This week, while you were overstuffing yourself with holiday goodies, some interesting cyber events took place in cyber land. Don’t worry, we were here to gather the info for you. So pour your cup of “liver detox tea” and read about darkness, espionage and one false attack.
The Ukraine Goes Dark (Again)
Last December Ukraine earned a dubious title, that was bound to happen but nobody really wanted: that as the first confirmed hack of a nation’s power grid.
Well, they say history is sure to repeat itself, and once again it has: shorty before Christmas about one-fifth of Kiev’s power grid went out, a reported 200 megawatts of capacity. Just like last time, Ukraine is blaming Russian hackers for the attack.
A power outage of that she has only two possible explanations, either a system failure or an external attack. There have certainly been some impossibly large-scale power outages in the world, but generally those have been due to some sort of equipment malfunction.
External interference with a power grid is incredibly difficult, even though power systems are computerized, because networks are intentionally only internally connected.
That wasn’t the case in the Kiev attack, though. Internal IT investigators were able to identify external communication and thus interference.
All of this comes on the heels of other web-based attacks on Ukrainian operations in the finance, defense and state treasury departments which have temporarily taken down websites and disrupted function. Such targeting of Ukrainian government-based operations is the main indication, to investigators, that Russia is behind the attacks. Russia’s ultimate plan for Ukraine remains to be seen, but signs still point to an eventual hostile takeover.
Los Angeles County Employee Data Leak
Every business and individual receives numerous phishing attacks, and it only takes one wrong click to create a cyber incident of magnitude. That’s exactly what seems to have happened in LA County, according to recent information they’ve released.
The incident took place in May 2016, and appears to have been targeted specifically to county employees. An estimated 756,000 people in the county may have had their personal data compromised: names, addresses, dates of birth, Social Security numbers, financial information and even medical records, were all impacted. While many were county employees themselves, others were also clients or patients who had received services from county departments, such as the LA County Department of Health and Human Services.
Investigators claimed to have discovered the breach immediately after the attack, but delayed reporting the incident so as to not compromise the investigation. They also believe they know the source of the attack, originating in Nigeria, and intend to seek extradition and prosecution.
In the meantime, a free credit monitoring service, for a year, will be offered to those who may have been affected by the leak.
Georgia Claims to have an Election Breech
On the other side of the United States, Georgia Secretary of State Brian Kemp claimed that his state was hacked by the Department of Homeland Security. When the response from the DHS head did not alleviate his concerns, he appealed to president-elect Donald Trump to investigate.
By some claims it was even Russia attempting to interfere with the election process in Georgia.
Microsoft got involved, because as it stands it seems a simple copy-and-paste action into a government employee Excel spreadsheet caused the panic: using the state website to verify credentials and then posting links to the data for DHS.
What We Learn
As usual, there are a few important life lessons in the cyber verse each week. This week we learned:
1. Once again, not to take the bait on phishing scams,
2. That our personal data is only as safe as the weakest link that houses it
3. And that some “hacks” are nothing more than fear
And since knowing is half the battle…we’ll see you next week.