New Zealand Reserve Bank: Taking Action to Respond to Data Breach Reports
Two independent investigations into an unauthorized data breach and the handling of sensitive information have been announced by the Reserve Bank of New Zealand.
“The Bank accepts the findings and has implemented, and will continue to implement, the recommendations,” stated Reserve Bank Governor Adrian Orr.
“As signalled in our Statements of Intent, we are well advanced on multiyear investment initiatives related to our digital systems and data management. We have prioritized these initiatives consistent with the recommendations outlined in the reports”.
On December 25, 2020, the Reserve Bank became the target of a cyber-attack on the third-party application it utilizes to exchange and store information. Following that, KPMG was appointed to conduct an independent investigation into the bank’s rapid response to the security incident and identify areas where the bank’s systems and processes may improve.
In late 2020, the Bank recruited Deloitte to conduct an independent investigation to assist the Reserve Bank of New Zealand in better managing sensitive data. This was in response to two incidents in which sensitive information was improperly kept in a draft internal report and disclosed to a small group of financial services firms just before it was made public.
Initiatives to put the report’s recommendations into action are also underway.
Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks
A top Russian-language underground forum has been running a “contest” for the past month, calling on its community to submit “unorthodox” ways to conduct cryptocurrency attacks.
“So far, the top candidates include topics like generating a fake blockchain front-end website that captures sensitive information such as private keys and balances, creating a new cryptocurrency blockchain from scratch, increasing the hash rate speed of mining farms and botnets, and demonstrating a custom tool that parses logs for cryptocurrency artifacts from victim machines,” said Michael DeBolt, Intel 471’s Senior Vice President of Global Intelligence, in an email interview with The Hacker News.
But DeBolt noted that most entries so far have been about instructions or tools for how to plunder cryptocurrency assets, which are unlikely to be of any “immediate significant value” to RaaS cartels.
Although other instances of incentivized contests involving topics like mobile OS botnets, ATM and point-of-sale exploits, and fake GPS signals have been observed before in the cybercrime underground, the latest development is yet another indication that criminals are increasingly exploring cutting-edge techniques to help further their motives.
Popular Video Game Developer Targeted in a DDoS Attack
Blizzard Entertainment, an American video game developer and publisher announced on Monday that they are under a massive DDoS attack which may cause significant delay and disconnections for some gamers. The company assured the gamers that it would not affect their system and that a DDoS attack is ‘basically a clogged pipe on the internet.’
How does a DDoS attack work?
A distributed denial-of-service attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. A DDoS attack uses more than one unique IP address or machine often from thousands of hosts infected with malware.
A distributed denial of service attack typically involves more than around 3–5 nodes on different networks; fewer nodes may qualify as a DoS attack but is not a DDoS attack.
Blizzard on the hit list of the attackers
Blizzard has dealt with similar issues multiple times throughout the last year and in the early part of this year as well. When gamers attempted to play ‘World of Warcraft’ in January this year, they encountered the same issues with high latency and disconnections. Blizzard seems to have a pattern of attributing connectivity troubles to DDoS attacks.
Data of 6 Million Battle for the Galaxy Players Leaked
WizCase security experts recently uncovered an unsecured ElasticSearch server owned by AMT Games, a Chinese mobile and browser game company, that exposed 5.9 million Battle for the Galaxy users’ accounts, as well as 2 million transactions and 587,000 feedback messages.
Battle for the Galaxy, Heroes of War: WW2 Idle RPG, Epic War TD2, and Trench Assault are among of the company’s most popular games.
Player IDs, usernames, country, total money spent on the game, and data from Facebook, Apple, or Google accounts if the user linked them to their gaming account are often included in profiles. It went on to say that information on how much money people have spent on the site might help fraudsters target the biggest spenders.
WizCase warned that “it is common for unethical hackers and criminals on the internet to use personal data to create trustworthy phishing emails. The more information they possess, the more believable these emails look.” Bad actors could utilize personal information like email addresses and user difficulties with the service to “pose as game support and send users to fraudulent websites where their credit card credentials can be stolen,” according to the report.
Stay Focused. Stay Vigilant.
Cyber Threat Incident Management Team — Cyber Security Community @ SLIIT