A Brief Weekly Review of Top Stories that Dominated the Cyberworld

The outgoing week saw a number of events that broke over the cybersecurity landscape like bombshells. News stories such as the Federal Board of Revenue (FBR) coming under a serious cyberattack to hackers carrying out an attack on U.S. Census Bureau in 2020, remained the core highlights of the week. 

Here’s a brief review of the major developments of the past week.    

FBR Comes under Serious Cyberattack

In an unprecedented development that occurred right on the country’s Independence Day, cybercriminals conducted a cyberattack on Pakistan’s largest data center run by the Federal Board of Revenue (FBR), bringing down all the official websites and creating a crisis-like situation for the entire tax machinery.

Immediately after the incident, the FBR’s team started migrating services, which it said was essential to facilitate the upgradation of the system in order to improve the seamless services to the clients of the revenue body.

An FBR official said that the attack had impacted the virtual environment of the data center, adding that the hackers managed to exploit the hyper-V software by Microsoft Inc.

An FBR official said that the attack had impacted the virtual environment of the data center, adding that the hackers managed to exploit the hyper-V software by Microsoft Inc.

Brazilian National Treasury Hit by Ransomware Attack

The Brazilian government revealed that a ransomware attack hit its National Treasury on 13 August. 

A statement from finance ministry said that the early measures to control the effect of the cyberattack were quickly taken. The first evaluations have so far discovered there was no harm to the structuring systems of the National Treasury, such as the platforms pertaining to public debt administration.

Security experts from the National Treasury were examining the ramifications of the ransomware attack, while the Federal Police had also been notified. The ministry observed new information on the event would be revealed in a timely manner and with due transparency.

Millions of IoT Devices Exposed to Attack Due to Cloud Platform Flaw

FireEye’s threat intelligence experts spotted a grave flaw that exposed millions of IoT devices to remote attacks.

The vulnerability was discovered in a core component of the Kalay cloud platform for IoT devices offered by a Taiwan-based company named ThroughTek. The firm provides IoT and M2M solutions for surveillance, security, smart home, cloud storage, and consumer electronics systems.

The experts discovered late last year that a critical flaw impacted the platform, which is used by millions of IoT devices. Since a number of the affected equipment also include video surveillance products, exploiting the flaw could let a hacker intercept live audio and video data.

Hackers Hit Census, But Failed to Access System: Report 

A watchdog report divulged that, during a cybersecurity attack, threat actors exploited computer servers of U.S. Census Bureau uninvolved with last year’s census, but they failed to keep access to the system.

The attack occurred in January 2020 on the bureau’s remote access servers.

The Office of Inspector General said that the Census Bureau missed opportunities to restrict its flaw to the attack and didn’t spot and report the attack in a timely manner. The bureau also failed to keep adequate system logs, which stalled the inquiry, and was using operating system no longer supported by the vendor.