📡 InfoSec Radar #4 – Jan ’21

Written by Chris Hepple, Head of Information and Cyber Security | Posted in News on 8 January 2021

Banking Works InfoSec monthly roundup from Banking Works, Head of Information & Cyber Security, Chris Hepple

“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.”–Stephane Nappo

👉 Foreword

The National Cyber Security Centre (NCSC) is a Government organisation that provides advice and support for the public and private sector regarding security threats.  I encourage all colleagues and clients to follow their reporting as it publishes current threats that could affect our businesses, products and/or services.  I have focussed this month’s blog on the most relevant articles to our business and industry.

🚨 NSA urging VMWare patch action

The NCSC is supporting an NSA advisory detailing how Russian state-sponsored actors have been exploiting a vulnerability in VMware® products.

The US’ National Security Agency (NSA) has urged organisations to patch a vulnerability affecting VMware® products.

In an advisory published this week, the NSA has emphasised the importance of applying vendor-provided patches to affected VMware® identity management products, which is actively being exploited by Russian state-sponsored actors.

Not taking action to patch the vulnerability could potentially enable cyber criminals to access data on the affected systems. VMWare has also issued an advisory encouraging organisations to patch the vulnerability.

👨‍💻 HICS comment – The financial sector, just like many other industries have a heavy reliance on IT Products to process data in a confidential manner.  VMware are a large supplier of these products and it is extremely important you know your IT environment and supply chain.  Should you have any of these VMware products supplied it is important you follow the advice and patch as soon as practical.  It is just as important to understand your data flow in your supply chain; you need to be sure if suppliers, or any sub-contractors, have any of these products that they too patch these vulnerabilities.

🛍 Phishing attacks focus on online shoppers

Cyber criminals are upping their efforts to catch out online shoppers with phishing scams disguised as delivery emails.

Researchers at Check Point have reported that there has been a 440% rise in shipping-related phishing emails in the last month, with Europe seeing the biggest increase.

The emails are reportedly designed to look like the ‘real deal’, encouraging victims to make payments and, most importantly for the criminal, to input your details which can then be stolen. There is also an example of a scam encouraging someone to ‘log in’, which hands over an email address and password for the account which the victim thinks they are accessing.

The NCSC has produced advice on how to deal with suspicious emails, text messages and phone calls.

If you think you have received a phishing email then you can report it to the NCSC’s Suspicious Email Reporting Service (SERS).

👨‍💻 HICS comment – Whilst this is more likely to target individuals there always remains a threat to businesses being caught out by not preventing, planning and testing their mitigating controls to phishing.  Online shopping is important during the festive period and certainly after due to the current pandemic restrictions.  Individuals are forced to shop online thereby being more likely to be convinced should they receive an email that they believe is linked to their recent purchase.  It is extremely important that we, as service providers do all we can to educate our customers and staff to ensure they are well equipped to mitigate this risk.  I always encourage colleagues and friends to check the authenticity of emails – never action from details contained in an email or text message.  Contact the service provider direct from contact details on the main website – never use the contact details contained within the message or email, those could be the Criminal’s contact details all set up waiting for you to reach out to them.

That’s it for this month, but you can check out our previous InfoSec articles to ensure you and your team are up to speed on the latest cyber threats:

InfoSec Radar #3

InfoSec Radar #2

InfoSec Radar #1