Data breaches and criminal data markets. Media companies and infosec.

In one look.

  • Data breach at Bed Bath & Beyond.
  • Data from Israeli political parties remained exposed on the web.
  • Data sells like candy on the digital black market.
  • Comment on cyber incidents from media companies.

Data breach at Bed Bath & Beyond.

For many, a visit to the shower curtain department at home goods retailer Bed Bath & Beyond is already inspiring visions of Psycho’s infamous bathroom scene, but now shoppers might have a new reason to look. ‘to fear. Reuters reports that the alliteratively-named big-box store revealed it was investigating a potential data breach. The linens seller claims that a third party, armed with information acquired through a phishing scam, was able to gain unauthorized access to the company’s hard drive and several employee shared drives. Potentially exposed data is being reviewed to determine if sensitive information has been compromised.

Data from Israeli political parties remained exposed on the web.

The post of Jerusalem reports that Israel’s Shas party’s election management system may have suffered a security breach, exposing sensitive voter data. News of the incident was leaked on the CyberCyber ​​podcast by an anonymous source who said they discovered the issue through an automated online scan tool. Later verified by software architect Ran Bar-Zik, the breach was the result of a four-year-old vulnerability in a PHP-based system debugging tool. The bug has now been fixed, but it is unclear if it was exploited before the system was secure. The compromised data includes detailed personal data on potentially millions of Israeli voters, including family information, phone numbers and even bank account details. The Interior Ministry provides Shas and all political parties with the voter register before each election, forcing the party to destroy the information once it is used, but it appears that Shas has not deleted the voter register. data after each electoral round. A Shas spokesperson said: “The Shas party has operated professional and reliable election software for many years, like all other parties in Israel, and maintains a legally registered database. All information held by Shas is lawfully collected by it and held and retained. in accordance with the law, accompanied by the best cybersecurity experts in Israel.

Data sells like candy on the digital black market.

A series of recent high-profile data breaches in Australia led to citizens’ personal data being put up for sale on the dark web, and the Guardian take a closer look at these underground markets. Dean Williams, systems engineer at NortonLifeLock, explains that a hacker looking for data has many possibilities at their fingertips. “You can often find verified data breach stores where you can search by organization name and have access to the full list all the way to buyer-seller platforms where you can buy different levels of [personal information] at different amounts,” says Williams. And with larger underground forums offering cybercrime products as a service, even relative newbies can easily access the tools to perform more sophisticated attacks. “This means people can enter the world of cybercrime without having traditional cybercrime skills, because you’re just ‘buying bad’ or renting,” says Katherine Mansted, director of cyberintelligence at CyberCX. While the police are able to locate and shut down these underground forums, much like zombies that just don’t die, they are often resurrected in the same format under a new URL. As Brett Callow, Threat Analyst at Emsisoft summarizes, “Unfortunately, there is so much money to be made from cybercrime that there will always be people willing to step in to fill gaps in the ecosystem.” .

Commentary on the Thomson Reuters data incident.

Observing the breach at Thomson Reuters (described hereby the Record) and the New York Post insider incident (described here per Variety), Dan Vasile, vice president of strategic development at BlueVoyant and former vice president of information security at Paramount, shared some thoughts on the particular challenges facing the media when it comes to data security.

“Recently reported cybersecurity issues with Thomson Reuters and the New York Post highlight the media industry’s cybersecurity challenges. The media industry can be targeted for the large amount of data it contains. In the case of Thomson Reuters, it is reported that sensitive customer data could have been leaked. While the company immediately addressed the issues, the incident highlights how easily malicious actors could take advantage of any cybersecurity weaknesses.

“In the case of the New York Post, one of New York’s largest newspapers, it is reported that access to its content management system and social media accounts was abused by an insider to publish offensive articles and tweets.This highlights another reason why the media can be targeted – for the eyeballs they receive.This is similar to the incident with Fast Company a few weeks ago, when he was targeted for sending obscene messages to Apple News users.

Businesses, regardless of their industry, must now also be aware of defending the digital supply chain. They may find themselves targeted for their access to one of their customers or vice versa. In general, mainstream media have implemented structured cybersecurity programs. However, the industry has evolved over the years, expanding the production and distribution of content by both traditional and new, embracing new technologies, and this has created a more distributed and fragmented third-party ecosystem. Additionally, as companies’ internal networks become more well-defended, often a member of their digital supply chain, such as a vendor or supplier, is the weak link.

“Our own recent research into the media industry has revealed security weaknesses and vulnerabilities across a number of vendors that support the media industry, suggesting that, as an industry, media is facing significant cybersecurity challenges The third-party media ecosystem is complex, making it difficult for companies to securely produce, distribute and manage content From concept to camera and from camera to consumer , media companies are dependent on vendors, service providers, partners, and technologies. Exploitation of identified weaknesses and vulnerabilities can lead to potential loss of content and operational disruption.

“It is important to note that media companies, like companies in all industries, must continuously monitor their suppliers to quickly remediate any potential attack. Companies should also promptly remediate their systems and require their suppliers to do The time it takes for cybercriminals to exploit known vulnerabilities is decreasing, so organizations need to patch faster.

Comments are closed.