TL; DR: Focusing on vaccine and revenge following the notice

Hackers didn’t surprise but confirmed the concerns of the intelligence services. Furthermore, even if you are a company specialized in cybersecurity, it doesn’t mean that you are protected. The proof is the society that has become a target of a sophisticated attack.

An incident with delivery services in Russia was unique; the ransomware group published the data stolen from the Brazilian aircraft manufacturer; and the scanning of thousands of hosts ended unflatteringly.

Always think carefully about who you give your notice and under what circumstances. In Italy, they will confirm that they probably didn’t part good friends.

More in our summary of the week.

It was a matter of time

Several world intelligence services warned for a long time that a research of a COVID-19 vaccine will certainly not avoid cyberattacks. Unsurprisingly, the hackers targeted the European Medicines Agency.

The details of the attack weren’t known immediately. But the media was told that the attackers obtained documents relating to a Covid-19 vaccine from BioNTech, which is cooperating with Pfizer.

Master carpenter…

FireEye, a company dealing with cybersecurity, has become a target of a sophisticated spy cyberattack. The attackers managed to steal a set of software that the company used for penetration testing and ethical hacking.

Despite the severity of the attack, the company’s behaviour was exemplary. They published a stolen set of tools, as well as a set of vulnerabilities for revealing tools.

A bitter statement

An Italian defence company Leonardo S.p.A has become a target of a cyberattack executed by a former employee. The attacker was arrested. A cybersecurity director, who was allegedly perverting the investigation, is also accused.

The attacker managed to steal during 2 years up to 10 GB of data relating to security, defence strategy, human resources, product distribution, design for civil and military aircraft, as well as employee credentials.

The first time in Russia

An unknown cyber attacker managed to open the doors of 2 732 package lockers of a local delivery service PickPoint in Moscow and Saint Petersburg. It is the first cyberattack of this kind.

The attack affected about a third of all lockers operated by the company. The company has already notified the police and is currently working to restore its network after the attack.

Tens of thousands of personal data

An international recruitment agency Randstad with 280 000 clients and operations in dozens of countries, has become a target of the Egregor ransomware attack.

The company’s operations were not disrupted and the Egregor group has so far published only a subset of stolen documents.

Unflattering statistics

A scanning of 3 514 hosts, performed by Positive Technologies, revealed that 84% of companies have high-risk vulnerabilities on their devices.

Up to 58% of companies have a vulnerability with a publicly available exploit, and 10% of the detected vulnerabilities can be exploited without professional programming skills of the attacker.

Huge ransom

Approximately 1 200 servers of electronics manufacturing giant Foxconn have become a target of a DopplePaymer ransomware attack.

The attackers demand a payment of 34 million dollars from the company for decryption keys. They have stolen approximately 100 GB of data and deleted 30 TB of backups.

SHORTCUT

• Thousands of Netgain’s servers providing cloud hosting suffered a ransomware attack in November. The attacker, amount of ransom payment and the date of restoration of operations are still unknown.
• Ransomware criminal gangs are expanding their portfolio of tools. After introducing a mass printing of ransomware alerts, call centres which attackers use to directly address the victim have been also introduced.
• Chinese police detained four cyber attackers for planting malicious marketing software on 20 million Chinese Gionee smartphones.
• Ransomware group RansomExx has published data from the Brazilian aircraft manufacturer Embraer, stolen in November. These include employee data, contract information, source codes, 3D models and photos of aircraft.

« Späť na zoznam