Week 25 Cyberattack Digest 2019 – British banks, Riviera Beach, Nagle Catholic College and others
It is Monday again, and, as always, we have a new portion of cyber incidents for you in our week 25 cyber attack digest.
British financial institutions are at cyber risk
by Reuters – 18 June 2019
A state-backed cyber attack may have secretly corrupt the data of British financial institutions for several months and this might be posing a risk for banks. At this point, banks are focused mainly on eliminating service outages. Still, the falsification of transaction records and other data was supposed to be an even bigger danger. “If you wanted to do maximum damage, that is what you would probably do if you were a state actor,” Anil Kashyap told a parliament committee. In this situation, British financial institutions might not be able to stand against this type of attack on their own.
Riviera Beach loses some $600,000 in a ransomware attack
by MSSP Alert -20 June 2019
Hackers have stolen about $600,000 from the city of Riviera Beach, Florida in order to unlock the affected computer systems and restore critical records. The initial hack took place on May 29 after a worker of the local police department opened an infected email. Soon after that the city email and phone systems went down and 911 dispatch was out of service. During the meeting on June 17, Riviera Beach’s city council voted to authorize its insurer to pay 65 bitcoins to the malefactors to restore the attacked network. The city will have to pony up an additional $25,000 to cover the insurance deductible. The insurance company has negotiated with the hackers. It is known that the city will have to spend an additional $25,000 on the services of insurance company that negotiated with the attackers. Currently, critical data that was encrypted by the hackers remains inaccessible, and the city is still unsure if the information will be unlocked once the ransom is paid.
Police suspends all work with the UK’s forensics firm
by The Guardian – 21 June 2019
Police have recently suspended all work with the UK’s largest private forensics provider. This decision was made after a ransomware attack that affected the sector some time ago. The incident involved Eurofins, which carries out DNA analysis, toxicology, ballistics and computer forensics work. The company detected an attack on its system on 2 June and after that the police have halted all work with the company. “We have put our national contingency plans in place, which will see urgent submissions and priority work diverted to alternative suppliers to be dealt with as quickly as possible,” – the National Police Chiefs’ Council lead for forensics, Chief Constable James Vaughan, said. “It is too early to fully quantify the impact, but we are working at pace with partners to understand and mitigate the risks. We will share more information as soon as we can.”
Nagle Catholic College suffers a data breach
by ABC News – 20 June 2019
The principal of a Nagle Catholic College has sent out a warning to parents informing them that their bank details and signatures may have been stolen as a result of a cyber attack. In an email to parents, Rob Crothers expressed his “deep regret” for the incident, which he characterized as “highly sophisticated”. He mentioned that other schools had also been affected in the “widespread cyber security attack” that started on June 11. Mr Crothers said that the cyber attack began after someone opened a malicious link that was sent via an email to the college located in Geraldton. “Parents who may have provided information relating to accounts from which to take fee payments or to make payments to the school could have been compromised if they were sent by email format,” Mr Crothers said, “There’s quite a large amount of data. We’re still doing discovery on that.”
There always will be people willing to attack you and the ones that will be striving for security. That is all for today. Never forget to care about your security in advance and follow us on Twitter, Facebook, and LinkedIn.