Week 14 Cyberattack Digest 2019 – Bayer, Hoya, Georgia Tech and others

We hope you still like our tradition of posting cyberattack digests every week, and today, as always we have a new portion of the hottest cyber news for you in our Week 14 cyber attack digest.

Bayer drugmaker investigates a cyber attack

by Reuters – 4 April 2019

Bayer, German drugmaker, has found out about a cyber attack presumably originating from China. According to the company’s officials, Bayer faced the risk of data theft. The infectious software was detected in organization’s computer networks early last year. The malware was covertly monitored and analyzed. At the end of last month, security staff then cleared the threat from Bayer’s systems.
According to the company’s representatives, there has been no evidence of data theft and German state prosecutors have launched an investigation.Still, the overall damage is still being assessed. “This type of attack points toward the ‘Wicked Panda’ group in China, according to security experts,” the spokesman of the affected company explained.

Ransomware affects Albany, New York

by SC Media – 1 April 2019

Albany, New York experienced a ransomware attack on March 30. The incident has shut down several city services. Albany Mayor Kathy Sheehan tweeted about the attack last Saturday. Some details of the event have been issued by city officials, however all Sheehan employees were told to come to work as the building were supposed to be open to the public starting at noon on Monday.
While not all the services are operating, those seeking copies of marriage, birth and death certificates have to apply in person and to go to the neighboring city of Troy, N.Y. to apply for a marriage license.Liron Barak, CEO of BitDam, said that “the bottom line is that cities offer a great opportunity for attackers, who look for easy targets with high value. Municipal governments must respond quickly and adopt a security approach that will protect its infrastructure and its citizens.”

Hoya lens maker experiences a shutdown for three days

by The Japan Times – 6 April 2019

Back in February, Japanese eyeglass lens maker Hoya Corp. became a victim of malefactors. As a result, the company’s  key production base in Thailand experienced a partial shutdown of its factory lines for three days. Around 100 computers were infected with a virus stealing user IDs and passwords. The actions are believed to have been performed by a malefactor aiming to spreading another virus in order  to enable the unauthorized use of the company’s computers for cryptocurrency mining purposes. The company officials commented that the second phase of the attack had been prevented. The attack was first detected when a computer server controlling the network slowed down on March 1 and workers could not  use software to manage orders and production. According to the company’s officials, a heavy load had been placed on the server as the initial virus continued to find its way to other computers. Computers in Japan that had connection to the network were also affected, which materialized into disrupting the issuing of invoices. No data theft has been detected gratefully.

Georgia Tech loses data of 1.3 million people

by Dark Reading – 3 April 2019

Georgia Tech has recently revealed that an attacker had infiltrated its central database.  Personal information on up to 1.3 million current and former faculty, students, staff, and university applicants had been stolen.  The unknown hacker or hackers managed to break in via a Georgia Institute of Technology Web application. according to the university. The breach has been discovered in late March, and now security officials are investigating the attack to determine the scope. It is still unknown what information may have been stolen in particular – names, addresses, Social Security numbers, and birth dates. “The U.S. Department of Education and University System of Georgia have been notified, and those whose data was exposed will be contacted as soon as possible regarding available credit monitoring services,” Georgia Tech said.

As you can see, some attacks take time to be detected – and this is one of the most dangerous tricks there. To learn about further cyber incidents, follow us on Twitter, Facebook, and LinkedIn.

Do you want more?

Subscribe me to your mailing list