The founder of a ransomware hosting service called LolekHosted, Artur Grabowski, has been indicted for his alleged role in enabling over 400 ransomware attacks worldwide. The service reportedly helped criminals extort over 5,000 bitcoins, valued at around $146 million. LolekHosted facilitated ransomware attacks for nearly a decade and Grabowski faces computer fraud, wire fraud, and conspiracy to commit international money laundering. The service has been seized, but Grabowski remains a fugitive, with a $21.5 million seizure order against him. (CNBC)
My thoughts: Seizing the service alone can be considered positive news, but surely not enough. If the mastermind is still out there, we can only imagine he has the ability to use online aliases continuing to threaten companies with more ransomware attacks?
Suspected North Korean hackers targeted a joint US-South Korea military exercise, Ulchi Freedom Guardian, aimed at countering North Korea's nuclear and missile threats. The hackers used spear-phishing emails to target South Korean contractors at the exercise war simulation center. However, classified information was reportedly not compromised. The hackers believed to be affiliated with a North Korean faction known as Kimsuky, were linked to a 2014 cyber attack on South Korea's nuclear reactor operator. North Korea has denied involvement in cyber attacks. (independent.co.uk)
My thoughts: The hack can trigger more future attacks which can actually lead to wars. Protecting your data as a nation, is not solely an IT or “back-office” job. When hearing about phishing email attacks it further emphasizes how cyber security is a collective effort from your entire organization. Bad actors look for any point of entry including front-end and back-end weaknesses or vulnerabilities. Yes that includes humans!
A cyber attack on a major real estate listing provider in California disrupted real estate markets, leaving buyers, sellers, agents, and listing websites unable to access crucial data for five days. The attack, initially referred to as a cyber attack, is believed to be a ransomware attack. The outage highlights the real-world disruptions cyber attacks can cause and has led to increased in-person communication and workarounds among realty professionals. The impact could worsen if the issue persists. (arstechnica)
My thoughts: Every industry and vertical is targeted by hackers. If you have and data, you are at risk and hackers will try to get it. My advice to all enterprises is at the very LEAST, back up your data! If you fall victim to an attack, having a workable copy of your data, can prove valuable and save you from paying any ransom.
Hackers are increasingly using legitimate internet services such as Slack, Trello, Telegram to deploy malware and evade detection, according to an analysis by Recorded Future’s Insikt Group. Over 25% of more than 400 analyzed malware families from the past two years abused legitimate internet services as part of their infrastructure. Telegram and Discord are frequently abused due to their widespread use and user-friendly APIs. This is designed to steal login credentials and personal information. (cyberscoop)
My thoughts: We use these communication tools every day and it is alarming to see how hackers leverage such harmless apps to inject malware. Check your cyber security posture and ensure that your online communication lines are secured.
Access monthly conversations with IT & Tech Leaders about the hottest cyber security topics in the industry.