RANSOMWARE SHOWS THE ECONOMIC CONSEQUENCES OF AGEING INFRASTRUCTURE

Term of the month: Spear Phishing

Spear phishing refers to targeting a specific individual or company with a well-researched and per victim crafted phishing e-mail. The end goal is to get access or start an attack on the target with social engineering used to increase the chances of the victim falling for the trap.

BRIEF UPDATE This month has been a real eye opener for large industrial companies and the threat that ransomware poses them. Colonial pipeline that is responsible for half the diesel and gasoline to the US East Coast was attacked by Russian based “Darkside” ransomware group. The chaos that happened afterwards with the public rushing to buy gasoline showed just how vulnerable the aging infrastructure that is running the modern world is to cyber-attacks. Even though the hacker group posted that their only goal was to make money in the form of the $4,4 million ransom, their actions spurred the US government to look at the problem more in depth. Apple released the update 11.4 MacOS to patch a vulnerability that let attacker take screenshots of computers and steal the Safari cookies. A new report found that the number of data breaches within organisations has increased by a third as employees continue to work remotely as a result of the COVID-19 pandemic. Insurance provider CNA has been revealed too have paid a $40 million ransom to get rid of the ransomware that attacked their systems and stole data. Belgian government funded Internet Service Provider was the victim of a denial of service attack that took down more than 200 websites including the parliament and other government institutions. GDPR is celebrating its third birthday and 600 penalties issued with the largest being €111 million and the lowest being €28.

CYBER SECURITY IN THE NEWS

• How a ransomware attack paralysed one of the larges fuel lines in the US

• Colonial Pipeline CEO confirms $4.4 million payment to DarkSide hackers

• Malware caught using a macOS zero-day to secretly take screenshots

• Data breaches increase by a third as staff continue to work from home

• Patch immediately: VMware warns of critical remote code execution hole in vCenter

• Apple found and removed 130 different kinds of malware on the Mac last year

• DDoS attack took large sections of a Belgiums internet offline

• SolarWinds hackers have struck again at the US and other countries

• CNA pays $40 million ransom to lift malware from its systems