Here are some interesting updates about cybersecurity threats and new trends.
FlightAware, a major flight tracking company, has identified a data security breach triggered by a configuration error that revealed client information. The issue was detected on July 25, 2024, but it could have existed since January 2021, possibly exposing data for more than three years. Exposed information includes user IDs, passwords, email addresses, and, depending on user input, full names, addresses, partial credit card numbers, and even Social Security numbers. FlightAware hasn't said how many of its 12 million registered users were harmed by the attack.
The organization has taken quick measures to correct the configuration issue, forcing all possibly impacted users to reset their passwords. FlightAware is providing two years of free credit monitoring services through Equifax to help consumers protect their financial information. The corporation has not stated if the compromised credentials were encrypted or stored in plaintext, raising concerns about account vulnerabilities. FlightAware maintains there is no evidence of data misuse, implying that the exposed information may not have been discovered by malicious actors before the business noticed the problem.
Source: Tech Crunch
Japan's Ministry of Defense intends to establish a DARPA-style research facility focused on cyber warfare in October 2024. The institute, which will be situated in Tokyo, intends to create breakthrough cyber warfare technology and address increasing cyberthreats. It will be part of Japan's five-year strategy for improving its defenses against emerging threats such as cyber warfare. The institute is scheduled to begin with approximately 100 employees, including experts in cyber warfare, AI, and robots from outside government. This initiative comes as Japan sees an increase in cyberattacks, with roughly 4,000 registered against Ukrainian targets between January 2022 and November 2023. The Japanese government is actively rewriting and updating standards to improve cybersecurity risk management, including supply chain risk management. Japan is also leading attempts to establish a counter-cyber-attack grid in the Indo-Pacific region, with the goal of strengthening alliances and protecting itself from cyberattacks. The country has proposed a significant investment of US$75 billion in the 2024 draft budget to develop cyber capabilities through strengthened collaborations with South and Southeast Asian countries. Japan's cybersecurity strategy prioritizes research and development to handle the growing complexity of cyberthreats.
Source: Shephard Media
Flint, Michigan, has been hit by a ransomware attack, which is having a substantial impact on municipal services. The cyberattack impacted the city's email system, phone lines, and online payment services, causing severe delays. In response to the event, the Federal Bureau of Investigation (FBI) has opened an investigation to investigate the source and scope of the attack.
City officials have been working hard to restore affected systems and limit the harm caused by the malware. The hack compelled several city departments to revert to manual methods, which slowed operations and impacted residents. While vital services such as police, fire, and water treatment continue to operate, many non-emergency services have been temporarily discontinued.
Flint Mayor Sheldon Neeley has informed citizens that personal and financial information are thought to be protected at the moment.
Source: The Record
A cyberattack has caused interruptions at Seattle-Tacoma International Airport (Sea-Tac) since August 24, 2024. The attack impacted a variety of systems, including internet services, websites, and the luggage sorting operation. Authorities have released minimal information about the nature of the cyberattack, simply stating that "nefarious characters" may be involved. The Port of Seattle, which manages Sea-Tac, has isolated vital systems as a precaution. Flight operations have continued, although passengers have experienced delays and are advised to check with their airlines for updates. The airport's website fell down and was still inaccessible on August 26. The investigation involves federal agencies such as the FBI and the Department of Homeland Security. Airport officials did not provide a date for when all systems will be fully restored.
Source: The Seattle Times