Podcast 1 — Cyber News brief

This article is the transcript of the cyber threat intelligence bi-weekly podcast brought by Cybercure.ai, This episode of the podcast was released on June 22 , 2018.

This article is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

In this article we will focus on the latest cyber events for non-technical people; anyone can read and understand.

CARS

Cyber security in Autonomous cars is becoming more and more important,

most of the cars today are connected to networks or able to communicate in one way or another.

Last week it was published that Chinese researchers from Keen Security Labs were able to disclose details of more than 14 different vulnerabilities in BMW cars.

The vulnerabilities that were found could ultimately lead to the vehicles being hijacked remotely, or having important parts compromised.

Because of the sensitivity of the details, most of the specifics related to the attacks are left confidential and expected to be released after the successful patching of the cars.

BMW has already started to roll out fixes to car owners and is expected to finish the process during 2019.

This group of researchers is also responsible for publishing multiple vulnerabilities in Tesla (the electric car company) earlier this year.

Keen Security research is part of Tencent group But one still can wonder what would happen if someone with different attentions will be able to exploit this vulnerabilities before they are patched.

HEALTHCARE

Healthcare devices are being attacked regularly, and unfortunately don’t receive enough attention yet.

Security researchers from MediGate security firm worked together with Philips to patch vulnerabilities discovered in patient monitoring devices manufactured by Philips.

This vulnerabilities allow attackers to overwrite the device memory, causing denial of service to the monitor itself, or the ability to use it as a source to attack other targets.

We have already seen in the past examples of malware that replicates itself on medical devices in order to use the computing power to perform attacks or even to mine cryptocurrency.

UK OFFENSIVE CYBER ATTACK

Recently, the head of the UK’s intelligence agency went out to the public to announce that the nation had officially launched a successful offensive campaign against ISIS.

Jeremy Fleming, director-general of the UK’s Government Communications Headquarters (GCHQ) said, “In 2017, there were times when ISIS found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications.”

When asked if it worked, he answered, “I think it did. This campaign shows how targeted and effective offensive cyber can be.”

So to sum it up:

Cyber weapons are here, and here to stay. They will only become more and more common.

NATIONAL PHISHING ATTACKS

Turkey’s defense and infrastructure contractors are under cyber attacks lately.

Fake emails pretending to be from the tax collection of the Turkish government have been sent to multiple organizations, targeting key people.

The email asks the victim to fix ‘problems’ detected in official tax forms by filling new attached forms.

The attached files, contained an hidden malware that gain control of the computer when executed in addition it also allows remote monitoring of the computer’s files, camera, audio and capturing screenshots, all from remote.

It is unknown at this point who stands behind the targeted attack.

VIGILANTE ATTACK AGAINST IRAN

An attacker decided to attack Iranian data centers that host many computers.

Iran’s IT Minister commented on the attack:

“Several Iranian data centers came under cyber attacks tonight. Some of the smaller routers have been changed to factory settings.”

The Iranian minister chose to to tweet about it and said there was an emergency meeting taking place. Twitter is not available for the general public in Iran so it’s not clear who was this message meant for.

The attacker used a known vulnerability of Cisco routers which were not patched, and as a result he left a drawing of the American flag with the message/warning:

“Don’t mess with our elections.”

Thats it for this time.