I was able to spend some time digesting the recently released 2020 Internet Crime Report from the Internet Crime Complaint Center (IC3). The numbers are staggering, but not surprising to those of us who are exposed to Internet facilitated crime on a regular basis. The one statistic that I found strange was the significant increase in “extortion”. The report really doesn’t explain what they consider an extortion or why there was a realized 78% increase in victimization. It is probably a matter of semantics but I explored the issue a little more here.
Money Launderer’s love art
Well at least bad art at inflated prices. This Tech Crunch article digs deeper into the likelihood that NFT’s - Non Fungible Tokens will become the transaction of choice for those looking to hide and transfer ill-gotten gains. The author correctly points out money laundering is “already a huge issue in the art world, and NFTs are comparable to art, with even more erratic pricing right now”. Much like when we see someone buy a figure made of Penne pasta for $2500 from an ETSY shop. https://techcrunch.com/2021/03/24/nft_users/
Who insures the insurer?
Commercial insurance provider CNA Hardy has sustained a cyber attack that is significantly affecting it’s operations. Gizmodo reported the companies network and phone systems were completely down. Graham Culley published on Sunday that the disruption was indeed the result of a ransomware attack. CNA is reportedly the sixth largest insurance provider in the United States. https://grahamcluley.com/cyber-insurance-giant-cna-hit-by-ransomware-attack/ https://www.msn.com/en-us/news/technology/a-cyberattack-allegedly-knocked-insurance-giant-cna-offline/ar-BB1eTokH
More Covid-19 themed attacks
Paloalto Networks cyber threat intelligence group Unit 42 published this extremely detailed report concerning pandemic themed phishing attacks where the attackers are publishing websites imitating vaccine and protective equipment providers. Unit 42 reports “Since January 2020, we have observed 69,950 phishing URLs linked to COVID-related topics, of which 33,447 are directly linked to COVID-19 itself”. https://unit42.paloaltonetworks.com/covid-19-themed-phishing-attacks/
U.S Banks increasingly under attack
You don’t say? Forbes reports that U.S. banks and financial institutions have become a prime target for Chinese threat actors. The article points out “Cyber-attacks against major financial institutions have grown significantly in recent years. An analysis in 2015 found that financial organizations were targeted four times more than other industries. Only four years later, financial firms experienced as many as 300 times more cyber-attacks than other companies.” https://www.forbes.com/sites/roslynlayton/2021/03/17/hackers-are-targeting-us-banks-and-hardware-may-give-them-an-open-door/?sh=41c5926714dc
Insider Threats and revenge
File this under “revenge is a dish best served cold” and “Insiders are a threat even when no longer inside”. The U.S. Attorneys Office for the Southern District of California has announced the sentencing of an IT contractor that returned to his former employers network and deleted 1500 Microsoft Office 365 accounts. This attack occurred 8 months after the contractor had been removed from the job and had returned to his home country of India. This is a excellent reminder to monitor for the use of credentials from former employees and contractors. https://www.justice.gov/usao-sdca/pr/it-contractor-sentenced-two-years-deleting-carlsbad-company-s-microsoft-user-accounts
The Rest…
Things continue to go bad for Michigan based Flagstar Bank as it’s revealed their victimizer is now publishing customer data they exfiltrated during a ransomware attack. https://hotforsecurity.bitdefender.com/blog/bank-loses-customers-social-security-numbers-after-ransomware-attack-25524.html
I like browser extensions so this is distressing. Researchers have identified two dozen malicious Google Chrome browser extensions and 40 associated malicious domains that install adware on victim systems and steal credentials. https://www.darkreading.com/vulnerabilities---threats/researchers-discover-two-dozen-malicious-chrome-extensions/d/d-id/1340482
Kaspersky reports that only half (52%) of global businesses have a dedicated cyber security department. 71% expect to invest in security within the next three years. Three years? You’ll be a victim three times over by then. https://www.information-age.com/only-half-enterprises-have-dedicated-cyber-security-department-kaspersky-123494401/
Speaking of Non Fungible Tokens, ARS Technica published their “non fungible guide to NFT’s” just in time for addition into this week’s edition. https://arstechnica.com/gaming/2021/03/ars-technicas-non-fungible-guide-to-nfts/
Banking app Beam gets axed by the FTC. https://www.cnbc.com/2021/03/29/ftc-shuts-down-savings-app-beam-under-tentative-settlement.html
Cool Tool
Break YouTube videos down frame by frame with Watchbyframe.com
Cool Job
I would definitely being looking into this Global Intelligence Investigator job with Coinbase if I was at a slightly different place in my career. Life is a game of inches!
“The squeaky wheel doesn’t always get the grease, sometimes it just gets replaced.” - Someone smarter than me.
Thank You so much for reading this weeks issue. Please consider sharing with others.
Matt