PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code

In yet another instance of a software supply chain attack, the official PHP GitHub repository was tampered with to insert unauthorized updates.

The two malicious commits were pushed to the “php-src” repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the programming language, and Nikita Popov, a software developer at Jetbrains.

The changes are said to have been made yesterday on March 28.

“We don’t yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account,” Popov said in an announcement.

The changes, which were committed as “Fix Typo” in an attempt to slip through undetected as a typographical correction, involved provisions for the arbitrary execution of arbitrary PHP code. “This line executes PHP code from within the useragent HTTP header, if the string starts with ‘zerodium’,” PHP developer Jake Birchall said.

Besides reverting the changes, the maintainers of PHP are said to be reviewing the repositories for any corruption beyond the aforementioned two commits. Additionally, contributing to the PHP project will now require developers to be added as a part of the organization on GitHub.

It’s not immediately clear if the tampered codebase was downloaded and distributed by other parties before the changes were spotted and reversed.

We have reached out to the maintainers of PHP for more comments, and we will update the story if we hear back.

Found this article interesting? Follow THN on

Facebook

,

Twitter

and

LinkedIn

to read more exclusive content we post.

Read the Full Article here: >The Hacker News [ THN ]

2021 Global Cybersecurity Policy Challenges and Highlights

For many global policymakers, the transformative impact of the COVID-19 pandemic has reinforced the need to adopt new cybersecurity and privacy policies. Here’s a look at what we can expect in the year ahead.

The COVID-19 pandemic and resulting global economic downturn represent new challenges for government security leaders. Indeed, the massive shift to remote work for both the public and private sectors has forced businesses, governments and other organizations to adapt security practices, processes and policies to account for the significant range of new devices and assets which are now connected to enterprise networks. Both governments and enterprises have seen increases in COVID-19 related phishing and other cyberattacks against employees during the pandemic. Unpatched hardware, software and configuration vulnerabilities in home devices can now be exploited and leveraged to attack enterprise networks. 

For many global policymakers, the transformative impact of the pandemic has reinforced the need to adopt new cybersecurity and privacy policies, many of which were under consideration before the pandemic, in order to strengthen trust in the digital economy. These include efforts to promote data privacy and protection, raise baseline security standards of care, and implement cybersecurity certification regimes. 

At Tenable, we’ve identified the following global privacy and cybersecurity policy challenges and expected developments that cybersecurity professionals need to monitor in 2021: 

European Union Network and Information Systems (NIS) Directive review and implementation of the EU Cybersecurity Act

Since the current NIS Directive entered into force in 2016, the cyberthreat landscape has been evolving. The EU Commission has launched a public consultation on a proposed revision of the Directive. This will be an opportunity to clarify minimum cyber hygiene standards, consider the expanded threat landscape of cloud computing and operational technology (OT) risks and harmonize security standards across the EU. Much of this harmonization will likely come through implementation of the cybersecurity certification schemes under the EU Cybersecurity Act. While the cybersecurity authorities of the member state — including BSI in Germany and  ANSSI in France — will play lead roles in driving these certifications in their respective countries, we also expect them to work closely with the European Commission and the European Agency for Network and Information Security (ENISA) in order to drive towards greater convergence. Certifications under consideration in 2021 include new E.U.-wide certification standards for EU Common Criteria for critical infrastructure, as well as certification regimes for cloud services, artificial intelligence, and 5G. 

Brazil data security and Latin America regional influence

It has been more than two years since the European General Data Protection Regulation (GDPR) came into effect and changed the landscape of global data security. The “data protection by default” approach of the GDPR is now being mirrored in Brazil with the Lei Geral de Proteção de Dados Pessoais (LGPD), with some key differences. The LGPD, which went into effect in August 2020, has a broad scope and applies to any organization that processes Brazilian citizen data. With digital transformation underway at many of the organizations which routinely process Brazilian citizens’ data, it will be critical to understand these new requirements and to avoid penalties. The Brazilian government is expected to clarify some of the provisions of this law in 2021. Brazil is influential across the Americas and its minimum security standards will be impactful for data security practices.

Continued development of minimum data security standards

Japan, Brazil, Canada, India and New Zealand all made updates in 2020 on regulations impacting data security standards. All of these countries moved closer to the EU model of minimum cybersecurity standards and substantial fines for non-compliance. This trend is likely to continue, with governments reviewing their basic cybersecurity standards in light of the changing threat landscape and concerns for data privacy. Expect to see more extraterritorial reach for these laws as governments mandate basic cybersecurity requirements and leverage fines to organizations who ignore security.

Focus on critical infrastructure and operational technology standards in APAC

Because there is a wide range of maturity for OT security policy across APAC, there is a need for developing and harmonizing security best practices. Regional industry groups are likely to drive alignment with international, consensus-driven standards. As an example, the ASEAN Ministerial Conference on Cybersecurity (AMCC) agreed in 2018 to subscribe in principle to 11 voluntary, non-binding norms as well as to focus on regional capacity-building in implementing these norms. These norms include critical infrastructure protection and OT protection. In 2018 Singapore published its Master Plan for Operational Technology standards. These efforts are likely to grow across APAC in 2021 as 5G technology is adopted and the OT threat landscape risk grows. Additional country-specific activity in the region includes:

  • Australia: Earlier this year, Australia launched a consultation on a proposed enhanced regulatory framework for operators of critical infrastructure and systems of national significance. This focus on critical infrastructure stems from Australia’s Cyber Security Strategy 2020, where the government noted that highly sophisticated nation states and state-sponsored actors continue to target governments and critical infrastructure providers. In response, the strategy calls for critical infrastructure businesses to improve baseline security, and states that the government will invest funds in cyber situational awareness, research on cyberthreats, and vulnerability assessment.

  • India: Government leaders in India have been increasingly focused on the security of their industrial technology infrastructure against cyberattacks. Critical infrastructure cybersecurity will therefore likely be a major focus area in India’s National Cyber Security Strategy 2020 and early implementation of the strategy is expected in 2021.
  • Japan: Japan continues to implement provisions of the Cyber Physical Security Framework, released by the Ministry of Economy, Trade and Industry (METI) in 2019 and focused on security for consumer and industrial IoT. As part of this implementation, METI released a draft IoT Security Safety Framework earlier this year, focusing on security for the layer of mutual connections between physical devices and cyberspace. METI will likely develop further guidance on Cyber Physical Security in 2021, especially as the Tokyo Summer Olympics, which constitute a prime target for cyber attackers, have been rescheduled for next summer.

Brexit and data security

As Brexit is finalized with the U.K., there will continue to be concerns about data privacy standards and enforcement across borders. This will be tested with new reviews and examination of data privacy enforcement and adherence to agreed upon standards. While the UK has committed to implementing both the GDPR and the NIS Directive, data security remains a sensitive issue that the EU and U.K. governments will continue to review.

Regulatory Harmonization of Cybersecurity Regulations for Financial Services

This year, we saw further progress in the U.S. regarding efforts to harmonize the regulatory requirements for cybersecurity in financial services and the growing acceptance of a risk profile model that could be examined across multiple regulatory agencies. The framework is largely based on the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity. There is also continued discussion of harmonization in Europe and APAC. And we expect additional review of these requirements in Europe in the year ahead as banks seek to reduce duplication across national agencies and limit burdensome regulatory requirements. This is hopefully an opportunity to focus on critical risks and maintaining harmonized standards for cybersecurity.

U.S. Energy and Critical Infrastructure Security

Over the last year, the U.S. Congress has worked on the American Energy Innovation Act, which contains numerous cybersecurity provisions to strengthen the cybersecurity of the nation’s energy infrastructure through public-private partnerships, rate incentives for cybersecurity investments and advanced cybersecurity technology and application research and development. While this bill is unlikely to pass before the end of this Congress, we expect to see similar legislative efforts on strengthening energy sector cybersecurity in 2021. The U.S. Department of Energy (DoE) and Department of Homeland Security (DHS) will also continue to prioritize energy grid and industrial cybersecurity through policy guidance and updated standards. Questions regarding whether these approaches will take a more voluntary or regulatory approach in 2021 may depend on presidential and congressional election outcomes. Additional U.S. activity includes:

  • Supply chain protections: With a COVID-19 vaccine expected by 2021, the U.S. and other global governments will continue to focus on supply chain security to protect the manufacturing and distribution of vaccines.

  • Transportation and infrastructure: Congress is also expected to consider a major transportation and infrastructure package in 2021. This legislation is expected to include provisions on smart, digital infrastructure. Therefore, critical infrastructure and OT cybersecurity considerations will need to be addressed as well.

  • Vendor certifications: Implementation of the U.S. Department of Defense (DoD) Vendor Cybersecurity Certification Program The Cybersecurity Maturity Model Certification (CMMC), part of the DoD unified standard for implementing cybersecurity across the defense industrial base (DIB), will become more impactful in defense acquisition processes in 2021. As before, contractors will remain responsible for implementing critical cybersecurity requirements to protect sensitive defense information. However, the CMMC requires third-party assessments of contractors’ compliance with mandatory practices, procedures and capabilities to prevent cyberattacks from new and evolving threats. Due to the size and complexity of the defense industrial base, it’s likely that the CMMC will face technical and logistical hurdles as it is implemented on a much larger scale. However, it also represents an important opportunity for the DoD to improve its cybersecurity posture and close the cyber exposure gap for the DoD and its contractors by creating incentives for stronger cybersecurity processes and practices.


Conclusion

Understanding the policy landscape helps security and business leaders to stay prepared for new trends and requirements. In the modern connected world, policy trends in one region often influence government actions in another region. Governments are increasingly scrutinizing data privacy and security. This trend is likely to continue. Awareness of the above trends can help leaders to stay aware of government concerns and this helps avoid costly fines and regulatory problems.

Learn more:

Read the Full Article here: >Tenable Network Security

Phishers bypass Microsoft 365 security controls by spoofing Microsoft.com

A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales.

It also led them to discover that Microsoft servers are not currently enforcing the DMARC protocol. “This is especially perplexing when considering Microsoft frequently ranks as a top 5 most spoofed brand year after year,” said Lomy Ovadia, the company’s VP of research and development.

The phishing campaign

The phishing emails in question look like this:

OPIS

The attackers:

  • Spoofed the sender’s domain to make it look like the email comes from Microsoft
  • Used a relatively new Microsoft 365 capability (to review quarantined messages) as a pretext to trick users into following the offered link
  • Attempted to create a sense of urgency

The link takes users to a fake login page that “asks” for Microsoft 365 login credentials. Needless to say, users who enter them are effectively handing them over to the phishers.

“What’s interesting about this campaign is that exact domain spoofs aren’t incredibly sophisticated attacks for gateway controls to detect,” Ovadia noted.

“The reason why SEGs [secure email gateways] can traditionally stop exact domain spoofing is because, when configured correctly, this control is compliant with Domain-based Message Authentication, Reporting and Conformance (DMARC).”

DMARC is an email authentication protocol designed to help email domain owners protect their domain from unauthorized use.

“Any other email service that respects and enforces DMARC would have blocked such emails. It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure,” Ovadia concluded.

The phishing campaign has been aimed at Microsoft 365 enterprise users within various verticals (finsec, healthcare, insurance, manufacturing, utilities, telecom, etc.).

Read the Full Article here: >Help Net Security – News

Sudo Flaw Lets Linux Users Run Commands As Root Even When They’re Restricted

linux sudo hacking

Attention Linux Users!

A vulnerability has been discovered in

Sudo

—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system.

The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a targeted Linux system even when the “sudoers configuration” explicitly disallows the root access.

Sudo, stands for “superuser do,” is a system command that allows a user to run applications or commands with the privileges of a different user without switching environments—most often, for running commands as the root user.

By default on most Linux distributions, the ALL keyword in RunAs specification in /etc/sudoers file, as shown in the screenshot, allows all users in the admin or sudo groups to run any command as any valid user on the system.

However, since privilege separation is one of the fundamental security paradigms in Linux, administrators can configure a sudoers file to define which users can run what commands as to which users.

So, even if a user has been restricted to run a specific, or any, command as root, the vulnerability could allow the user to bypass this security policy and take complete control over the system.

“This can be used by a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access as long as the ALL keyword is listed first in the Runas specification,” the Sudo developers say.

How to Exploit this Bug? Just Sudo User ID -1 or 4294967295

The vulnerability, tracked as CVE-2019-14287 and discovered by Joe Vennix of Apple Information Security, is more concerning because the sudo utility has been designed to let users use their own login password to execute commands as a different user without requiring their password.

What’s more interesting is that this flaw can be exploited by an attacker to run commands as root just by specifying the user ID “-1” or “4294967295.”

That’s because the

function which converts

user id into its username incorrectly treats -1, or its unsigned equivalent 4294967295, as 0, which is always the user ID of root user.

“Additionally, because the user ID specified via the -u option does not exist in the password database, no PAM session modules will be run.”

The vulnerability affects all Sudo versions prior to the latest released version 1.8.28, which has been released today, a few hours ago and would soon be rolled out as an update by various Linux distributions to their users.

So, if you use Linux, you are highly recommended to update sudo package manually to the latest version as soon as it is available.

Read the Full Article here: >The Hacker News [ THN ]

First look at CCleaner’s Health Check feature

Piriform, maker of the popular temporary file cleaner CCleaner, started to integrate a new Health Check feature in the latest version of the client.

The release notes of CCleaner 5.62.7538 reveal that Health Check is the "next iteration" of the recently introduced Easy Clean feature of the client. The company plans to roll out the feature to all clients in the coming weeks.

Easy Clean’s main purpose was to make CCleaner easier to use for non-technical users. Easy Clean ran automatically for the most part and offered less functionality than the program’s full mode. The mode lacked customization options and focused on trackers and temporary files (called junk) only.

We concluded back then that it had nothing to offer for technical users but could be an option non-technical users.

CCleaner’s Health Check feature

checking pc health

Health Check replaces Easy Clean in the CCleaner interface. The feature is available in all versions of the application but the free version is somewhat limited; that’s one of the differences between Health Check and Easy Clean.

CCleaner displays a number of intro pages on first run that claim that the feature may improve PC security and privacy, free up disk space, and boost performance. Some of these claims may sound like snake oil at first as they may remind of the promise of game boosters to improve PC performance.

Health Check scans analyze the PC in four different areas (two of which are limited to commercial versions):

  1. Privacy — checks for trackers, e.g. cookies.
  2. Space — checks for temporary files that can be removed to free up space.
  3. Speed — checks for startup items and suggests items that you may disable to speed up system start.
  4. Security — checks for application updates.

All Health Check does is combine several of the tools of CCleaner in a new Health Check component. Security seems to use the built-in software updater of the professional version to highlight programs for which updates are available.

health check result

CCleaner displays a health status after the scan, e.g. "your PC feels under the weather". The status is only displayed if the program is allowed to connect to the Internet. Likewise, Speed and Security results are only available if the program is connected to the Internet; an "unavailable when offline" message is displayed otherwise.

Closing Words

CCleaner’s Health Check has not improved all that much for free users as it limits cleaning to trackers and junk files on the system. Pro users benefit from the added startup programs and program version checks. All of these options are also available under custom clean or tools, and experienced users may prefer these over running Health Check.

The new module may be useful to users who want results fasts and without having to dig deeper into program mechanics.

Now You: Would you run something like Health Check? (via Techdows)

Thank you for being a Ghacks reader. The post First look at CCleaner’s Health Check feature appeared first on gHacks Technology News.

Read the Full Article here: >Top 100 Network Security Tools

11 steps organizations should take to improve their incident response strategy

As the year draws to a close, it is time for businesses across all industries and sectors to reflect and prepare for the upcoming new year. With this in mind, FIRST has produced 11 vital steps that organizations should take to improve their incident response strategy.

organizations incident response strategy

It is highly likely that an organization will face a cybersecurity incident of some sort at some point in its lifetime, regardless of the level of cybersecurity defense in place.

According to a global survey undertaken by Marsh in partnership with Microsoft, two-thirds of respondents ranked cybersecurity as a top five risk management priority, but only 19% expressed high confidence in their organization’s ability to manage and respond to a cyber event, and only 30% have developed a plan to do so.

Below are 11 steps that an organization should take to become more resilient against an incident.

Planning for a security incident

Assign a clear incident leader: During a response, coordination is needed across many teams, including Security, IT, Engineering, Operations, Legal, Human Resources and Public Relations. In most cases, technical response work will not all be conducted by a single team.

However, organizations benefit by having one clear authority within the organization who defines the process that will be followed and focuses on planning those interactions ahead of an incident.

Manage the information gap: Plan ahead to have a communications lead, who works closely with the incident leader, and works to satisfy third party information requests from across the organization. During an incident, there will be a large set of requests for information, with a small team actually investigating and developing the deliverables.

An often-overlooked piece is to record details of each decision as it happens. When you look to perform a post-mortem after the event it can be extremely difficult to recall the exact timeline of the incident. Multiply this with the complexity of many of the incidents we see today and it can become almost impossible.

Your team needs to build relationships with the incident response community. Effective cooperation during an incident is about trust. When an incident strikes, it’s too late to build it. Have your team engage with business partners, national Computer Security Incident Response Teams (CSIRTs) and service providers before you need the relationship.

Join relevant organizations in the field, meet their security teams at conferences and industry working groups, or use existing mechanisms such as a vendor review process to determine and track the right points of contact early on.

Retain external legal, PR and technical support: There will be technical skills not available to your team. These may include legal, public relations and technical support, such as crisis management or disk forensics. Find a provider for these services and sign a retainer, before the incident strikes.

Study applicable reporting requirements: You may have made commitments to your customers on how quickly you’ll inform them when data is breached.

Even if you haven’t, various legal reporting regulations are now in effect, such as the GDPR, where organizations typically have up to 72 hours to gather relevant information and report to the appropriate regulator – or the European Union NIS Directive, according to which specific Digital Service Providers must report “with no undue delay”.

Work with your legal team to understand each requirement ahead of time, so your incident response process takes them into account.

Exercise, exercise, exercise: It’s a common misunderstanding that security exercises are only important once you’ve achieved a certain level of maturity. In fact, exercises pay off from the very beginning.

Take a scenario that affected another organization and perform a table-top walkthrough of how your organization would deal with that same incident. At the very least you’ll identify gaps you still have to address.

Exercises should be regular and involve a range of participants. It’s important that the senior members of an organization (right up to senior executive management) as well as the technology and other staff participate. The “muscle memory” this will build is invaluable when a real incident occurs.

Responding effectively and managing risk

Communicate often and early: When a security incident is known to the public, it’s important to acknowledge it early, even if you can only state you are investigating. This helps ensure that affected parties understand you are aware and working on it and will be a source of information in the future.

Providing regular updates helps ensure a cadence, so they will come back at regular intervals and will feel less inclined to go look for information from other sources, which may be inaccurate.

Be truthful and straightforward: End users lose trust when communication isn’t clear and understandable, or if they feel you are not expressing what truly happened. Be clear and write to the technical level of your users, but don’t make things sound better than they truly are. When end users are exposed to risk as a result of your breach, say it.

Don’t lose track of the basics: “What would have happened if this took place on another system?” is valuable information, but you should first focus on the key questions you need your team to pursue early on.

Higher priority questions typically include: “How did the breach take place?” and “What customer data is affected?”. Failing to reach basic agreement on the impact of an incident can cause delays and confusion later.

After the incident

Study and document your response: The most important phase when handling a security incident is the “post-mortem”. It’s almost impossible to prevent all incidents from happening, so this is a chance to review why this one took place and identify ways to improve your program.

Ask the “Five Why’s”: every time you believe you have an answer to why the incident took place, ask for a deeper, underlying cause, until you hit at least five levels of “Why.” Address all levels, and focus on the deeper, underlying ones, as they will lead to other, future incidents if left unaddressed.

Never let a good incident go to waste: There are two positive benefits from an incident: The first is that as it so clearly illustrates both needs and impacts; an incident is often the best time to get additional investment to prevent the next one.

Make sure to clearly communicate what your security program needs to be more effective and create follow up plans to get buy-in from senior leadership in your organization. Secondly, every incident you work helps you learn more about your process and your organization; how your systems interact but more importantly, how your people interact.

Share your learnings: As a community, we can only become better if we actively share information on the cybersecurity issues we experience. Airlines are so safe exactly because every failure is scrutinized and shared in detail with others, and action plans are made by airlines regardless of who was originally affected.

By sharing your learnings, other community members have an opportunity to learn, and the internet becomes a safer place to socialize and do business.

By taking these steps, organizations will be in a better place to effectively respond to a security incident. Finally, think of organizations in the context of a supply chain. Most organizations care about a breach of customer information. But even more persistent and concerning can be the effect of products and deliverables on other organizations.

In this position, for instance as a B2B provider selling hardware and software, or providing a service that when interrupted, would impact critical infrastructure, the narrow definition of a data breach may not be the biggest concern and other risks will need to be addressed and analyzed.

Read the Full Article here: >Help Net Security – News

German banks to stop using SMS to deliver second authentication/verification factor

German banks are moving away from SMS-based customer authentication and transaction verification (called mTAN or SMS-TAN), as the method is deemed to be too insecure.

German banks SMS-TAN

According to German business news outfit Handelsblatt, a number banks – whether private, co-operative or public – have either stopped offering the option or are planning to remove it by the end of the year. Among these are Postbank, Berliner Sparkasse, Consorsbank, and others.

The reasons are mostly due to security and regulation compliance

Since a lot of people do their online banking via their mobile/smart phones, hackers need to compromise only this device to get all the information needed to perform a fraudulent transaction. Users can have also their online banking credentials compromised and be targeted with fake text messages purportedly coming from the bank.

It’s also becoming common for attackers to perform SIM swapping to impersonate the target’s phone and validate the fraudulent transaction. And, finally, there have been instances of criminals exploiting long-known security vulnerabilities in the SS7 protocols to bypass German banks’ two-factor authentication and drain their customers’ bank accounts.

The German Federal Office for Information Security (BSI) has been warning of security risks of using SMS-TAN for years, Handelsblatt noted, and instances of abuse of the mTan process have become more frequent.

Also, banks and other payment services providers must get in line with the EU Payment Services Directive 2 (PSD2), which mandates that remote electronic transactions performed by EU consumers must be authorized using “strong customer authentication” (SCA).

“‘Strong customer authentication’ means an authentication based on the use of two or more elements categorised as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data,” the Directive states.

Also: “Where the payer’s payment service provider does not require strong customer authentication, the payer shall not bear any financial losses unless the payer has acted fraudulently.”

SMS-TAN falls into the “knowledge” element, and the European Banking Authority (EBA) does not considered it to be SCA-compliant.

With the mTan option gone, users will have to start using:

  • ChipTANs (TAN generator devices provided by banks)
  • Photo-TANs (a special mobile app or reader device that photographs a “barcode” on the computer screen and generates the TAN number)
  • Push-TANs (via a specialized Tan app) or
  • Digital signatures (via smart cards).

Read the Full Article here: >Help Net Security – News

Cash rules the day when Telstra outage cripples ATMs, payment systems across Australia

Australian shoppers were left high and dry for three or more hours on Thursday when ATMs and some Eftpos terminals stopped working, due to a service outage with Telstra, the country’s main telecommunication provider. 

The nation’s big four banks  — Commonwealth Bank of Australia, Westpac Banking Corporation, Australia and New Zealand Banking Group and National Australia Bank — and many retailers, including Woolworths, Caltex Australia and Australian Post, were among those hit by the failure, leaving many shoppers unable to access cash or complete their payments at the checkout counter. 

The outage began around 3 p.m. AEST on Thursday. Just before 6 p.m. AEST, Telstra confirmed the network was back. “Good news. Many of our services are starting to restore. We’re sorry if this issue has messed up your night. We’ll provide another update when we know more.” the company said in a tweet

Still, retailers lost money during the blackout period. Some restaurants had to let meals go unpaid and some petrol stations were also left hanging, when customers had no cash on them and were unable to get cash, because ATMs were also down, according to iTnews

Just how much did retailers lose out on during the outage? Dominique Lamb, CEO at National Retailers Association, Lamb told the Sydney Morning Herald that in July 2018, AUS$837 million (US $585 million) was spent each day on retail purchases in the country. 

“We know that basically, they were finding it very difficult to trade for the second half of that day which is ultimately going to have an impact … we’re predicting it’s going to be up to $100 million [US$70 million],” she said.

The teleco is still investigating the cause of the outage but says early investigations point to “an unusually large volume of traffic” across networks in NSW Australia, according to the Herald.

Read the Full Article here: >ATM Marketplace News