BTH News 12June2020
This Week In Cybersecurity
This week Between the Hacks reports on a cyberattack that shuts down Honda factories worldwide, a global vishing campaign attacks almost 100,000 inboxes, a UPnP vulnerability exposes millions of Internet-connected devices, update your Windows 10 systems now, and how to protect your digital privacy while protesting.
Honda Cyberattack Shuts Down Factories
On June 9, Honda became victim of a ransomware cyberattack. Honda confirmed to the BBC that work at the Swindon, UK plant has been halted alongside a suspension of other operations in North America, Turkey, Italy and Japan.
Chris Abbruzzese, a spokesman for Honda North America, told Popular Mechanics, ”no current evidence of loss of personally identifiable information. We have resumed production in most plants and are currently working toward the return to production of our auto and engine plants in Ohio."
After analyzing the ransomware, Malwarebytes wrote, this appeared to be a targeted attack since the ransomware was set to encrypt only if it could reach the hostname (mds.honda.com).
BleepingComputer reports that a European power company named Enel Group was also hit by the same ransomware on Sunday. This ransomware also encrypted only if it could reach a specific address on the Enel Group network (enelint.global). Luckily for Enel, the attack was successfully contained by the company's antivirus software.
Vishing Attack of Almost 100,000 Voicemail Boxes Worldwide
Phishing scams and attacks are a regular topic on Between The Hacks. Attackers are always looking for different ways to trick us into clicking on links or unknowingly sharing sensitive information online. With so many people working from home, these workers do not have physical access to their desk phones so voicemail has become an important part of keeping in touch with callers. Attackers understand this and have been launching email campaigns that look like PBX voicemail messages that are sent to the target’s email inbox.
Cybersecurity company, Ironscales reports, “In total, the voicemail phishing or “vishing” scam has threatened almost 100,000 mailboxes worldwide, targeting hundreds of enterprises across all industries, including real estate, oil & gas, engineering, IT, healthcare, financial services and more.”
A UPNP Vulnerability Exposes Millions of Internet Devices
Universal Plug and Play (UPnP), has had a long history of security issues and the latest vulnerability, CVE-2020-12695 has added another chapter to that history. The vulnerability, named CallStranger, “which is implemented in billions of networked and IoT devices – personal computers, printers, mobile devices, routers, gaming consoles, Wi-Fi access points, and so on – may allow unauthenticated, remote attackers to exfiltrate data, scan internal networks or make the devices participate in DDoS attacks” reports HelpNet Security.
If you do not need it running, be sure to disable UPnP on your router. You can test your network to verify that UPnP is not exposed to the Internet by using Steve Gibson’s UPnP Exposure test in his Shield’s Up service (follow the link and click the Proceed button, there you will see the UPnP Exposure test).
Update Windows 10 Now
The Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) warns of a new Proof-of-Concept (PoC) that exploits a vulnerability in the Windows 10 implementation of SMBv3. The vulnerability, named SMBGhost was discovered and patched by Microsoft but with the public release of the PoC means that attackers will likely be launching public attacks, searching for unpatched Windows 10 systems.
Lifehacker reports that the exploit, “takes advantage of an issue with Windows’ server message block protocol that could give an attacker unrestricted access to run whatever they want on an affected machine. (That includes servers, obviously, but also any unpatched clients connecting to one that has already been hit.)” To protect your Windows 10 system, ensure that you have installed the latest patches from Microsoft.
Tip of the Week
Digital Protection While Attending A Protest
Protests can be a powerful tool for groups of people to communicate their frustrations and demand change. The First Amendment of the United States Constitution states,
Masses of people are are exercising their right to peacefully protest in the U.S. and around the world so it’s important to know how to protect yourself, both physically and digitally, when participating in a protest. To help with this, the Electronic Frontier Foundation (EFF) wrote a Surveillance Self Defense Guide and one particular section addresses protecting yourself if you’re attending a protest. The EFF also provides some practical tips to record the police legally and safely, in their blog, You Have a First Amendment Right to Record the Police.