Cyber Bites

Domain Group, an Australian digital real estate business has recently confirmed being targeted in a phishing attack. Jason Pellegrino, CEO of Domain Group, released a statement, in which he stated that " have identified a scam that used a phishing attack to gain access to Domain's administrative systems to engage with people who have made rental property enquiries." He added: "We understand the scammers then contacted some of these people by email to suggest that...

The National Audit Office (NAO) has said that the Covid-19 pandemic has "laid bare" issues caused by legacy IT within the government. The report analysing the government and the pandemic exposed some significant issues with regards to legacy data and IT systems. A large part of the government's Covid-19 response has been the use and sharing of data, however NAO found that this was not always "timely". The report claims that local authorities did not...

Researchers from NETSCOUT's ATLAS Security Engineering & Response Team (ASERT) have reported that the first quarter of 2021 saw the launch of approximately 2.9 Distributed Denial of Service (DDoS) attacks. This is a 31% increase to the amount launched at the same time last year. The researchers claimed that "the first two months of the year are usually the slowest months in the DDoS attack calendar. This year, we saw 972,000 attacks in January, which...

Following the cyber attack on the Ireland's Health Service Executive (HSE), the attackers have sought a ransom. HSE has, however, stated they will not be paying the hackers, even while the country's healthcare and social services continue dealing with the disruption of the ransomware, which has been described as potentially the 'most significant' case of cybercrime experienced against the Irish State. The HSE has said: "Following an initial assessment we know this is a variant...

Recently, KrebsOnSecurity discovered that close to all ransomware strains have a particular built-in failsafe: they will not install on a device that uses specific virtual keyboards, specifically Russian or Ukrainian. Several Russian-language affiliate moneymaking programmes, including Darkside, prevent their criminal associates to install any malicious software on devices in several Eastern European countries. This is an attempt to minimise the chances of investigation against them by local authorities. For example, in Russia, authorities have a...

It has been confirmed that Ireland's healthcare system fell victim to two cyber-attacks on Thursday and Friday last week. The Department of Health reported that its IT systems were shut down after the first ransomware attack on Thursday. On Friday a similar attack was launched against the Health Service Executive (HSE) causing "substantial" cancellations to services. Both incidents were allegedly carried out by the same cyber-crime group.  

Over the weekend AXA, an insurance giant based in Thailand, Malaysia, Hong Kong and the Philippines, reported falling victim to a ransomware attack. The attack is claimed to have been perpetrated by the Avaddon ransomware group, which has said it stole 3 TB of sensitive data from AXA's Asian operations. The attack was not limited to ransomware, as a Distributed Denial of Service (DDoS) was also observed, taking AXA's global websites down for part of...

Following a ransomware attack on the administrative services company, CaptureRx, at least three US healthcare providers suffered a data breach. The attach occurred on February 6, and an investigation was launched almost two weeks later, discovering that several files had been accessed by an unauthorised user. The personal health information (PHI) of more than 24,000 individuals was exfiltrated. Under the providers affected were Faxton St. Luke's Healthcare, Thrifty Drug Stores and Gifford Health Care. The...

The National Cyber Security Centre (NCSC) has released a set of security principles for local authorities to help protect smart city technology from cyber threats. Along with the guidance, it is warning that compromise of a single system in a smart city could have a negative impact across the network if badly designed, this includes internet of things (IoT) devices and underlying infrastructure. The NCSC document, dubbed 'Connected Places Cyber Security Principles', is aaims to...

On Tuesday the internet service provider Belnet fell victim to a cyberattack. The attack took place at 11:00am CEST when the company experienced a distributed denial of service (DDoS) attack. This resulted in Belnet's servers being overloaded and preventing any availability of their online services. The attack affected any website with .be domains. As a number of Belgium's government agencies are customers of Belnet, they too were affected by the attack. The incident affected Belgium's...