In this week's Cyber Weekly:

1. This data was saved...
2. Ransomware attacks taking over Australia
3. Power Plant attack
4. Airport websites down
5. Fact of the week + breakdown of a ransomware attack that actually happened

Thanks to all 7632 subscribers. It really takes a community to fight against cyberattacks. By sharing these newsletters, we can reach more people and help others from becoming a statistic. Share this post in the top right corner.

‍

1.Unexpected Update for QNAP Ransomware Victims

‍

Recently, we reported the second QNAP ransomware attack that affected thousands of their clients. The ransomware group, DeadBolt, encrypted more than 20,000 QNAP and Asustor devices around the world. International Police departments worked together to trick DeadBolt into handing over the decryption keys.

‍

“Police tricked Deadbolt by making Bitcoin payments for decryption keys, receiving the keys, then withdrawing the ransom payments – leaving the cyber criminals without their payments after they had provided the police and cybersecurity researchers with the decryption keys to aid victims of attacks.”

‍

The Dutch Police obtained 150 keys. That allowed almost 90% of the victims who reported attacks to law enforcement to get their files back for free and without paying the ransom. (zdnet)

‍

My thoughts: I have a lot of questions. Has no one ever thought of this before? Was it not possible before? Will this entice ransomware gangs to always duplicate the data they steal? What are your thoughts?

‍

2. Australia’s Worst Year for Ransomware Attack

‍

Last Wednesday, private health insurer in Australian noticed unusual activity in their network. They immediately went offline. It isn’t clear if any customer data was stolen. This comes after multiple Australian companies got breached earlier this year.

‍

• 9.8 million people’s data was lost in the Optus attack
• 2.2 million customers were exposed through Woolworths attack
• 30,000 employee data exposed from Telstra attack (Smartcompany)

My thoughts: Considering Australia’s small population of 25.89 million, one successful attack on a large company risks the privacy of a large portion of the population. Australia does have data privacy laws but I think they’re going to be revisited and reinforced.  

‍

3.Power Plant Ransomware Attack in India

‍

A leading power generation company based in Mumbai, India confirmed they were hit with a cyberattack last week. In a brief statement, they revealed that operations are functioning and restricted employee access was put into place for precautionary measures. The company refuses to provide more details. (techcrunch)

‍

My thoughts: We though that critical infrastructure is under attack all over the world. In this specific case, we know so little about what happened that we can’t assume they weren’t prepared. If they are up and running almost immediately, they at least had backups in place. But as we know, backups are not enough anymore. The name of the game is to prevent. They also suggested that they reduced employee access. It’s an interesting detail that eludes to the possibility that it might have been an inside job. It’ll be interesting to see how this story unfolds.

‍

‍

4. US Airport Websites Down

Last week, over a dozen airport websites were affected by a DDoS attack where the cyber criminals send fake users to a website and overload the websites. Pro-Russian hacker group, Killnet, seem to be behind the attack.

‍

Authorities are closely monitoring the websites as there only seem to be minor disruptions. Programmers are closing backdoors that allowed the attacks to happen in the first place. These attacks are usually caused to cause havoc but no data was stolen.

‍

"We are pretty clear it's a Russian cyber group that claimed responsibility," Sen. Chuck Schumer, D-N.Y., said Monday, going on to connect the attacks to the Ukrainian bombing of a bridge in Crimea over the weekend. "We are asking our authorities to confirm who did it and then take the appropriate strong action so the Russians know they cannot get away with this. Putin has a lot of nerve, after his brutal vicious war against the Ukrainian people, to now say he has the right to retaliate because they protected themselves with a bridge is outrageous." (ABCnews)

‍

My thoughts: When protecting your business, ensure your website is part of the cyber security protection plan.

‍

‍

Fact of the Week

There were 236.1 million ransomware attacks worldwide during the first half of 2022 and a new survey reveals that only 30% of organizations have a response plan if they get attacked. (Forbes)

‍