This week’s Knowledge Update talks about a breach at Pizza Hut that shows the need for board control, a new scam that impersonates VAT forms to deliver malware and a DoubleLocker ransomware that changes PINS and encrypts data.
Pizza Hut data breach shows need for board control
Pizza Hut, one of the biggest fast food chains in the world has come under fire for failing to notify its affected customers of a data breach that exposed personal information such as customer names, billing details, email addresses and credit card details.
The ICO have suggested that organisations should report personal data breaches to individuals affected by the breach as well as acting quickly in making the assessment. Under the current data protection law, there are no
obligations to notify, however when the GDPR regulation comes into effect on the 25th May, it will be mandatory for
organisations to notify of data breaches that risk harm to individuals. Information on GDPR and how it could affect your business can be found here.
New scam impersonates VAT form to deliver malware
Researchers from ‘Trustwave’ have found a scam that impersonates Her Majesty’s Revenue & Customs (HMRC) to trick victims into downloading malware on their computer or phones.
According to Trustwave the email phishing attack disguised as a HMRC VAT return document was launched on 6 September 2017. The phishing email was sent using a registered HMRC-like domain (hmirc-gov.co.uk) which contained links to the infamous JRAT malware. The email encouraged users to click on a PDF document that said that there had been an error in their recently submitted VAT return which would take the victim to a Microsoft OneDrive Zip file where inside the zip file there would be a malicious Java Jar file.
Staff should be made aware of the threats posed from phishing through training and awareness sessions. Policies in regard to the acceptable use of computer equipment, handling data and payment processes should be implemented and adhered to. Prevention advise for phishing can be found here.
Also, implementing encryption and digital signatures across your business will secure your sensitive data and reduce phishing attacks.
DoubleLocker Ransomware Changes PIN and Encrypts Data
Security researchers are warning Android users that a new breed of Android ransomware, that is designed to encrypt a person’s device as well as lock them out by changing their passwords, is becoming more prevalent.
DoubleLocker is based on a code from a banking trojan called Android.BankBot.211.origin which will force users to grant the DoubleLocker access to the smartphone’s accessibility service. Once the Trojan is launched, normally from a fake adobe flash player app, it will try and obtain accessibility to permissions on your device.
Businesses should look to implement a Bring Your Own Device policy so employees can use personal devices for business securely. An explanation of BYOD and a guide to implementation can be found here.
Also, Anti-virus software should be installed on your device and automatic updates should be enabled.