Considering the major cybersecurity issues that have occurred here in the United States, much of the focus as of lately has been nationally preoccupied. But, this week, we answer the question – what is happening in the field abroad?
To begin, France just uncovered the presence of a long-term breach that some are comparing to the SolarWinds event here. The French cybersecurity agency, ANSSI, reported that a software known as Centreon was the target of an attack that appears to have started as far back as 2017. According to Security Magazine, the breach was carried out through the “presence of a backdoor in the form of a webshell,” impacting information technology providers. While around 15 French organizations have been affected by the cyberattack, Centreon stated that its customers, a list that includes companies such as Airbus and Agence France Presse, were not impacted. Instead, it was only those using an outdated system that fell victim. There are claims that this campaign may have been Russian led, however, a Russian representative denied such claims. Although the difference in methodology of the breach is described, some quoted experts believe there to be similarities between Centreon and SolarWinds including lessons like the importance of improving detection practices.
Jamaica was also the site of a recent security malfunction. TechCrunch reported that data stored by the JamCOVID19 website and app containing COVID-19 test result information of thousands of visitors to the island was displayed. The article explains that the cloud server operated by a company contracted by the Jamaican government was left unprotected and set to public. In addition to lab results, other exposed information consisted of images of signatures and immigration documents. In a response shared by the Jamaican government, they stated that an investigation was immediately carried out, and so far, the investigation has not detected evidence pointing to harmful use of the data.
Clearly, cybersecurity matters do not show any signs of slowing down on the national or international stage. And the UK is undergoing an escalation in its cybersecurity sector. A study led by the government found that compared to 2019, companies in the UK doubled their investments in cybersecurity in 2020. This helped create a 21% increase in the number of organizations specializing in cybersecurity. There are now a total of 46,683 industry related jobs in the UK, according to the report. Of the growing expertise in the market are services such as threat intelligence, monitoring, detection and IoT security.
Key Takeaways:
“French cybersecurity agency warns of intrusion campaign targeting Centreon” – Maria Henriquez, Security Magazine
- French cybersecurity agency, ANSSI, reported that a software known as Centreon was the target of an attack impacting around 15 French organizations.
- Evidence shows that the cyber campaign may stretch as far back as 2017.
- Some are comparing the attack to SolarWinds including the claim that it possibly stemmed from Russian operations.
“Jamaica’s immigration website exposed thousands of travelers’ data” – Zack Whittaker, TechCrunch
https://techcrunch.com/2021/02/17/jamaica-immigration-travelers-data-exposed/
- Information held by the JamCOVID19 website and app containing COVID-19 test results of thousands of visitors to Jamaica was left exposed.
- The information also including documents such as immigration records was kept in a cloud server that was not password protected and set to public according to the TechCrunch report.
- The Jamaican government contracted the company running the service. In a statement, the government explained that they investigated the matter immediately, and did not find evidence that the exposed data had been compromised by malicious activity.
“UK’s Cybersecurity Sector Experiences Record Growth” – James Coker, Infosecurity Magazine
https://www.infosecurity-magazine.com/news/uk-cybersecurity-sector-record/
- According to a report released by the UK government, UK-based companies doubled their cybersecurity investments in 2020.
- Firms specializing in cybersecurity grew by 21%.
- Expertise focuses include threat intelligence, monitoring, detection and IoT security.