The National Cyber Security Centre Finland’s weekly review – 36/2023

Topics covered in this week’s review

• Traficom targeted in denial-of-service attack campaign
• Scammers impersonating Finnish postal service Posti in phishing campaign
• Welcome to the Tietoturva 2023 information security seminar on 12 October 2023
• How to request the deletion of your personal data from taxi service Yango
• The NCSC-FI’s theme for the month of September: An Introduction to Information Security

Traficom targeted in denial-of-service attack campaign

On Thursday 7 September, a hactivist group announced on their Telegram channel that they had carried out a campaign of denial-of-service attacks on several European authorities. Among the listed targets was the NCSC-FI operating under the Finnish Transport and Communications Agency Traficom.

The denial-of-service attack caused service interruptions on Traficom’s websites and services. Traficom responded to the attack with preventive measures, and digital services critical to operations were restored quickly. Other services were secured with backup procedures. Like numerous other organisations, Traficom has made preparations for denial-of-service attacks, but the fact is that there is no way to completely protect against them. Over the past year, the websites and online services of various organisations have been temporarily impacted by application-level attacks in particular.

The impacts of a denial-of-service attack on services are usually temporary. Denial-of-service attacks have often been likened to online traffic jams or demonstrations, the aim of which is to generate media attention.

Scammers impersonating Finnish postal service Posti in phishing campaign

The NCSC-FI has received dozens of reports of a bank credential phishing campaign involving scammers impersonating the Finnish postal service Posti. We previously reported on a similar campaign in our Weekly review 12/2023  (External link).

The campaign is largely similar to the previous one, but the content of the phishing site has changed. This time, the phishing site masquerading as Posti’s website also includes the logo of the Digital and Population Data Services Agency. The text messages containing links to the phishing site talk about accepting a delivery. However, the phishing site made to look like Posti’s website that the links open asks the user to fill in a “muuttoilmoitus” (notification of change of address) and log in using their Posti account. The page title alone should be enough to get your alarm bells ringing, especially if you are not planning to submit a notification of change of address.

Welcome to the Tietoturva 2023 information security seminar on 12 October 2023

Building a safe and secure digital society requires cooperation between businesses and public authorities. Rapidly advancing technologies, such as artificial intelligence, present not only new opportunities but also new kinds of threats. What are these threats and how can you prepare for them? What will the secure software development of the future be like? How will cyber crime evolve?

These and many other questions will be discussed at the Tietoturva 2023 information security seminar organised by Traficom and the National Emergency Supply Agency, which will be held on Thu 12 October 2023 at 9:00–16:30. The event will also be streamed online. The event is free of charge.

More information on the event programme and speakers is available on our website at tietoturvaseminaari.fi (in Finnish). (External link)

How to request the deletion of your personal data from taxi service Yango

Have you used the taxi service Yango and would like Yango to delete all of your personal data from their servers? Did you know that you can directly request Yango to delete your personal data on the basis of the EU’s General Data Protection Regulation (GDPR)?

On 4 August 2023, the Finnish Data Protection Ombudsman issued an interim order to Yandex LLC and Ridetech International B.V. to suspend the transfer to Russia of any customers’ personal data that is collected in the Yango taxi service, and to cease the processing of the personal data collected.

On 29 August 2023, the Finnish Data Protection Ombudsman issued a new decision to postpone the enforcement of the interim order to 26 September 2023. The interim order to suspend the transfer of personal data will therefore come into effect on 27 September.

The NCSC-FI’s theme for the month of September: An Introduction to Information Security

For the rest of the year, the NCSC-FI will be focusing on a specific theme each month. To kick things off, the theme for September is “An Introduction to Information Security,” in accordance with which we will be providing valuable information about the most common information security threats and how you can protect yourself online.

Vulnerabilities

CVE: CVE-2023-41064, CVE-2023-41061
CVSS: -
What: Two zero-day vulnerabilities in Apple products. 
Fix: The security updates fixing the vulnerabilities should be installed without delay, as instances of the vulnerabilities being exploited have already been reported.