Week 15 Cyberattack Digest 2019 – honeypots, Zain Qaiser, Carleton University and others
It is Monday today, which means that we have a new portion of cyber news for you. Have a look at our new week 15 cyberattack digest.
Each honeypot is attacked 13 times per minute
by Business Standard News – 10 April 2019
A honeypot, cloud server at Mumbai, experienced more than 678,000 attack attempts over 30 days. During the same period, a US-based honeypot at Ohio recorded over 950,000 login attempts. A honeypot is a type of system able to mimic likely targets of cyberattackers. It was designed for security specialists for monitoring cybercriminal behavior. The first login attempt on the Mumbai honeypot was made within 55 minutes and 11 seconds of its existence. The fact that over five million registered attacks were performed on the global network of honeypots within a month clearly demonstrate that hackers are constantly scanning for weak open cloud buckets. Each cloud server was subjected to 13 attempted attacks per minute with the most common password used by attackers in login attempts was 123456. “Instead of inundating security teams with a massive number of undifferentiated alerts, Sophos Cloud Optix significantly minimises alert fatigue by identifying what is truly meaningful and actionable,” commented Ross McKerchar, chief information security officer (CISO) of Sophos.
Pre-electional DoS attack in Finland
by Bloomberg – 10 April 2019
Finnish police are examining a denial-of-service attack that affected a web service last weekend, less than a week before national elections. The attacked website is dedicated to publishing vote tallies. When it comes to elections, Finland has no electronic voting system. Luckily, the attack didn’t interrupt the voting process or ballots counting. According to the police, the incident also cannot have an impact on the election result. If performed on on election night, such attack could seriously affect the media’s access to election results undermining public trust in the elections. The police has no suspect so far. A general election will take place on April 14, polls open from 9 a.m. local time to 8 p.m. local time and the results of advance votes cast April 3 to April 9 are disclosed.
Hacker who blackmailed adult website users
by BBC News – 9 April 2019
Zain Qaiser from Barking, London, is called the most prolific cyber criminal to be sentenced in the UK. He made hundreds of thousands of pounds by blackmailing pornography website users with cyber attacks. A talented student has been kept in jail for more than six years at Kingston Crown Court. Qaiser used his programming skills and scammed visitors to pornography sites around the world. The investigation showed that a young man had had over £700,000 of his profit; experts presume that his network may have made more than £4m. “The harm caused by your offending was extensive – so extensive that there does not appear to be a reported case involving anything comparable,” said Judge Timothy Lamb QC.
Canadian students against cyber attacks on autonomous vehicles
by CTV News Ottawa – 11 April 2019
While some people are seeking for new attack methods, other ones are inventing new ways to resist cybercrime. As the future of connected autonomous vehicles in Canada is fast-approaching, last Thursday, Carleton University students in the Information Technology program (BIT) conducted testing of self-driving vehicles against cyber-attacks and potential threats. “I think the biggest threat is coming from technology and human beings” said Richard Yu, professor in the School of Information Technology. In 2017, Richard Yu secured funding from the Canadian Safety and Security Program for research on securing new connected and autonomous vehicles. Several autonomous vehicles were controlled by systems and special communication signals and were tested through a pilot project on a 6-kilometre stretch on West Hunt Club. 12 special traffic signals were designed to collect data from the connected vehicles. “Soon enough, stop signs, four-ways, traffic lights even, yield signs, we’ll be able to stop at those,” commented Fayez Chedid, a programmer with the project. “Before we do that we’re safety testing them so we’re going to hack them, we’re going to do threat analysis and we’re going to make sure they’re actually safe to go out and do those projects,” said Kelly Daize, director of Invest Ottawa’s Autonomous Vehicle Program.
There always will be people willing to attack you and the ones that will be striving for security. That is all for today. Never forget to care about your security in advance and follow us on Twitter, Facebook, and LinkedIn.