Cyber Week in Review: Cellebrite, ESEA & Ukrainian Power Outage

Media Division | January 27, 2017

They say it’s all fun and games until someone loses an eye…or in this case, until you play the player or lose power: it’s another week and the cyber verse was once again a-buzz.  So here we are with three of the top, most fun, cyber news from last week.

Learn a few lessons, or at least have a few laughs, because this week the players got played.  And that’s where we’ll start.

Hacking the Hackers

Remember all the talk about hacking into iPhones…the FBI wanted Apple’s source code to hack the iPhone of the alleged San Bernardino shooter, Apple said “no way, Jose” and then the whole thing kinda got dropped anyway?

Why?

Because the FBI found another way to hack the phone, meaning another resource.  While no one went on record officially claiming that responsibility, the Israeli “digital forensics firm” Cellebrite has been known to take government hacking contracts before.

Well, karma’s a…you know, because now Cellebrite is making their own headlines for being hacked.

Someone sent the tech site Motherboard 900 gigabytes of data.  Cellebrite says they are notifying affected customers, who may have had contact information and passwords stolen.

Game-maker isn’t Playing

Speaking of leaked user data, the E-Sports Entertainment Association got played, and decided not to play.

The FBI has been reporting for months that ransomware is on the rise.  Phishing scams, insider attacks, and other sources can all put ransomware on a network.  In fact, it’s difficult to know the exact numbers of ransomware incidents each year, because some businesses would rather pay the ransom and do their best to avoid a PR situation, than risk losing their data to hackers.

High-target organizations such as hospitals are even being advised to have ransomware security measures in place, such as back-ups that can allow for a data roll-back to prior to the ransomware hijack.

In December, it seems ESEA faced a malware demand: pay us $100,000 or we will leak your data.  After a period of time, which may have included a deliberation period, ESEA decided to take a stand and refuse to negotiate with hackers.

What followed was a leak of more than one and half million user records from the gaming community of such games as the Counter-Strike series.  The data possibly includes personal information such as players’ usernames, email addresses, passwords (encrypted), security question answers (also encrypted), phone numbers and IP addresses: plenty of information to hijack your identity if you did not quickly change it.

Of course, the encrypted passwords would still need to be cracked, and ESEA said they used bcrypt, which meets industry standards.  Then, a few days later, the hacker accessed server infrastructure and changed every players’ karma to -1337.

ESEA issued some pretty standard advice, but if you do not already do these 3 things, you absolutely should (regardless of whether or not you’re an online gamer):

1. Change your password and security question/answers anytime an account is compromised (ESEA, Yahoo, or any other data breach in the news).

2. Use passwords specific to each site you use (never the same password on multiple sites).

3. Be alert to phishing attempts, which often come in the form of unsolicited information from a seemingly legitimate source asking for personal information.

That’s how the game is played: learn from the failures of others.

Lights Go Out (Again)

In December 2015 the Ukrainian power grid lost power, in what appeared to be a Russian hack.  In December 2016, it happened again (though on a smaller scale and in a different way/zone).  Other than the fact that Russia and Ukraine aren’t getting along particularly well these days, could something else be in the works?

The Ukrainian infrastructure uses SCADA (supervisory control and data acquisition) techniques for gathering data from remote locations, similar to power plants (and telecommunications, transportation, waste and water control and so on) around the world.

The repeat attack has experts speculating that SCADA hacks in the Ukraine may be test beds for future attacks, possibly bigger and more malicious in nature. Like other hardware/software communication systems, when vulnerabilities are discovered it can take long periods of time (weeks, even) for patches to be created and installed: a formula for global SCADA zero-day vulnerabilities.

A little alarming? Perhaps.  And if our cyber week in review themes this week were karma and games, this one might come back around and not be much fun.

So change those passwords, and consider investing in a back-up generator.

Media Division
MEDIA DIVISION
Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.