June Cyber Briefs

Worldwide news of cyber crime, research and more

This month’s briefing from our colleagues at the Multi State Information Sharing and Analysis Center includes reports that Seminole County in Florida will start accepting a crypto currency for payment, and the FBI’s Internet Crime Complaint Center received more than 300,000 complaints in 2017. Also, Serbian authorities made an arrest in connection with cyberattacks that targeted K-12 school districts, private universities, and private healthcare facilities last year.

Seminole County, Florida to accept Bitcoin and Bitcoin Cash for Payments

Seminole County, Florida, will be the first local government to accept payment in Bitcoin and Bitcoin Cash for county services. This arrangement will be facilitated by a third party vendor called BitPay, who will convert the cryptocurrency into U.S. dollars. The transaction fees associated with credit cards are between 3 and 4%, while BitPay transactions fees are only 1%, which Seminole County hopes will save citizens money.

DHS releases national cybersecurity risk strategy

On May 15, 2018, the U.S. Department of Homeland Security (DHS) released its new Cybersecurity Strategy, which provides a five year strategic and operational framework to improve “national cybersecurity risk management.” The framework is directed by the National Defense Authorization Act (NDAA) of 2017 and identifies goals under five pillars: Risk Identification, Vulnerability Reduction, Threat Reduction, Consequence Mitigation, and Enable Cybersecurity Outcomes.

FBI’s Internet Crime Complaint Center receives complaints totaling more than $1.4 billion in losses last year

The Internet Crime Complaint Center (IC3) released the 2017 IC3 Internet Crime Report. The report focuses on incidents such as Business Email Compromise (BEC), ransomware, tech support fraud, and extortion. The most prevalent crime types reported by victims were non-payment/non-delivery, personal data breaches, and phishing. The top three crime types with the highest reported loss were BEC, confidence/romance fraud, and non-payment/non-delivery. In 2017, the IC3 received 14,938 extortion-related complaints ($15.3m in losses), 10,949 complaints related to tech support fraud ($14.8m in losses, a 90% increase from 2016), and 1,783 ransomware complaints ($2.3m in losses). Extortion complaints included denial of service attacks, hitman schemes, sextortion incidents, government impersonation schemes, loan schemes, and high-profile data breaches. IC3 received a total of 301,580 complaints amounting to over $1.4 billion in losses.

Serbian authorities make arrest in cyberattack investigation

Authorities in Serbia arrested an individual associated with TheDarkOverlord for charges related to unauthorized access to computer networks and data. TheDarkOverlord cybercriminal group is known for compromising Netflix in 2016 and targeting K-12 school districts, private universities, and private healthcare facilities in late 2017. The extortion attacks targeted school districts throughout the U.S., including Iowa, Montana, and Texas, resulting in the theft of students’ personally identifying information (PII), extortion demands, and threatening emails and text messages being sent to the school districts and parents of affected students.

Cisco researchers report VPNFilter malware infected more than 500,000 office and home routers

Researchers at Cisco found that the VPNFilter malware infected more than 500,000 Small Office/Home Office (SOHO) routers. VPNFilter uses modular functionality to collect intelligence, exploit Local Area Network (LAN) devices, and block actor-configured network traffic. Certain code used in this malware has been observed before in the BlackEnergy malware, previously attributed to APT 28 and Sofacy Group.

Risk Based Security report: 686 breaches in Q1 2018

Risk Based Security released their Q1 2018 Data Breach QuickView Report. Risk Based Security reported 686 breaches in Q1 2018, which was a decrease from the 1,444 reported breaches in Q1 2017. The report stated that Q1 2018 had less reported instances of the W-2 BEC scam, dropping from 200 reported in Q1 2017 to just over 30 in Q1 2018. The report found that the top five breach types were hacking, skimming, inadvertent disclosure, phishing, and malware.