17 Dec After hacks
Faster Networks write about all things digital security, mostly targeting international hacking news, security breaches and digital fraud but often we go left and discuss digital Defence, cyber leadership and Irish luck! We trace these stories and report on them in the early days, as it happens or as it is reported in mainstream media but rarely do we get the opportunity to follow up what actually happened following an investigation. The collection of stories relating to government services being compromised or big business going off line until further notice is astounding. Are the said actions actioned? We find out at the end of 2021, a year of monumental nothingness and everything simultaneously, what happened after the fall?
In late 2020, the Reserve Bank of NZ became the victim of an attack on a 3rd party file sharing service and engaged KPMG to undertake an independent review. The story behind the security breach was our first blog in 2021. The report was released in June and the summary of findings can be found here. We know now that the Accellion FTP was being used as a file sharing service and was breached in many other organisations from the 16 December 2020. We also understand from the report that the Reserve Bank of NZ were not informed or warned that an attack was imminent or there was a breach until after the fact. The software updates to mitigate security risk released by Accellion were not received from the bank, as in the comms were somehow not received and, therefore were not installed with urgency, which if known and acted upon when first released, could have significantly reduced the impact of the breach.
One interesting finding was the evolution of use of the file transfer system to other parts of the business, such as information storage and collaboration. That was not an intended use in the guidelines and therefore much of the information that was breached was not meant to be there anyway. Good lesson to learn albeit the hard way. The key recommendations are a goldmine for other companies to adopt as a preventative measure, like, do your staff know the Major Incident Response Plan and how to implement it? Who is responsible for the various aspects? This is the essence of security controls, there will be an event, how you handle it is commensurate with the fallout, for customers, staff and corporate reputation and finance.
At risk of this blog post turning into a thesis, the Pegasus software story was truly movie like in its unravelling and international reach. The essence was that some countries had been sold software from Israeli company, NSO Group, to spy on citizens on home turf and beyond, some of these countries have authoritarian governments in charge and bear terrible human rights records. Journalists were targeted. And also a princess.
The latest in this epic tale comes from Al Jazeera news. Highlighting the financial woes and potential buy-outs from hedge funds that will ultimately rebrand NSO and potentially shut down the Pegasus software unit. Pegasus software has been put on the U.S. blacklist for the misuse of software that “has landed NSO at the center of high-profile privacy and human rights abuse cases.”
Apple Inc. filed a law suit in November against NSO Group and its parent company for the breach of privacy on its users and said that they would alert customers to surveillance and targeting from Pegasus software. This is a win for the broader population because the journalists and dissidents that report on government and corporate corruption need digital security and protection in the investigation and reportage of topics that affect us all.
Thank you for following the Faster Networks blog in 2021. There has been lots to cover in the digital security sphere this year, it is a never-ending trove as the technology moves faster than the application and user adoption. Here are some predictions for 2022 to keep you going until Faster Networks’ blog returns next year.
Faster Networks help businesses protect their digital assets. We are a cyber security partner that brings the best software solutions that anticipate and fix digital vulnerabilities. Our areas of expertise includes Vulnerability Management, Security Orchestration Automation and Response (SOAR), Application Security, Infrastructure Security, Distributed Denial of Service (DDoS) Protection and Application Pentesting.