Cyber Bites

Researchers at Check Point have revealed that the collateral damage of ransomware attacks make up costs roughly seven times higher than the ransom demanded by threat actors. The costs include financial implications caused by incident response efforts, system restoration, legal fees, monitoring costs and the overall impact of business disruption. Ransomware attacks are an increasingly popular attack method, typically involving stealing data from the victim, encrypting data and forcing them to pay for decryption and avoiding...

The group behind Stormous ransomware has announced the sale of almost 161GB of data allegedly belonging to Coca Cola. The data up for sale includes passwords, financial data and account details. The group is asking for 1.6467000 Bitcoin, or $ 64,396.67 for the data. The announcement follows Stormous publishing a poll in which the group asked their followers which company they should target next, with Coca Cola coming out on top.  

Authorities in the United States have offered a $10m reward for anyone that can help locate or identify six members of a state-sponsored Russian hacking group responsible for NotPetya. The call for information was issued by the Department of State's Rewards for Justice (RFJ). The six officers of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) - Yuriy Sergeyevich Andrienko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov,...

State sponsored hackers operating out of North Korea have been targeting journalists with a novel malware strain, it has been revealed.  The group, known as APT37, distribute the malware through a phishing attack originally discovered by NK news, a US news site specialising in covering news and providing research and analysis about North Korea, using intelligence from within the country. APT37, also known as Ricochet Chollima, is suspected to be sponsored by the North Korean...

A new report by Jisc has revealed that ransomware attacks cost organisations in the UK's education sector upwards of £2m per incident. Jisc is a non-profit providing the UK's higher and further education sector with IT services, including the Janet network and incident response. John Chapmans, head of Janet policy and strategy, has warned that ransomware and malware were now the top threats for the sector, closely followed by phishing and social engineering. Jisc's 2020...

The US Federal Bureau of Investigation (FBI) has issued a warning regarding the BlackCat ransonware-as-a-service (RaaS). The ransomware is reported to have hit at least 60 entities globally since its emergence in November of last year to March 2022. Also known as ALPHV and Noberus, BlackCat is notable for being the first malware ever written in the Rust programming language. The language is known for being memory safe and offering improved performance. "Many of the...

The FBI has warned agricultural cooperatives in the US of ransomware attacks that could have devastating impacts on the country's food supply. A Private Industry Notification issued this week claimed that the farming industry could be viewed as an irresistible target during the planting and harvesting seasons. Successful attacks could have major financial implications and impact the wider food supply chain, as grain is used for animal feed. Disruptions at meat or dairy processing facilities...

An expert at the United Nations has called for an increased focus on North Korean cyber activity, as they believe it is being used to fund the country's banned nuclear weapons program. Eric Penton-Voak, a co-ordinator of the the UN group tasked with monitoring the enforcement of sanctions on North Korea made the statement on Wednesday. North Korea is currently operating under most stringent UN sanctions ever imposed on the country. Penton-Voak said that despite...

The Five-Eyes joint advisory board has warned that Russia is considering cyber attacks on Western nations as part of its war in Ukraine. Five-Eyes agencies have said several Russian government and military organisations, including the Federal Security Service (FSB), the Foreign Intelligence Service (SVR) and the General Staff Main Intelligence Directorate (GRU), have conducted malicious cyber operations against information and operational technology networks. It's believed that multiple advanced persistent threat (APT) actors operating out of...

New research from Comparitech has revealed that UK government employees received 2.4 billion malicious emails in 2021. This equates to around 2400 emails per employee, per year. The tech research firm acquired this information through Freedom of Information Requests. Perhaps more concerning, it's estimated that employees across 260 organisations clicked 57,000 suspicious links over 2021. Assessed by employee, NHS Digital recorded by far the highest number of malicious emails in 2021 (89,353), followed by the government...