Cyber security news roundup: October

Published on: 2 Nov 2021

We're rounding up some of the biggest cyber security stories of the past few weeks. In October, GCHQ warned of the growing ransomware threat, research revealed that many firms are failing to secure their cloud data, and Tesco and Twitch were both targeted by hackers.

'New approaches needed' to fight cyber threats

Cyber security pros will need to develop new approaches and ways of thinking if businesses and governments are to counter the next generation of threats, the former director of the Cybersecurity and Infrastructure Security Agency (CISA) has warned.

Speaking at the (ISC)2 Security Congress 2021, Chris Krebs said the past five years have been "crazy" with high-profile attacks including the WannaCry and Notpetya ransomware and large scale attacks on organisations like Equifax and Colonial Pipeline, and greater cooperation between the public and private sector is vital is tackling such incidents.

He also noted that state-backed attackers in China and Russia are increasingly active, and described Russian interference in the 2016 US presidential election as a "Sputnik moment" for the sector that should have been a wakeup call on how cyber attacks can threaten democracy.

Tesco services knocked offline following cyber attack

An attempted cyber attack targeting the UK's largest supermarket this month, leaving customers unable to access online services or order groceries after Tesco's website and mobile app were taken offline.

The supermarket initially described the outage as an "issue", but later confirmed it was the result of a deliberate attempt to disrupt its activities. The firm said: "An attempt was made to interfere with our systems which has caused problems with the search function on the site."

It added there was no reason to suggest customer data had been compromised, which may indicate the hacking efforts were unsuccessful, though several customers were left frustrated by difficulties in changing orders and a lack of communication from the company.

UK ransomware attacks doubled in last year, says GCHQ

The number of ransomware attacks targeting UK businesses has doubled over the last 12 months, according to the head of intelligence agency GCHQ.

Director of the body Jeremy Fleming told the Cipher Brief annual threat conference this month that the tactic had become especially popular among criminals as it has a very high success rate. He said: "It just pays. Criminals are making very good money from it and are often feeling that that’s largely uncontested."

While GCHQ did not give details on the exact number of attacks in the UK, a recent report from the US also highlighted the scale of the problem. Figures from the US Treasury found suspicious ransomware-related transactions were worth around $590 million (£428 million) in the first six months of 2021. Meanwhile, the top ten hacking groups believed to be behind this activity have made around $5.2 billion worth of bitcoin over the past three years.

Most firms still failing to secure cloud data, report finds

The majority of businesses around the world are still leaving valuable data unencrypted on public cloud services, which could present a tempting target for hackers, a new report has found.

Thales' 2021 Global Cloud Security Study, which surveyed over 2,600 executives across 16 countries, revealed 83 per cent of organisations still keep at least half of their cloud data unencrypted. This is despite the fact that four out of ten firms (40 per cent) experienced a cloud-based data breach in the last 12 months.

Sebastien Cano, senior vice-president for cloud protection and licensing activities at Thales, commented: "A robust security strategy is essential to ensuring data and business operations remain secure. With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect and maintain control of their data."

Twitch source code and financial data published following hack

Source code and financial information for popular streaming service Twitch has been published online following a data breach, highlighting the threats posed to sensitive and proprietary information held by businesses.

Around 135GB of data was posted anonymously online, including source code for mobile, desktop and console Twitch clients, code related to proprietary SDKs and internal AWS services and three years worth of details regarding the payments that firm has made to its most popular streamers.

Twitch stated on Twitter: "We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this." The leaker of the data suggested a dislike of the company's business practices was the motivation behind the hack, adding the release would "foster more disruption and competition in the online video streaming space".