We’re rounding out Cybersecurity Awareness Month, and best practices are top of mind to prevent incidents such as data breaches and ransomware attacks. Biden issued a memo this month sharing the amount of work to be done to prevent cyberattacks and increase organizations’ cybersecurity practices. The White House is committed to “strengthening our cybersecurity by hardening our critical infrastructure against cyberattacks, disrupting ransomware networks, working to establish and promote clear rules of the road for all nations in cyberspace, and making clear we will hold accountable those that threaten our security.”1
We always say that the best defense against a cyberattack is a good offense. We share three of the cyber incidents in October to raise awareness in this blog.
Twitch’s Source Code Leaked
A user on an anonymous 4chan message board shared that the user had a 128GB file of Twitch data. The New York Times reported that the user claimed this was only the first part of the leak that contained “the history of Twitch’s source code; proprietary software development kits; an unreleased competitor to Steam, an online games store; programs Twitch was using to test its own security vulnerabilities; and a list of the amount of money that each of the site’s streamers has earned since 2019.”1
Many shared the need for tighter security and implementation of more best practices to ensure measures are taken so that a data breach like this does not occur again in the future.
Attack Discovered: October 6, 2021
Impact: Twitch experienced a data breach. Twitch shared on its website that passwords, full credit card numbers and automated clearinghouse/bank information have not been exposed, as login credentials are hashed with bcrypt.
Learn more about the Twitch data breach and its impact in this Times article.
Tesla’s Data Storage System Breached
The Verge reported that a team of Dutch forensic researchers was able to decrypt Tesla’s data storage system to use in crash investigations. Rather than sourcing the data from Tesla, the group was able to reverse engineer the company’s data logs to objectively assess them. The team’s motivation sprung from a lack of data from the source.
“Tesla … only supplies a specific subset of signals, only the ones requested, for a specific timeframe, whereas the log files contain all the recorded signals,”3 stated a National Forensic Institute Report.
Breach Reported: October 21, 2021
Impact: Tesla’s security practices should be enhanced to prevent a breach, but this also provides insight for investigators so they know what to ask for when researching a crash.
Read more about the Tesla data breach here.
Ransomware-as-a-Service (RaaS) Group FIN7 Recruiting New Talent
FIN7, the organization believed to have produced the software behind the Colonial Pipeline attack, is recruiting under a fake company. The Wall Street Journal reported that the fake company specializes in cybersecurity and is called Bastion Secure.2 The ransomware group is responsible for thousands of computer system attacks. Its focus has been obtaining and exploiting credit card information, but the group is shifting into RaaS.
The CISA, FBI and NSA published a joint alert warning of the threat of ransomware and sharing tips for organizations to implement to protect themselves.
Threat Discovered: October 2021
Impact: The growth of a RaaS group like FIN7 could increase ransomware attacks.
Learn more about FIN7 and how it is recruiting new talent in this Journal article.
It’s best to stay alert and protect your environment from potential threats. Read last month’s cybersecurity roundup here and download our latest eBook, Practical Cybersecurity: A Roadmap for Your Business, for the best cybersecurity practices and tips for building a solid cyberinfrastructure.
- Statement by President Joe Biden on Cybersecurity Awareness Month, White House, Oct. 1, 2021.
- A ‘potentially disastrous’ data breach hits Twitch, the livestreaming site., NY Times, Oct. 6, 2021.
- Ransomware Gang Masquerades as Real Company to Recruit Tech Talent, The Wall Street Journal, Oct. 21, 2021.
- Tesla’s driving data storage system hacked by Dutch investigators, The Verge, Oct. 21, 2021.