Telegraph Subscriber Data Unsecured Online | Cyber Security Awareness Month – Fortinet Survey | Ransomware Biggest Threat to UK Security
Article by Christopher Lauder, Delegate Relationship Executive, Rela8 Group
Telegraph Subscriber Data Unsecured Online
The Telegraph is one of the largest newspapers and media outlets in the United Kingdom. After failing to secure one of their Elasticsearch clusters for a number of days, they left 10 TB of subscriber data and server logs open to a breach. The exposed information includes internal logs, full subscriber names, email addresses, device information, URL requests, IP addresses, authentication tokens, and unique reader identifiers.
Bob Diachenko is the researcher who uncovered the unprotected information. At the time of his review, he confirmed that at least 1,200 unencrypted contracts were accessible without a password. Importantly, the newspaper was contacted and made aware of the exposure immediately after discovery, but they did not respond and secure the database for two days.
The length of time that the database was exposed to the open and was able to be accessed was at least three weeks. That is plenty of time for automated scanners or attackers to find this database and exfiltrate the data. The main risk faced by people who had their information exposed because of this leak is they run a higher risk of being scammed or phished by email.
The Telegraph has said that no one who had their information leaked is at any risk of exploitation as they say Diachenko was the first and last person to access the data.
Cyber Security Awareness Month – Fortinet Survey
This month is Cyber Security Awareness Month, a month-long initiative launched by the US Department of Homeland Security. In light of this, Fortinet has released the 2021 Global State of Ransomware Report. This survey reveals that most organisations are more concerned about ransomware than any other cyberthreat.
Most of those organisations who were surveyed said that they are prepared for a ransomware attack, insofar as employee cyber training, risk assessment plans, and cybersecurity insurance. However, there is a clear gap in what many viewed as essential technology solutions for protection and the technology that can best guard against the most common methods to gain entry to their networks.
The EVP of Products and CMO of Fortinet, John Maddison, said: “According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year. Unsurprisingly, organisations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents. The high amount of attacks demonstrates the urgency for organisations to ensure their security addresses the latest ransomware attack techniques across networks, endpoints, and clouds. The good news is that organisations are recognising the value of a platform approach to ransomware defence.” You can view more information about the results of the survey and other findings below:
Ransomware Biggest Threat to UK Security
Lastly and keeping with the theme of ransomware, Lindy Cameron, Chief Executive of the National Cyber Security Centre was speaking recently at the Chatham House Cyber 2021 Conference. At the conference, she said that ransomware attacks present the most immediate danger to the UK. As well as this, she made a warning that cyber attacks linked to the pandemic are likely to persist for many years to come.
If organisations continue to not adequately protect themselves or agree to pay the ransom when they are attacked (something which the NSCS has said not to do), then Cybercriminals are likely to continue to see ransomware as an “attractive route”.
Lindy Cameron said that: “Many organisations – but not enough – routinely plan and prepare for this threat, and have confidence their cybersecurity and contingency planning could withstand a major incident. But many have no incident response plans, or ever test their cyber defences. We expect ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay. We have been clear that paying ransoms emboldens these criminal groups – and it also does not guarantee your data will be returned intact, or indeed returned at all.”
“To meet the challenge of the future, we must not only build on our successes to date, but take our cybersecurity to the next level of scale and automation to meet the threats we will face in the next decade”.