The cyberattack on SolarWinds was the brainchild of a group from China, said Microsoft. Its team has detected a zero-day remote code execution exploit, being used to attack SolarWinds software which has been connected to DEV-0322, a group operating out of China. Hackers installed malware in the Orion software and hacked at least 250 federal agencies and top firms in the US after exploiting the CVE-2021-35211 vulnerability.
REvil group, in a post on the dark web, demanded $70 mn to restore the data of hundreds of companies worldwide hit by a cyberattack. The group is liked Russia and has an affiliate structure. Cybersecurity expert Allan Liska said the message is almost certainly from the core members and opinions that the group was unprepared for the extent of the attack. They hacked into Kaseya and set off a chain reaction.
The White House said it was informed by Brazil’s JBS SA that the disruption in meat production in North America and Australia was likely caused by a ransomware attack by an organization from Russia. On Tuesday, JSB said it had made quite some progress in resolving the cyberattack while the White House has directly addressed the issue to the Russian govt. The cyberattack caused prices to jump by $1 and reduced the rate of slaughtering by 18% compared to 2020.
Microsoft, which late last year identified the group behind SolarWinds cyberattack, has issued a warning saying it is now targeting govt agencies, think tanks, consultants, and NGOs. Russian originated Nobelium is the actor behind SolarWinds attack in 2020 launched an attack this week into the USAID. A new wave of attacks targeted 3,000 email IDs across 150+ organisations. The US and Britain have blamed Russian intelligence agency SVR in an attempt to gather intel.
NTT, in a report, said that cyberattacks in three sectors – healthcare, manufacturing, and finance — accounted for a total of 62% of all cyberattacks in 2020. These sectors had a maturity score of 1.02, 1.21, and 1.84 in 2020, respectively. The cryptocurrency was also hit as cryptominers accounted for 41% of all identified malware in 2020. Healthcare was targeted by remote access trojans while the tech industry was affected by ransomware.
Mobile cyberattacks in India jumped 845% to 12,719 in March 2021 from 1,345 cases in Oct 2020, said Check Point Software Technologies in a report. The report revealed that ISPs in India, during the first phase of lockdown, had received cyberattack alerts from corporate clients almost every alternate day compared with an average of once a week before the lockdowns. The report said that 97% of firms across the globe faced mobile threats from several attack vectors.
Suspected Russian hackers targeted the cybersec firm Malwarebytes. The attacker abused “apps with privileged access to MS Office 365 and Azure environments,” said CEO M Kleczynski. He said the attack was part of the campaign that has used SolarWinds software to target other firms. Analysts, on the other hand, have said that SolarWinds’s software wasn’t the only method used to breach networks as a new form of malware used in the attack was discovered.
English football club Manchester United is working with the National Cyber Security Centre (NCSC) to assess the damage caused by a cyberattack last week. Earlier, a cyber attack on Man U’s network caused disruption on its IT infrastructure. Media channels, website and mobile app of the club were unaffected by the attack. The club’s IT team has identified source of the attack and shut down the affected systems to contain the damage and protect data.
English football club Manchester United is investigating a cyber attack on its network and trying to minimise the disruption it has caused on its IT infrastructure. Media channels, website and mobile app of the club were unaffected by the attack. ManU, however, said that it was not aware of any personal data breach associated with fans or customers. The company’s IT team has identified source of attack and shut down the affected systems to contain the damage and protect data.