Steady rain in January cyber weather
Information security now!
Cyber weather has a new design inspired by the new Transport and Communications Agency. Now cyber weather also includes longer-term top five threats and monthly conclusions with highlights that deserve praise and issues that need further development.
Office 365 phishing scams continue
The Office 365 phishing campaign was still active in January. Phishing messages are sent to contacts of compromised user accounts, which adds credibility to the emails. The attackers’ motive still seems to be fake billing, for example, by modifying the payment information on the messages. They can also use stolen credentials to access business secrets or other sensitive material.
Winter storm Aapeli affected network performance
At the beginning of the year, storm Aapeli caused disruptions in network services. Telecommunications operators and electrical power network operators managed to repair the damage quite quickly especially in mainland Finland through good cooperation. The number of other performance incidents was a little higher than usual, too.
January was relatively quiet in terms of DoS attacks
The number of DoS attacks decreased in January and their impact was minor. Attack volumes were mainly between 10 and 20 Gbps.
Large collections of usernames and passwords posted online
A massive list of usernames and passwords was posted online. The list named Collection #1–5 mainly includes credentials from previous data breaches. The password leak reminds us to use different combinations of usernames and passwords for each site.
See the cyber weather for January below: