Weekly Podcast: €50 million stolen, medical records lost, bad ads blocked, iPhones crashed.

In this week’s podcast, we look at a €50 million cyber fraud, the loss of nearly one million medical records, Google’s ad blocking efforts, and a bug causing iPhones to reboot.

Hello and welcome to the IT Governance podcast. January has just about come to an end, and, somewhat inevitably, it’s been a month of firsts.

The first big cyber crime incident of the year has struck. Austrian engineering firm FACC Operations GmbH, which makes aeroplane parts for the likes of Airbus and Boeing, has lost €50 million after its financial accounting department fell victim to what it called “cyber fraud”. In a statement, the company said the “IT infrastructure, data security, IP rights as well as the operational business of the group are not affected by the criminal activities” and that its production and engineering units are operating normally. An earlier statement said that the “cyberattack activities were executed from outside of the company”. No further information is available. An investigation is underway.

We’ve also seen the first big data breach of the year. American health insurer Centene Corp reports that it has lost six hard drives containing “the personal health information of certain individuals who received laboratory services from 2009-2015 including name, address, date of birth, social security number, member ID number and health information. The hard drives do not include any financial or payment information. The total number of affected individuals is approximately 950,000.” Those affected have been offered free credit monitoring. (A cynic might say that, given the scale of data breaches, there can’t be many US citizens who don’t have free credit monitoring for life.)

Malvertising, phishing scams and the sale of fake goods are a big problem online. Good news, though: Google claims to have blocked more than 780 million bad ads last year for violating its policies. A newly released report from the Internet giant explains that if one were to spend a second looking at each of these, it’d take nearly 25 years. Bad ads belonging to counterfeiters, rogue pharmaceutical suppliers, weight-loss scammers and phishers, as well as sites that offered unwanted software and downloads, and so-called ‘trick to click’ ads – designed to look like system warnings – were all rejected. In spite of this activity, it remains very important to exercise caution when clicking links. Not everything is what it seems.

iPhone and iPad users found this out to their cost this week: a link to a year-old website that causes Apple devices to crash has been doing the rounds on social media. CrashSafari.com overloads Safari by sending a never-ending string of characters to the address bar, causing it to freeze and then crash, which in turn leads to a reboot. Naughty folk have been using URL shorteners to hide the link. Until Apple issues a fix: careful what you click.

And… that’s it for this week. Until next time, remember that you can keep up to date with the latest information security news on our blog. And whatever your cyber security needs – whether regulatory compliance, stakeholder reassurance or just greater business efficiency – IT Governance can help your organisation to protect, comply and thrive. Visit our website for more information: itgovernance.co.uk.