Security Summary – May 202019-06-2020 Author: DSwiss
Our short monthly review summarizes important news and blog posts, which focus on IT security, cloud computing and privacy protection.
1. Hackers snap up Easyjet customer data
The British low-cost airline Easyjet was recently the victim of a hacker attack. In the attack, unknown people gained access to the email addresses and travel details of around nine million Easyjet customers, as well as 2208 credit card details. The airline has since succeeded in restoring data security, has informed those affected and is now warning its customers about possible phishing attacks further to instructions by the British data protection authority.
2. Ransomware attack on law firm of well-known companies and stars
After a ransomware attack, the law firm Gubman Shire Meiselas & Sacks, which represents well-known companies and stars such as Facebook, Versace and Madonna, declined a ransom note and turned to the FBI. The attack has been classified as an act of terror. The ransom note was recently doubled to $ 42 million, with the attackers threatening to release compromising information about President Trump, although he has never been a client of the firm.
3. Bots tweet about Corona
Researchers assume that almost half of all tweets regarding “coronavirus” were made by bots. They searched around 200 million tweets and found over 100 false statements in connection with COVID-19, including many conspiracy theories. It is not yet known which groups or individuals are behind the bot accounts, but researchers assume they are looking to split the United States.
4. Hackers attack several European high-performance data centers
In a hacker attack on high-performance computers in several European countries, external SSH accesses were compromised and the computers were temporarily switched off. The attackers’ motives are not yet known. There are currently two assumptions: firstly, that it could be a crypto-miner, and secondly, a possible connection with current research on Covid-19 vaccines.
5. Fresenius production affected after ransomware attack
The health and medical technology company Fresenius has been attacked with ransomware, as confirmed by group spokesman Steffen Rinas. However, patient care is not at risk, despite several isolated production restrictions. Security experts at the company are now trying to prevent the malware from spreading further.
6. Millions of people’s health data accessible through Qatar's Corona app
Since last Friday, all residents in Qatar have had to install the Ehteraz Corona Tracing App, which recently made sensitive health data available. Anyone caught without the app faces imprisonment or a fine. According to Amnesty International, although the security gaps have been closed, the use of the app is not without problems, since it can still be used for monitoring.
7. 20 years of Loveletter virus
Lastly, a look into the past: The first major computer virus pandemic made history 20 years ago under the name Loveletter and I-love-you-Virus. The computer worm was originally written by computer science student Onel de Guzman, for the purpose of stealing passwords and surfing the internet for free. Today he says that he never intended to spread the virus worldwide and regrets the damage he did.