TL; DR: Lithuania under fire and the world on its knees due to SolarWinds

While you read the latest news from the world of cybersecurity, the European Union is preparing for great things which have been introduced in a new strategy. The European Commission and the High Representative of the Union for Foreign Affairs and Security Policy Josep Borrell have introduced a “new cybersecurity package”. It contains a new EU cybersecurity strategy as a key element in shaping Europe’s digital future, the Recovery Plan for Europe and the EU Strategy for the security union.

A main goal of the strategy is to strengthen Europe’s shared resilience to cyber threats and to help ensure that all citizens and enterprises can fully make use of trusted and reliable services and digital tools.

In the following lines, you will read more about the large-scale attacks on Lithuania, the SolarWinds software case, and also the relatively innocent phishing attack on Subway fast food chain.

Who’s going to calculate a final bill?

The impact of the backdoor in SolarWinds software, which was caused by the attack on the company’s supply chain, is getting global. Almost all sectors whose systems run on newer versions of the software are vulnerable.

The attack is alarming for all sectors, mostly for public administration, banking and energy. The victims include several US government agencies, as well as companies such as Ford, AT&T, Fortune500 and the Los Alamos Nuclear Weapons Laboratory. The extent of the damage caused by these vulnerabilities is most likely to be incalculable.

Lithuania under fire

Lithuania has become a target of a coordinated and sophisticated cyberattack. Cyber attackers breached several content management systems (CMS) operated by organizations of Lithuanian public sector, to gain access to 22 different websites.

Subsequently, they launched a disinformation campaign with corruption, diplomatic and military content. The attack is considered to be the most complex and largest in the Baltic region.

Sailing anyway

Hurtigruten, which operates ferries as well as cruises in the cold regions of the Arctic and Antarctic, has become a target of a large-scale ransomware attack. The company said in a statement that several key systems, as well as the website are currently down, but do not expect financial or material losses. The attacker, type of ransomware, and the method of incident handling are not known yet.

Baguettes in hackers’ focus

Even the UK’s Subway fast food chain wasn’t spared a cyberattack. The attackers took control of the company’s marketing e-mail server, through which they sent phishing e-mails with attachments containing the latest version of the TrickBot malware. Customers in the UK subsequently received e-mails about “confirmation of the order”. As soon as the company disclosed a disruption, compromised servers were immediately locked down and customers notified. 

Billions of dollars

A survey of gaming community found out that more than one-tenth of computer gamers in the sample (12 percent of 179 million people) has become a victim of identity theft. In total, these figures are valued at 347 billion dollars. The research was carried out by the security firm Kaspersky.

(In)significant attack?

Panasonic India company has become a target of extortion. The attacker urged the company to pay a 500 000 dollars ransom, otherwise the data, to which they managed to gain access, would be publicly released within 7 days. As part of the extortion, the company was also asked to pay 40 000 dollars in bitcoins, otherwise the attacker will publish the data that will allow to access the company’s systems. The company claims that confidential information and personal data of customers and suppliers are not jeopardised.

However, current information indicates that the leaked data also included bank and account data, sets of passwords to systems, e-mail addresses, personal information about employees, suppliers, customers and others.

Question of time

Lookout has discovered a new spyware targeting Android and iOS devices – Goontact. The Trojan is able to exfiltrate device identifiers, contacts, SMS messages, photos on external storage and location information. So far Goontact has been identified only in Asian countries.


« Späť na zoznam