8 October 2021 | Asia Cyber Summary

In the spotlight this week:

  • CSA launches tool kits to help Singapore businesses improve their cyber security

  • Twitch source code and creator payouts part of massive leak

  • Google to turn on 2-Factor authentication by default for 150 million users

  • Hackers rob thousands of Coinbase customers using MFA flaw

  • Facebook finally gives an explanation for six-hour outage

CSA Launches Tool Kits to Help Singapore Businesses Improve their Cyber Security

The Singapore Cyber Security Agency (CSA) launched a series of tool kits for enterprises, which provide guidance on cyber security issues tailored for senior business leaders, owners of small and medium-sized enterprises (SMEs), as well as employees.

The initiative is part of the SG Cyber Safe Programme launched by the Minister of State for Communications and Information. The tool kits will help by simplifying cyber security for businesses and can act as a starting point for management teams to develop cyber security strategies, work out an implementation plan and develop a strong culture of cyber security in the firm, he added.

Google to Turn On 2-factor Authentication by Default for 150 Million Users

Google announced plans to automatically enroll about 150 million users into its two-factor authentication scheme by the end of the year, as part of its ongoing efforts to prevent unauthorized access to accounts and improve security. In addition, it also intends to require 2 million YouTube creators to switch on the setting, which it calls two-step verification (2SV), to protect their channels from potential takeover attacks.

The development comes weeks after Microsoft introduced a passwordless mechanism that enables users to access their accounts without a password by just using Microsoft Authenticator, Windows Hello, a security key, or a verification code sent via SMS or email.

Hackers Rob Thousands of Coinbase Customers Using MFA Flaw

Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication (MFA) security feature. Coinbase stated that between March and May 20th, 2021, a threat actor conducted a hacking campaign to breach Coinbase customer accounts and steal cryptocurrency.

Coinbase recommends users switch to a more secure MFA method, such as a hardware security key or an authentication app. Victims should be on the lookout for future targeted phishing emails or SMS texts that attempt to steal credentials using information exposed in the breach.

Twitch Source Code and Creator Payouts Part of Massive Leak

Twitch appears to have been hacked, leaking source code for the company’s streaming service, and details of creator payouts. An anonymous poster released a 125GB torrent, which they claim includes the entirety of Twitch and its commit history.

The leak is labelled as “part one”, suggesting there could be more to come. The leak doesn’t appear to include password or address information on Twitch users, but that does not mean this information has not been obtained as part of this breach.

Facebook Finally Gives an Explanation for the Six-Hour Outage

Facebook said the six-hour outage that took it offline, along with Instagram, Messenger, Whatsapp, and OculusVR, was the result of a configuration change to its routers — not of a hack or an attempt to steal user data. The outage was due to a routine maintenance mistake that essentially disconnected Facebook’s data centers from the internet.

Facebook CEO Mark Zuckerberg posted an apology on Monday evening, saying the platforms were coming back online. “Sorry for the disruption today — I know how much you rely on our services to stay connected with the people you care about”, he apologised.

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.