and vaccine production, may be unable to produce hepatitis B vaccines until 2018 because of worldwide production disruptions resulting from the NotPetya ransomware attacks in June. In late June 2017, Merck, one of the “big four” of the world’s leading vaccine producers, reported that its computer systems were affected […]