Intelligence Briefing #71

Welcome to the Nucleon Cyber Intelligence podcast.

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

A cyber attack has disrupted container operations at the South African port of Cape Town.
Durban, the busiest shipping terminal in sub-Saharan Africa, was also affected. 

Cape Town Harbor Carriers Association said in an email to members: 
“Please note that the port operating systems have been cyber-attacked and there will be no movement of cargo until the system is restored.”
Transnet‘s official website was down showing an error message. Transnet, which operates major South African ports, including Durban and Cape Town, and a huge railway network that transports minerals and other commodities for export, confirmed its IT applications were experiencing disruptions and it was identifying the cause. It declined to comment on whether a cyber attack caused the disruption. 

The state-owned company already suffered major disruptions to its ports and national freight rail line last week following days of unrest and violence in parts of the country.
In response to a question on whether the cyber attack on Transnet was linked to the unrest, a government official said: “We are investigating, and when that is confirmed or dispelled we are going to make that announcement. Currently we are treating it as an unrelated event.” 

“The latest disruption has delayed containers and auto parts, but commodities were mostly unaffected as they were in a different part of the port”, one of the sources said. It will also create backlogs that could take time to clear. Transnet said its container terminals were disrupted while its freight rail, pipeline, engineering and property divisions reported normal activity. 

Due to a major leak at the coronavirus testing company Testcoronanu, it was possible for anyone to create their own Covid vaccination or test certificate, RTL reported in Germany.

Additionally, private details from about 60 thousand people who took a coronavirus test at this company had been leaked. The company is affiliated with the testing for travel initiative from the government. The leak made it possible for anyone to easily add a fake negative coronavirus test result or proof of vaccination by adding two code lines. In the database, it was possible to personally enter which kind of test was absolved and what the result was. 

Afterward, you would automatically receive a travel certificate from Testcoronanu. The site has since been shut down by the Ministry of Health. 

Not only was it possible to add test and vaccination certificates, but users could also alter the data of others. “Anyone with an internet connection could simply adjust data in a corona database”. 

The leak put in question the reliability of the Corona Check app. “Any form of reliability is completely gone”, professor of microbiology at the UMC Groningen, Bert Niesters, said. “It is completely irresponsible to use this app for events where it is not possible to keep one and a half meters distance.”

The leak also revealed personal information, such as the full names, addresses, phone numbers, social security numbers, passport numbers and medical information from over 60 thousand people.

This highly sensitive information can easily be misused by cybercriminals (do you think xdr or edr could stop it ?). All locations from Testcoronanu have been closed. People who had an appointment to get tested will have to make an appointment with a different provider.

The Ministry of Health said they will now investigate how Testcoronanu was accepted as a reliable partner, despite the gaping hole in their data security. “In addition to closing the leak by the provider, we immediately focused on finding a solution for travelers whose test cannot take place now”, a spokesperson for the Ministry of Health said.

That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit for the latest podcasts on cyber intelligence.

댓글 남기기