July 2020: Cybersecurity Roundup
This past month in cybersecurity:
- Twitter suffered a major hack on high-profile accounts
- Russian hackers targeted COVID-19 vaccine research organizations
- The UK planned to bar Huawei from 5G network
- Kentucky’s unemployment system had a 2nd data breach
- China suspected of hacking the Vatican
Twitter suffered a major hack on high-profile accounts
Twitter was the target of a major hack on July 16th. The hackers took over several well-known and high-profile Twitter accounts and tweeted out a Bitcoin scam. The scan claimed that anyone who sent Bitcoin to the address specified in the Tweet would receive double that amount back. Despite the seemingly obvious nature of the scam, the hackers collected over $100,000 in Bitcoin.
Twitter scrambled to block compromised accounts and remove leaked screenshots of their internal administrative panel, which attackers used to take over the victim’s accounts. Twitter revealed that the hack resulted from one of its employees being tricked or coerced into providing the hackers with access to Twitter’s admin tools.
Russian hackers targeted COVID-19 vaccine research organizations
Russian hackers targeted several US, UK, and Canadian research organizations working to develop a COVID-19 vaccine. The UK’s National Cyber Security Centre blamed Russian government intelligence services despite the Kremlin’s denials.
UK, US, and Canadian agencies said the hackers used social engineering and malware to mount the attacks.
It is unknown how successful these hacking attempts were. It appears the hackers were able to upload and download files from some of the targeted servers. However, the amount of vaccine data stolen (if any) is still unknown.
The UK planned to bar Huawei from 5G network
The British government sent a private message to Huawei, claiming Huawei technology was banned from its 5G network. The British government attributed the ban, in part, to the tremendous pressure President Donald Trump has put the UK under to ban Huawei. Huawei was given the impression that if President Donald Trump is not elected to a second term, the decision may be reconsidered.
Huawei went public with their reaction to the private message and said they hope the British government will reconsider their decision.
Kentucky’s unemployment system had a 2nd data breach
Kentucky’s unemployment system had a second data breach, although this appears to be a technical issue rather than an attempt by hackers to steal data. A claimant discovered the problem who saw another claimant’s employer and health information while viewing his own account. Gov. Andy Beshear said that to his knowledge, no one had been financially harmed by this breach. It appears it is unlikely that this vulnerability impacted many people before the security team was able to patch it.
China suspected of hacking the Vatican
Chinese hackers have attacked the Vatican’s computer network over the past three months. It appears the attack was an effort on China’s part to monitor the Vatican and tighten control over religious groups, which they believe may be undermining the Communist Party.
The Vatican and Beijing have plans in September to discuss the appointment of bishops and Catholic Churches’ status in China. It is thought that the Chinese hacking of Vatican resources is meant to uncover relevant information about the Vatican before these talks.
That’s All Folks
Thanks for reading! We’ll be back next month with a quick roundup of topics we found interesting.
Did we miss a super important story? Let us know! We’ll do better next time.