Cyber Security News Roundup – 2nd October 2023
By Emily Davidson
02 October 2023Cyber crime continues to pose a serious security risk, with the Royal Family and multinational conglomerates among last week's victims. To learn more about each story, click the headings.
Sony investigates cyberattack as hackers fight over who's responsible
26/9
Last week Sony said that it was investigating allegations of a cyberattack, with different hackers stepping up to claim responsibility. Over 3.14 GB of uncompressed data allegedly belonging to Sony has already been dumped onto hacker forums, with two threat actors named RansomedVC and MajorNelson fighting to claim responsibility. RansomedVC claim to have stolen 260 GB of data during the attack, which they are now offering for sale at $2.5 million - MajorNelson also leaked the compressed archive containing 3.14Gb of alleged Sony data.
Bleeping Computer reached out to Sony for comment, being told by a spokesperson ""We are currently investigating the situation, and we have no further comment at this time". While the data shared by the attackers does appear to belong to Sony, the veracity of either threat actor's claims was not able to be independently verified. (Bleeping Computer)
Johnson Controls International Disrupted by Major Cyberattack
28/9
Multinational Conglomerate Johnson Controls reported a cyber attack to the US Securities and Exchange Commission last week, saying that it had suffered disruption to its internal IT infrastructure.
Researchers at Nextron Systems shared a tweet that included a ransom note from cyber crime group Dark Angels stating: "HELLO dear Management of Johnson Controls International! If you are reading this message, it means that: your network infrastructure has been compromised, critical data was leaked, files are encrypted, backups are deleted." The gang has allegedly stolen over 27TB of data and encrypted Johnson Controls' VMware ESXi machines.
In its filing with the SEC, Johnson Controls stated that its applications remain unaffected, but that it is continuing to review the financial impact. The company has also established an incident management and protection plan. (Dark Reading)
FBI: Dual ransomware attack victims now get hit within 48 hours
30/9
The FBI have noticed an emerging trend among ransomware attacks where multiple strains are deployed onto victims' networks, encrypting their systems in under two days. These trends were observed starting July 2023, with variants used in these dual ransomware attacks including AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal.
In the past dual ransomware typically took a minimum of 10 days to deploy. In this case, the vast majority of ransomware incidents that targeted the same victim took place within a mere 48-hour timeframe. In addition, ransomware gangs have begun to add new code into their custom data theft tools, wipers, and malware to evade detection.
Recommended practices include keeping all systems up-to-date and conducting thorough scans of infrastructure to identify potential backdoors or vulnerabilities, restricting access solely through VPN and exclusively to accounts with a strong password and enforced multi-factor authentication, and network segmentation.(Bleeping Computer)
Royal Family's official website targeted in cyber attack
1/10
The Royal website was taken down over the weekend following a Distributed Denial of Service (DDoS) attack. With official sources saying that is not known who was behind the attack, adding that it was not a hack and no access was gained to the website's systems or content, Russian group Killnet took responsibility on their Telegram channel. (Sky News)
Attempted cyber attacks occur every second, and as we can see from the recent headlines, constantly change in nature. It's critical that your organisation is as protected as possible from all forms of cyber crime, so Contact Celerity to find out how our layered approach to cyber security could protect your business!
Latest resources
A Guide to Cyber Recovery Cleanrooms
At Celerity, we’re committed to helping organisations navigate the complexities of emerging technologies that drive resilience and compliance. That’s why we’re excited to share this insightful article from our partner, Predatar. Written by CEO Alistair Mackenzie, it explores the growing importance of cyber recovery cleanrooms, their benefits, and how to cut through the noise to make informed decisions.
Celerity Secures Spot on Crown Commercial Service G-Cloud 14 Framework to Drive Public Sector Digital Transformation
Celerity is delighted to have been named as a supplier on the Crown Commercial Service (CCS) G-Cloud framework, with the latest iteration, G-Cloud 14, commencing on 9th November 2024 and running through April 2026.
Play your virtualisation cards right with Red Hat OpenShift
If you’re the customer of one very large virtualisation vendor, you may feel like you’ve been dealt a pretty bad hand over the last few months. With the long-term impact of new licensing and support programmes up in the air, organisations are seeking guidance from IT service providers on how they can best plan for, and manage, their virtualised infrastructure going forward.