With so much cybersecurity news flying around, it is hard to keep track of the bigger stories that emerged. Here is the GFI security round-up of the three top cybersecurity stories of February 2018.
1. Winter Olympics opening ceremony disrupted by Russian-influenced cyber attack
This month saw the 2018 Winter Olympics in PyeongChang, South Korea. On February 9, while many of us were getting ready to watch the athletes impress the pants off us with their winter sporting skills, the Olympics organizers were running around dealing with a cyber attack during the opening ceremony.
While no critical systems were impacted, the attack took down the official website. This meant that attendees with reservations couldn’t access or print tickets. The PyeongChang Olympic stadium lost its wireless network. Reuters also published that a live drone show, a highlight of the opening ceremony, had failed to deploy. A recording was used in its place. It is however still unclear whether this drone failure was related to the cyber attack.
The cyber-disruption took about 12 hours to fully restore.
Since the attack, researchers, organizers and authorities have reportedly been investigating the attack origins, and have now placed the blame at Russia’s door. The Washington Post reports, “Russian military spies hacked several hundred computers used by authorities at the 2018 Winter Olympic Games in South Korea, according to U.S. intelligence.
“They did so while trying to make it appear as though the intrusion was conducted by North Korea, what is known as a “false-flag” operation, said two U.S. officials who spoke on the condition of anonymity to discuss a sensitive matter.”
The speculation is that the disruption was actioned against the Olympics Committee as a retaliation for banning the Russian competitors with respect to doping violations.
The post also revealed that some officials are concerned that there may be a concerted effort to disrupt the closing ceremonies.
2. Cryptojacking – Burgling users’ computing power
Cryptojacking is the term used to describe the unauthorized hijacking of user’s computing processing power. The end game is to make a bit of cryptocurrency.
By design, mining for cryptocurrency requires an increasing amount of processing juice to increase the likelihood of the actor agent making a few pennies. This reason is perhaps at the heart of why we are seeing an increased spike in cyptojacking, the act of stealing someone else’s processing power to mine for cryptocurrency.
There are many ways to steal a victim’s processing power, such as hiding cryptomining code on reputable or high-traffic websites. CoinHive, for example, is a popular crypto mining script which runs on websites.
The idea is that when innocent users connect to a site running crypto script, they unwittingly allow the site to suck additional processing power from the user system for the purpose of mining cryptocurrencies. Now this usually happens when the user is actually has the website open, so here is a pretty great argument for shutting those tabs, rather than leave them all open across a browser.
It is important to note that, like other unwanted web activity, it could in some cases be at the behest of website owner, or that the site has been attacked and is serving up unwanted cryptomining code unwittingly. One would be right to think that it’s a question of following the money. However, blockchain technology, by design, provides pretty robust security and privacy, making it a difficult task to hunt down the instigators.
Just last November, Adguard recorded a 31% month-to-month growth in cryptojacking. They also estimated that 33,000 plus websites are currently running cryptomining. They also estimate a billion visits a month to these websites are at risk of cryptojacking.
3. British hacker Lauri Love wins fight against extradition to US
British hacker Lauri Love, who broke into US computer systems including NASA and the Federal Army reserve, has just won a five-year legal battle against extradition to the USA.
According to the Telegraph, his lawyers’ estimate the charges filed against Love in New York, New Jersey and Virginia would mean facing a maximum penalty of 99 years in prison and fines of $9 million (£6.9m).
If prosecuted in the UK, Love faces an 18-month prison sentence.
Love, who has Asperger’s, was fighting the extradition on the grounds that he should face trial in the UK and that the US prison system wasn’t equipped to support him, in light of his condition.
Love was arrested in 2013 and extradition was approved in 2016, but that ruling was overturned on appeal on February 5th.
That’s it for February. Tune in early April for GFI Security’s March round-up.