March 2021: Cybersecurity Roundup
This past month in cybersecurity:
- Cyberattack Disrupts Molson Coors Operations and Production
- $2B of COVID-19 Relief Package Reserved for Cybersecurity and Tech
- Google Revealed How Much Personal Data They Collect in Chrome and Google iOS Apps
- Ubiquiti Accused of Covering Up Huge Data Breach
- IRS Warns of Phishing Scams Targeting Colleges and Universities
Cyberattack Disrupts Molson Coors Operations and Production
A cyber attack hit brewing giant Molson Coors (producer of Coors, Miller, Blue Moon, and much more). The attack caused a systems outage that resulted in a decrease in production and distribution, which will significantly impact Q1 earnings.
Molson Coors was pretty tight-lipped about the incident initially, but most people suspect it was malware or ransomware due to a large amount of related activity around the world.
$2B of COVID-19 Relief Package Reserved for Cybersecurity and Tech
2 billion USD from the COVID-19 Relief Package has been reserved for technology. Specifically, the legislation highlights cybersecurity as a critical part of economic recovery. Of that, 650 million will help Cybersecurity and Infrastructure Security Agency (CISA) improve its risk mitigation services. 1 billion will go to the General Services Administration’s Technology Management Fund, which provides funding to government agencies seeking to enhance and secure their technology
President Biden is pushing Congress to launch an ambitious effort to improve and secure government IT and networks. Drivers for this increased cybersecurity attention include:
- SolarWinds breach.
- Compromise of Microsoft Exchange servers.
- Water treatment facility attack in Florida.
- Protecting the COVID-19 vaccination process from cyber attacks.
Google Revealed How Much Personal Data They Collect in Chrome and Google iOS Apps
DuckDuckGo called out rival Google for “spying” on its users. This comment came after Google spelled out the exact kinds of information it collects in its Chrome and Google iOS app under Apple’s privacy policy.
DuckDuckGo tweeted, “After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No wonder they wanted to hide it.”
Ubiquiti Accused of Covering Up Huge Data Breach
Block & Leviton LLP (a national securities litigation firm) announced it would be investigating Ubiquiti, a company specializing in IoT devices such as cameras and routers. The investigation will be looking for possible violations of SEC rules.
This investigation came in the wake of a cybersecurity breach earlier in March, the severity of which appears to have been grossly understated in a Ubiquiti press release. Brian Krebs (of KrebsOnSecurity) reported that a source disclosed that Ubiquiti “massively downplayed a ‘catastrophic’ incident to minimize the hit to its stock price and that the third-party cloud provider claim was a fabrication.”
IRS Warns of Phishing Scams Targeting Colleges and Universities
The IRS has warned of an ongoing phishing scam targeting colleges and universities, specifically “.edu” email addresses. The phishing emails include IRS logos and subject lines tempting users with additional tax refunds and tax recalculations.
If you believe you’ve been involved in an IRS phishing scam, you can find instructions to report it here.
That’s All Folks
Thanks for reading! We’ll be back next month with a quick roundup of topics we found interesting.
Did we miss a super important story? Let us know! We’ll do better next ti