A Brief Weekly Review of Top Stories that Dominated the Cyberworld

The world of cybersecurity was catapulted when officials revealed that a Sweden’s national sports federations, including FIFA, were hacked by Russian military intelligence in 2017-18. And that was not it! The cyberworld received another shock when it discovered that FBI agents launched a court-authorized cyber campaign to remove malicious web shells from hundreds of formerly hacked Microsoft Exchange servers in the United States. More alarmingly, at least 100 million devices were affected by a spate of Domain Name System (DNS) flaws in TCP/IP stacks in the outgoing week.

Here’s a brief review of what took place in the past week.

Russians Hacked Swedish Sports Body

Officials divulged that Russian military intelligence in 2017-18 hacked the organization that supervised Sweden’s national sports federations, including FIFA and the World Anti-Doping Agency.

Swedish prosecutors said the “repeated and comprehensive breaches” of the Swedish Sports Confederation by GRU led to athletes’ personal details, such as medical records, being accessed and that information being published by Swedish media.

The hacking was revealed after a probe by the Swedish Security Service in cooperation with the security services of other countries. But the investigation has been stopped due to the lack of the necessary preconditions for taking legal proceedings abroad or extradition to Sweden.

FBI Agents Covertly Removed Web Shells from Hacked Microsoft Exchange Servers

The U.S. Department of Justice (DoJ) said that FBI agents carried out a court-authorized cyber drive to remove malicious web shells from hundreds of formerly hacked Microsoft Exchange servers in the United States.

In the wake of an upsurge in major in-the-wild zero-day attacks against Exchange Server installations that happened worldwide in January, farsighted organizations scrambled to lock down exposed Microsoft email servers and eliminate web shells that were installed by threat actors.

Unfortunately, several organizations were not able to fix systems and/or remove related malware that was installed.

NAME:WRECK” DNS Flaws in TCP/IP Stacks Affected At Least 100 Million Devices

Experts revealed that a string of Domain Name System (DNS) flaws affected popular TCP/IP stacks.

Jointly called NAME:WRECK and identified in the DNS implementations of FreeBSD, Nucleus NET, IPnet, and NetX, the vulnerabilities could also be exploited to carry out denial of service (DoS) attacks, to execute code remotely, or take devices offline.

The flaws were recognized as part of Project Memoria, a research initiative aimed at enhancing the overall security of IoT devices and which has already led to the discovery of more than 40 issues in popular TCP/IP stacks, critical components providing basic network connectivity for an extensive range of devices.