Cyber Attacks

One of the largest names in the aerospace industry was struck with a cyber attack this week. Boeing has confirmed that their systems were breached, but have been downplaying the level of concern, according to reports. However, an internal memo sent by Boeing’s Commercial Airplane production engineering chief engineer Mike VanderWel suggested that the WannaCry attack could spread to the manufacturer’s production systems and airline software.

According to Boeing, all hands are on deck to ensure the malware virus doesn’t metastasize further into their systems, even though they are now worried that the WannaCry malware has infected the 777 (automated spar assembly tools) at the plant in North Charleston, SC.

WannaCry ransomware, which surfaced in May of 2017, targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency. It propagated through EternalBlue, an exploit in older Windows systems released by the Shadow Brokers a few months prior to the attack.

Since the attack, Boeing is probably working with law enforcement agencies, PR consultants, data breach attorneys, and computer forensic experts, all billing at an hourly rate to ensure all of their bases are covered. Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about this cyber attack, click here.

As if Facebook didn’t experience enough backlash from the Cambridge Analytica data leak, recent reports suggest that Facebook has been collecting Android user’s call history and text message data for years. According to the report, if an Android user downloaded the Facebook Messenger app, especially if the user had an outdated phone and operating system, the information is being collected.

Google eventually changed the permissions of it’s API, providing users notifications when apps execute permissions, but it appears that developers have figured out how to bypass these permissions, which is how Facebook has found itself in hot water again.

For those who are curious about how much data Facebook has about your personal account, go to Facebook’s Settings→Download a copy of your Facebook data→Start My Archive.

Head over to our Resources Page to learn more about how our preferred vendors can assist employees with the skills needed to detect a potential data breach.

If you’re an Android user and you’d like to read more about this invasion of privacy, click here.

The rise of cryptocurrency in 2017 resulted in an uptick in crypto-mining attacks (1.65 million computers affected in the first 8 months of 2017 according to the Kaspersky Labs), while seeing a decrease in ransomware attacks. Hackers have seen an opportunity to make more money hacking into people’s PCs and smartphones (typically done via spam and phishing campaigns) which doesn’t require additional action on behalf of the victim, like paying a ransom, beyond opening and installing the malware that silently carries out the mining.

Although it might be easier to mine Monero (a popular cryptocurrency), using a victims CPUs, that didn’t stop a hacker (group) from attacking the City of Atlanta with a ransomware attack on Thursday. City officials reported issues surrounding access to internal applications, while customer facing applications were experiencing outages.

The hackers were asking for $6,800 per computer or $51,000 in Bitcoin. Although it was not reported how the hackers exposed the City of Atlanta, it’s known that municipalities and city departments are seen as low hanging fruit to cybercriminals as their technology is usually out-dated.

Head over to our Resources page to learn more about how our preferred vendors can assist employees with the skills needed to detect a potential cyber attack.

If you’d like to read more about the cyber attack on the City of Atlanta, click here.

A recent report indicates that Expedia’s Orbitz experienced a cyber attack, resulting in over 880,000 payment cards being stolen. If confirmed, Expedia will be the latest victim exposed by a data breach after acquiring another company and their IT infrastructure.  According to reports, the attack may have occurred between October and December of 2017, but the cybercriminals may have accessed two years of sensitive customer data.

The stolen data may consist of the following: purchase receipts, customers’ names, birth dates, phone numbers, email addresses, mailing addresses, as well as gender. Since the attack, Orbitz has been working with law enforcement agencies, PR consultants, data breach attorneys, and computer forensic experts, all billing at an hourly rate. Additionally, they are working with card issuers to offer victims one year of prepaid services to assist with monitoring for fraud and identity theft associated with the breach.

Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the potential data breach surrounding Facebook, check out Data Breach Today.

A UK-based voter profiling firm, Cambridge Analytica, recently received sensitive information of 50 million Facebook users, but the social media giant insists that they weren’t hacked! Instead, they argue that an app developer, who is also a professor at Cambridge University, illegally passed the user data to Cambridge Analytica for advertising purposes.

If confirmed, this data breach could directly correlate with voter influence during the 2016 presidential election. It’s worth noting that Cambridge Analytica also worked on the PRO-Brexit campaign and is now being investigated by the Parliament and Government. 

As this report continues to unfold, we can assume that Facebook will be forced to take action in order to provide additional findings surrounding this breach. We can expect Facebook (or similar businesses dealing with data breaches) to pay for the following: data breach attorneys, computer forensic experts, and PR consultants, all billing at an hourly rate.

Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about the potential data breach surrounding Facebook, check out Data Breach Today.

Virtual Private Networks (VPN) are used by individuals and businesses to protect everyday activities done on the web to ensure data and IP addresses are encrypted and secure from being exposed to cybercriminals.

VPN’s are utilized to ensure the above doesn’t happen, however, VPN Mentor, a privacy advocate, reported that popular VPN’s, HotSpot Shield, PureVPN, and Zenmate, have been exposed to vulnerable flaws that can compromise their user’s privacy.

According to VPN Mentor, all of the Virtual Private Networks, which cater to millions of customers worldwide, were found to be leaking user’s real IP addresses, which ultimately expose user’s personal identifiable information, as well as their locations.

Some of the notable vulnerabilities exposed are:

• Hijack all traffic — This exposure was attached to Google Chrome extension that could have given hackers remote access to redirect victim’s web traffic to malicious sites.
• DNS Leak — Exposure revealed user’s original IP addresses to DNS servers, which can allow Governments and hacker groups to track and record online activities.
• Real IP Address Leak — Exposure allows hackers to track user’s actual locations, as well as their internet service provider.

Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen.Get appointed with our cyber insurance specialists for a FREE Quote!

If you’d like to read more about these Virtual Private Network vulnerabilities, check out The Hacker News.

It’s no surprise that municipalities and government agencies are seen as low hanging fruit to many cybercriminals, as their systems are usually outdated. However, that message never reached the State Department as they’ve spent $0 of their Anti-propaganda allocation between 2016 and 2017. Keep in mind, Congress budgeted $120 Million in efforts to combat foreign governments meddling with U.S. political affairs.

The inefficiencies of the State Department are reflected in what has been essentially confirmed that the presidential election tampering leads to the Kremlin’s social media farms as the prime suspect.  It’s important to note that in 2017, there were over 4,000 cyber attacks, which means all businesses, large and small, private or public, are at risk of getting attacked in one way or another. 

With that in mind, Evolve MGA offers hacker insurance that covers policyholders in the event their cloud data is hacked, lost, or stolen. Our Cyber Insurance Specialists are here to provide your business or insurance broker with a Free cyber risk insurance Quote to assist in getting protected.

To read more about this article, click here.