Security News Round-Up: Tesla Design Secrets Leaked by Hacker
News Round-Up – Get a Quick Rundown of What You Need to Know
Evolver’s Cyber News Round-Up looks into recent reports and journalism covering cyber threats and trends affecting all industries. You can suggest articles to us on LinkedIn and on Twitter at @EvolverInc. Visit our cybersecurity services page to learn more about cyber risk assessment and threat protection.
Tesla Design Secrets Leaked by Hacker
A hacker who goes by the name “Green” has reportedly accessed Tesla’s design secrets regarding upcoming changes to their vehicles, according to Info Security Magazine. The hacker posted online about additions to the hardware in the Model S and Model X vehicles, such as wireless chargers and new types of batteries. As stated in the article, Green mentioned that the company often has leaks via firmware and that they had backported minimal data to prevent it from all being exposed. The company has yet to confirm whether any of the changes will be made.
Greece’s Government Websites Attacked Twice
Websites belonging to Greece’s prime minister, fire service, police force, and multiple ministries were taken down by DDoS attacks before being restored by government IT employees, says Cyber Defense Magazine. A spokesperson from the government shared that they were able to successfully neutralize the attack through their own countermeasures. The week prior, the Greek parliament, foreign affairs, stock exchange, and economy ministry websites were all taken over by Turkish hackers for around an hour and a half as a result of political tensions, the article states. This group even announced on Facebook that they would be carrying out this attack.
Ransomware Strikes Tampa Bay Times
According to a recent article from Bank Info Security, the Tampa Bay Times has become the latest addition to a string of news companies that has been attacked with Ryuk ransomware. The Times Publishing Co., parent company of the Tampa Bay Times, declined to pay the ransom. Currently, it is working to restore systems using backups, the article states. So far, most of the primary systems have been successfully restored, but they will continue to work on full recovery and prevention. No customer information or payment data seems to have been exposed or stolen and the newspaper was able to maintain its publishing schedule.
UN Reveals Major Data Breach
A leaked report detailed a data breach that hit the United Nations (UN) last year, says Hack Read, but it is not yet known how much data was lost or who the attackers were. The hackers were able to exploit a Microsoft SharePoint vulnerability and install malware on the organization’s servers. From there, they were able to access servers located in the UN offices in Geneva and Vienna as well as the UN High Commissioners for Human Rights, the article states. This brings a variety of concerns, as the human rights office deals with mass amounts of data that detail human rights abuse. So far, Hack Read says, it is believed that this was a state-sponsored attack.
Phishing Attack Successfully Steals NYC Health Provider Patients’ Info
Attackers who pretended to be an executive at VillageCare Rehabilitation and Nursing Center successfully tricked an employee into sending them patient data. According to Info Security Magazine, the center revealed the incident on December 30th. The attackers received patient names, birth dates, medical insurance provider and ID numbers, belonging to 674 different patients. Soon after, they realized the original email request was fake and brought in third party investigators. VillageCare has also set up an assistance phone line for those affected, Info Security states. Regulatory authorities and law enforcement have been notified of the incident.
Ransomware Payment Sizes Double From Q3-Q4 of 2019
According to Dark Reading, the average ransomware payment in the fourth quarter of 2019 was $84,000, compared to $41,000 the quarter prior. This is a 104% increase, showing the increasing devastation of such attacks on the victims. There were some victims who paid up to a whopping $780,000 to get their data back, Dark Reading states. On the other end, the lowest payments made were around $1,500. Based on a 600-person survey, half of participants had paid the ransom when their companies were attacked. Of that, 98% actually were given the decryption key as promised by their attackers.