Security News Survey – February 1, 2019

A look at U.S. intelligence officials’ new cybersecurity warnings, another unprotected Elasticsearch server, and Airbus’s “cyber incident.”

Today is the first of February, which means tomorrow is an important day! Will Punxsutawney Phil see his shadow? In the face of record-breaking cold spells, folks across the country are wishing more than ever that Phil will predict an early spring this year. We’ll have to wait to find out what our favorite psychic groundhog has to say tomorrow, but in the meantime, we can safely assume that there will be no change in the forecast where security news is concerned: it’s a steady flow.  

Let’s jump right into a few headlines that caught our eye this week.

U.S. intelligence report warns critical infrastructure threats are looming

On Tuesday, the Worldwide Threat Assessment of the U.S. Intelligence Community was published by the Director of National Intelligence, issuing a warning that U.S. critical infrastructure (at that of its allies) will continue to be a prime target for nation-state-sponsored cyber attacks. According to the report, China has technology capable of launching attacks “that cause localized, temporary disruptive effects on critical infrastructure—such as disruption of a natural gas pipeline for days to weeks—in the United States.The report also details Russian capabilities to interference with electrical distribution networks, North Korean efforts to breach financial institutions, and Iranian cyber-espionage initiatives. The report will undoubtedly add to the already increasing pressure on the cybersecurity of U.S. critical infrastructure systems, especially considering what could be at stake if an attack is successful.

Rubrik shuts down unprotected Elasticsearch server

Cloud data management company Rubrik has come under scrutiny after a security researcher discovered massive amounts of confidential data was accessible via an unsecured server. The security lapse is being identified as a “misconfiguration” of the AWS Elasticsearch server—a narrative that may sound familiar if you’ve been following recent data leaks, including the one mentioned in last week’s Survey. Customer names, contact info, and casework details (some of which included sensitive information) were being housed in the database. Rubrik took down the server following notification and insist that no external parties (other than the security researcher) accessed the environment. Their reassurances, however, are not doing much to build confidence. “Misconfigured” servers appear to be far too common these days, but it seems like an unusual mistake for a company dedicated to data services and security.

Airbus breach exposes European employee data

This week, aircraft manufacturing giant Airbus revealed a “cyber incident” in which it detected unauthorized access to data following a breach of its commercial aircraft business information systems. The company has assured the public that the data breach is not impacting its commercial jets and operations and that an investigation is underway to determine the origins of the attack and if any specific data was targeted. It appears that personal information of some European employees was exposed, and the company is in contact with regulatory authorities. Depending on what the investigation yields, the company may face consequences pursuant to GDPR.  

Speaking of, you have likely seen by now that Google was hit with a pretty substantial fine for GDPR violations. If you haven’t already, be sure to check out our blog, “Data Privacy Day 2019: The Next Chapter of Privacy Regulations,” where we discuss Google’s fine, GDPR, and what lies ahead for data protection and privacy regulations.