Cyber Vigilance Update

Today’s Connection

Cyber Engage Update - 17/05/2023 V1 (#23) (#24) (#25) (#26) (#27)

Office Alert

Hacktivism 

An old Threat rearing it’s Head Again

Intelligence and Law enforcement agencies are becoming more aware of malicious activity targeting the websites of Australian organisations by issue-motivated (“hacktivist”) groups.

Hacktivists’ methods may include data theft, distributed denial of service (DDoS) attacks, website defacement, or the use of social media to spread awareness about a cause. Examples of this occurrence include:

  • Russia-Ukraine War
    Ukraine’s IT Army also mobilized to launch cyber attacks directed towards Russia while recruiting skilled volunteers around the world to operate under Ukraine’s directive. Their goals were to coordinate DDoS attacks against select Russian targets and to conduct more complicated cyber operations.
    The cyber operations that were carried out during the Russian-Ukranian war have set a precedent for what future cyber warfare may look like between major world powers.
  • LulzSec
    LulzSec was a blackhat hacking group known for several high-profile cyber attacks, such as taking down the CIA website offline for a couple hours and compromising millions of user accounts from the PlayStation Network in 2011.

In March 2023, hacktivist groups began targeting the websites of Australian organisations in response to alleged religious sensitivities caused by an Australian organisation.

The activity is dubbed #OpAustralia and has primarily involved distributed denial-of-service (DDoS) and defacement of websites associated with Australian small-to-medium businesses.

Of particular importance was the targeting of websites and internet-facing services of Critical Infrastructure entities.

Impacted companies report experiencing outages to their external websites. To date there have been no reports received of any significant disruption to services because of this activity.

Whilst in theory any organisation can be targeted for hacktivism, those groups engaged in activities that may incur the wrath of opposition organisations of any nature are very susceptible to this form of attack. These can include resource companies, political groups, agriculture industries etc.

What can I do?

Businesses are strongly encouraged to review the security and integrity of their websites and any other internet-facing services particularly focusing on the following areas:

  • Preparing for and Responding to Denial-of-Service Attacks
  • Securing Content Management Systems
  • Do not assume because your cause is popular today that it will remain so.

Home Alert

Looking for Love? 

Be wary, there may be people interested in stealing more than your heart!

A pair of dating sites in the US have suffered a data breach, leading to some very sensitive user information leaking online.

The loss of data now confirmed includes:

  • usernames,
  • IP information,
  • location,
  • dates of birth, and
  • sexual orientations.

In addition, Private chat logs were also breached, as well as passwords — which were stored as salted MD5 hashes. Both sites also have apps on Google and Android devices.

The sites in question appear to be less mainstream and potentially may have had lower levels of security than other high-profile sites. Whilst the hack is relatively straight forward, the sensitivity of information highlights the severity of incidents of this nature.

It is believed the hacker is currently selling the two datasets on a dark web forum and it is estimated the number of people affected at 177,554.

At the time of writing this, we note, that despite the breach occurring in February, neither site has posted any notice of the breach for their users.

What can you do?

Dating apps are popular across society and like many other forms of social media, the same controls should be applied as per any other forum. It should be recognised that lesser-known sites are more likely to have criminal links and the potential for malware or other forms of attack are more likely than not.

If you believe you are the victim of such an attack perform the following immediately:

  • Close the account,
  • Cancel any payments made (if any),
  • Monitor your bank account for suspicious activity, and
  • Report the event to nominated government entities responsible for cyber security.

This week's Training module

MODULE 4

Cyber Threat Reporting (1/1)

Cyber Security Vigilance Program

Version 16-11-2022

Cyber Security Vigilance

homeapartmentcloud-downloadlinkcross