Hub Weekly Digest: Quantum-Resistant Encryption, FirstEnergy, Accellion Data Hack and North Korean Hackers, Microsoft Exchange
HUB Security’s weekly digest covers top stories happening around the world related to cyber attacks, threats and global cybersecurity news.
Join our webinars on the most relevant cybersecurity topics trending in 2021 — stay up to date via our LinkedIn and Twitter.
HUB Security’s upcoming webinar ‘Stopping Ransomware Using AI’ taking place September 9th. We are thrilled to host Dr. Celeste Fralick, Chief Data Scientist and Senior Principal Engineer at McAfee and discuss the challenges in developing AI algorithms for ransomware protection. Register here.
U.S. National Security Agency Issues Update on Quantum-Resistant Encryption
The U.S. National Security Agency (NSA) has issued a FAQ (PDF) titled “Quantum Computing and Post-Quantum Cryptography FAQs” where the agency explores the potential implications for national security following the likely arrival of a “brave new world” beyond the classical computing sphere.
As the race for quantum computing accelerates, with a myriad of players attempting to achieve quantum supremacy through various, exotic scientific investigation routes, the NSA document explores the potential security concerns arising from the prospective creation of a “Cryptographically Relevant Quantum Computer” (CRQC). (Source)
Electric Company FirstEnergy Gets Hacked
FirstEnergy is asking all online customers to reset their passwords after a security check uncovered an attempt to breach their accounts. The electric company began informing customers Sunday morning via email of the need to update their passwords following the attempted breach, which a spokesperson said was largely unsuccessful and would have given hackers access to only limited information like customer names, email addresses, street addresses, last four digits of bank or credit card accounts, and phone numbers. All online accounts have been locked. Users who try to log in will be sent an email with instructions to reset their password. (Source)
University of California Refuses To Disclose Information Regarding Accellion Data Hack
The hack, which targeted a vulnerability in the Accellion file transfer appliance used by the UC, leaked personal information such as social security numbers and personal addresses of students, staff, faculty and applicants across the UC system.
In accordance with California’s Public Records Act (CPRA), the Nexus submitted a request to both the UC Office of the President (UCOP) and UC Santa Barbara CPRA offices on May 10, 2021, asking for the offices to provide any and all internal university communication that discusses or mentions the UC Accellion data breach. Both parties refused to comply with the request. (Source)
The Incredible Rise of North Korea’s Hacking Army
Foreigners find it profoundly difficult to understand what is happening inside North Korea, but it is even harder for ordinary North Korean citizens to learn about the outside world. A tiny fraction of one per cent of North Koreans has access to the Internet. Yet, paradoxically, the North Korean government has produced some of the world’s most proficient hackers.
At first glance, the situation is perverse, even comical — like Jamaica winning an Olympic gold in bobsledding — but the cyber threat from North Korea is real and growing. Like many countries, including the United States, North Korea has equipped its military with offensive and intelligence-gathering cyber weapons. (Source)
