Like most threat actors APT-s try to steal data, disrupt or destroy organizations through gaining access to a system or a network. The main difference is that APT-s are backed and work for Nation States. That gives them access to resources, tools and expertise making them harder to detect.

Brief Update

Following availability of vaccines, world-wide warnings emerging about scams, in addition to those previously reported. These include offers of fake ‘free from COVID-19’ certificates, ‘I have been vaccinated’ and false travel requirements documents. Security of social media sites and emails is in the news: due to backlash, WhatsApp forced to delay implementation of terms allowing it to share data with Facebook without express permission. Facebook’s dispute with Apple over its intention to implement its Tracking Transparency Tool (ATT) in the spring is heading for a legal battle. It would require express user consent before their apps track their activity. Apple has released fixes against 3 vulnerabilities potentially allowing remote code execution. Wormable Android malware spreading through WhatsApp, posing as Huawei app with fake Play Store link. Google has patched vulnerability of StrandHogg2.0 flaw to hijacking of any Android app. New Android malware ‘Rogue’ emerging, which performs device takeover, data exfiltration and sale. Check Point reports that Emotet trojan was most dangerous malware in 2020, targeting over 100k users per day in Dec. Europol reports it has ‘taken down’ Emotet, but it may re-emerge. Microsoft remains the most-spoofed brand for second quarter in a row, with 43% of all brand phishing attempts in Q4. In good news, iOS 14 has protective layer sandboxes to protect users from malicious iMessage vulnerability. Ransomware attacks are increasing, with the fastest-spreading, Ryuk, earning more than $150m and currently attacking health-care organisations. British insurers hit back at criticism of firms that pay ransomware demands.

CYBER SECURITY IN THE NEWS

• Accounting firm MNP hit with cyberattack
• Juspay has reported a data leak of over 100 million debit and credit cardholders
• Hacker posts 1.9 million Pixlr user records for free on forum
• Ransomware operators are using DDoS attacks as leverage
• WhatsApp worm spreading Android malware
• Britain Helps Children Learn From Home By Procuring Them Laptops Preloaded With Russian Malware
• macOS malware used to mine cryptocurrency avoids detection for five years
• Fake collaboration apps are stealing data as staff struggle with home-working security
• Ransomware victims that have backups are paying ransoms to stop hackers leaking their stolen data