Welcome to the latest issue of Cyber Insights! In this edition we discuss the latest scam involving DocuSign, unpack the Fire Rescue Victoria security breach and share some tips around Personally Identifiable Information (PII).
Scam Alert
The scam starts with a fake email that appears to be from DocuSign. The email asks you to review and sign a document as soon as possible and contains an HTML attachment. Instead of an important document, the attachment is a blank SVG with malicious code. Because this code is hidden inside the attachment, the email can bypass security filters. If you download the attachment, the code will redirect you to a malicious website that will prompt you to enter sensitive information. If you enter this information, cybercriminals can use it for their own purposes.
Follow the tips below to stay safe from similar scams:
- Always think before you download an attachment. This cyber attack is designed to trick you into impulsively downloading attachments.
- Never click a link or download an attachment in an email that you aren’t expecting. While this attack targets DocuSign users, this scam could be used with any organisation that manages electronic agreements.
- Enable multi-factor authentication (MFA) on your accounts when it is available. MFA adds an extra layer of security and lowers the chance of cybercriminals logging in to your account.
Security Breach
Exploit: Ransomware
Fire Rescue Victoria (FRV): Public Safety Service
Risk to Business : SEVERE
The Vice Society ransomware group has claimed responsibility for a ransomware attack on Fire Rescue Victoria that resulted in data theft. The December 2022 attack led to a widespread IT outage for the fire department, a public safety threat. Vice Society has released a sample of the stolen data on its dark web leak site. That leaked data includes budget documents, job applications and other sensitive information. FRV has recovered many critical systems since the incident. However, reports say its overall IT infrastructure is still not fully operational. As a result, FRV has had to resort to using older, offline resources such as dispatch crews, mobile phones, pagers and radios. Firefighting crews and trucks remained operational throughout the incident, which remains under investigation.
Cybersecurity Tips
Personally Identifiable Information, or PII
Sensitive information is privileged information that, if compromised through alteration, corruption, loss, misuse, or unauthorised disclosure, could cause serious harm to an individual or organisation. Therefore, you must always give privileged information the highest level of protection. Here we discuss Personally Identifiable Information or PII.
For data protection, Personal Identifiable Information is defined as any instance of an individual’s first name, first initial, last name, and any additional confidential items.
The additional confidential items include Medicare number, driver’s license, credit card number and expiration date, date or place of birth, wage and salary information, vehicle identifiers including license plate numbers, medical history and Tax File Number.
The key to remembering if the information can be used to uniquely identify a specific individual using non-public information is PII which must be protected.
Example:
John Smith was born on January 1, 1965.
Which listing below would be an example of PII?
A) John Smith – DOB 1/1/1965
B) John S. – DOB 1/1/1965
C) John Smith – DOB 1/1/xxxx
The answer is A. B and C are not examples of PII alone.
Employees who mishandle sensitive data can cost their companies money, customer trust, and even more government regulation. So do your part to keep your sensitive information safe at all times.
Find out more about cybersecurity for your business here or book a complimentary consultation with our Chief Information Security Officer, Chris Haigh here
