28 May 2021 | Asia Cyber Summary

In the Spotlight This Week:

  • Audio maker Bose discloses data breach after ransomware attack

  • Millions of customers' data compromised in Air India breach

  • UK police suffered thousands of data breaches in 2020

  • Over 55,500 password stealers detected in the Philippines

  • Bluetooth bug opens door for attackers to impersonate devices

  • Court rules encrypted email provider Tutanota must monitor messages in blackmail case

Audio Maker Bose Discloses Data Breach After Ransomware Attack

Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March.

In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across its environment. Bose first detected the malware/ransomware on Bose's U.S. systems on March 7, 2021," the company added.

The audio maker hired external security experts to restore impacted systems after the attack and forensic experts to determine if any of its data was accessed or exfiltrated by the attackers.

Millions of Customers' Data Compromised in Air India Breach

India's national airline Air India has said a cyber-attack on its data servers affected about 4.5 million customers around the world. The breach was first reported to the company in February. Details including passport and ticket information as well as credit-card data were compromised.

Air India has also said security details for credit cards (–CVV or CVC numbers–) were not stored on the server targeted. It is not immediately clear who was behind the attack. The airline, a member of the Star Alliance network, said the breach involved all information registered between 26 August 2011 and 20 February 2021.

UK Police Suffered Thousands of Data Breaches in 2020

There were over 2300 data breach incidents reported by just 22 of the UK’s police forces in 2020, according to new Freedom of Information data. The results revealed a national average of 299 data breaches per police station over the period dating from 2016 to the first four months of 2021. This included a combination of human error — staff emailing sensitive information to the wrong recipient — and malicious third-party attacks.

Over 55,500 Password Stealers Detected in the Philippines

There are more than 55,500 password stealers found in the Philippines in the first quarter of 2021, according to a cybersecurity firm Kapersky. In essence, password stealers are similar to a banking Trojan, but instead of intercepting or substituting entered data, it usually steals information already stored on the computer: usernames and passwords saved in the browser, cookies, and other files that happen to be on the hard drive of the infected device. The incidents were 155,942 higher than last year which only recorded a total of 620,742 Trojans.

Bluetooth Bug Opens Door for Attackers to Impersonate Devices

Threat actors could exploit vulnerabilities in the Bluetooth Core and Mesh specifications to impersonate devices during pairing, paving the way to man-in-the-middle (MITM) attacks. Bluetooth Core and Mesh are separate specifications suitable for low-energy and Internet of Things (IoT) devices and many-to-many (m:m) device communication for large-scale networks. The full list of vulnerabilities can be found in the link above.

Court Rules Encrypted Email Provider Tutanota Must Monitor Messages in Blackmail Case

The Federal Court of Justice (BGH) in Germany has ruled that encrypted email provider Tutanota must monitor for three months the messages of accounts implicated in a blackmail case. Tutanota had asked BGH to re-examine that decision given that Tutanota does not consider itself a telecommunications service and therefore should not be required to monitor them under German law.

BGH found that providers like Tutanota that provide “over-the-top” services are also considered to be providing telecommunications services under the Code of Criminal Procedure. The ruling only surfaced in German press in recent days.

The decision will only impact unencrypted incoming and outgoing emails, as Tutanota can’t decrypt data that has already been encrypted, Tutanota added. It also said this should serve as a warning that for customers interested in maintaining their privacy, encryption is paramount.

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.