Another week means another episode of “Byte Sized News,” brought to you by PlexTrac. This week was a busy one for the cybersecurity industry! There are many interesting stories, new developments, and enormous breaches in the industry that are sure to both entertain and inform our readers. As always, this series isn’t intended to provide readers with details on every story and topic, but rather to fill busy professionals in on the most compelling developments in the field.
Without further ado, let’s get to this week’s top news stories!
Our first story from the week comes from SC Magazine. This article outlines a nefarious cyber attack on Honda. Snake ransomware appears to be the culprit of this attack on Honda, their third cyber incident in the past 12 months. This incident halted part of Honda’s operations for an extended period on June 9th. The finger was pointed to Snake after “samples of malware that check for an internal system name and public IP addresses related to Honda … surfaced publicly on the Internet” said Cerberus Sentinel VP of Solution Architecture Chris Clements. What’s worse is it appears that the Snake attack may have completely outwitted Honda, as the ransom note was left in “nearly perfect English,” which is a rare feat for threat actors.
The next article we want to highlight this week also comes from SC Magazine. NASA and any organization in its orbit are frequent targets of cyber attacks. The DopplePaymer ransomware gang recently claimed to have breached the NASA DMI, which only supports the theory that NASA is under consistent attack. This culminates with a proclamation from Atlas VPN that attacks on NASA had a 366% spike in 2019 to 1,468, compared to only 315 the year prior. This statistic is additionally compounded by the fact that NASA’s budget for cybersecurity has shrunk down to $3.1 million. Atlas VPN’s blog post only shines the light brighter on this issue, stating that “Cyber incidents at NASA can affect national security, intellectual property, and individuals whose data could be lost due to data breaches.”
Our next article from the week comes from Krebs on Security, a popular pick by our staff. This article talks about the co-owners of vDOS, who were recently sentenced to six months of community service by an Israeli court. This sentence, given to Yarden Bidani and Itay Huri, also comes with unnamed fines and probations. The duo’s DDos-for-Hire service was one of the most reliable and powerful on the market until its shuttering in 2016. vDOS was marketed as being able to launch attacks at speeds of up to 50 gigabits per second (Gbps), enough to take out most sites without active anti-DDoS protection. However, despite their crimes, the duo was given the lightest sentence possible, as both of the individuals were minors during most of their offenses. The maximum sentence for the crimes was two years in prison, a sentence Boaz Dolev, CEO of Clearsky Cyber Security, thought they deserved.
The next story from the week comes from InfoSecurity Magazine. This story details the cost of a new cyber weapon created by the U.S. Air Force, which will now cost over five times more than previously estimated. The United Platform program was initiated in August of 2018 as a part of the Department of Defense’s “Joint Cyber Warfighting Architecture.” The mission of the weapon is to develop a federated software platform to consolidate service-specific capabilities and data processing, sharing, and storage. To date the project has received funding of $152.19M, yet the GAO report states that it will take an additional $436.79M to complete. “UP did not have several key elements of its business case approved at the time of program initiation, such as approved requirements, a cost estimate informed by independent analysis, or a formal schedule risk assessment,” states the GAO report.
Our last headline of the week comes also comes from InfoSecurity Magazine. This article details the breach of Nintendo, the company behind many of the video gaming industry’s biggest characters. In addition to the 160,000 accounts that were compromised back in April, Nintendo reported another 140,000 accounts, bringing the total to 300,000. It has been reported that the accounts were “maliciously targeted,” but the passwords and overall security of these accounts have been restored and reset. The Japanese firm said that these accounts were “obtained illegally by some means other than our service.” This indicates that attackers potentially used credential stuffing, and were able to crack weak passwords or obtain them by phishing. Nintendo reiterated in an updated statement earlier this week that “fewer than 1% of global NNIDs (Nintendo Network IDs) were affected.”