Security News Survey – September 13, 2019

This week, we look at the latest arrests related to BEC scams, a DDoS attack on Wikipedia, and more.

It’s been another busy week in the cybersecurity world, with several new cyberattacks and data breaches on organizations across the world. Let’s jump straight into a few key headlines.  

281 arrested for BEC scams

281 people have been arrested and $3.7 million has been seized in connection to a widespread business email compromise (BEC) scam. Following a four-month investigation, authorities have uncovered that cybercriminals stole at least 250,000 identities and attempted to receive tax refunds in the amount of $91 million. Arrests were made in Nigeria, Turkey, Ghana, France, Italy, Japan, Kenya, Malaysia, and the U.S. and U.K. 

The FBI announced at the same time that BEC scams have yielded losses of more $26 million since June 2016. This represents a major increase from prior estimates of $12 billion. 

Wikipedia knocked offline by DDoS attack

Late last weak, Wikipedia sustained a distributed denial of service (DDoS) attack that took the website offline in the UK, Italy, France, Germany, and parts of the United States. On September 7th, Wikimedia, the web encyclopedia’s parent organization, confirmed via Twitter that the website was the victim of a cyberattack, although details of the attack were not disclosed. Security researchers have since suggested that the attack was executed in two phases—first in the Western Hemisphere and then followed by Europe, the Middle East, and Asia. The site was offline for an estimated nine hours. 

IT contractor data breach investigated by Secret Service

The U.S. Secret Service is investigating a data breach of a Virginia-based IT contractor supporting more than 20 federal agencies, such as the Department of Transportation, U.S. Citizenship and Immigration Services, and the National Institutes of Health. Credentials and email messages were reported accessed and sored and sold on a Russian cybercrime website last month. According to KrebsonSecurity, the contractor claims that the compromised systems were “old test systems” with no “direct connections to its government partner networks.” The Secret Service appears to be investigating these claims. 

Utah medical provider hit by ransomware

Utah-based Premier Family Medical has confirmed that it experienced a ransomware attack in early July 2019, preventing the facility from accessing certain systems. Reports are indicating that potentially 320,000 patient records may have been impacted; however, in an official statement, the organization has claimed that it has seen no evidence that any patient information was accessed or stolen at this time. Premier is working with law enforcement and security consultants to investigate the incident and identify how to improve its system security to prevent future attacks. 

This attack is the latest example of the rise in healthcare data breaches. Eleven of the 13 biggest breaches in the first half of 2019 were medical or healthcare organizations.