WEEK OF DECEMBER 06, 2021
Cyberattacks hit 26,000 Indian sites in 10 months
- CERT-In has reported that a total number of 17,560, 24,768, 26,121 and 25,870 Indian websites were hacked during the years 2018, 2019, 2020 and 2021 (up to October), respectively.
- The Indian Computer Emergency Response Team (CERT-In) is mandated to track and monitor cybersecurity incidents in India.
- “There have been attempts from time to time to launch cyberattacks on Indian cyberspace… attackers are compromising computer systems located in different parts of the world and use masquerading techniques and hidden servers to hide the identity of actual systems from which the attacks are being launched,” the Minister said in his reply to the lower house.
- He added that the government is fully cognisant and aware of various cybersecurity threats including cyber terrorism; and has taken various measures to enhance the cybersecurity posture and prevent cyberattacks.
Panasonic hit in data breach
- Panasonic recently discovered that it had suffered a data breach in which attackers were able to reach one of its file servers and pilfer data.
- The tech firm said its network was breached on Nov. 11, 2021, and “some data” on the sever was exposed to the attackers.
- Still unclear, however, is whether customer or other sensitive data was stolen in the attack.
IKEA email systems targeted in cyberattack
- IKEA has warned its employees of an ongoing cyberattack that uses stolen reply-chain emails to target internal corporate inboxes.
- In an email sent to IKEA employees and published by Bleeping Computer, company officials tell employees the malicious emails contain links with seven digits and instruct recipients to not open them.
- Other IKEA organizations, suppliers, and business partners are also targeted in the same attack, the email states.
- KEA has reportedly disabled the ability for employees to release emails from quarantine, the report states. There is a concern that recipients of malicious emails might see them in quarantine and release them, believing they were filtered by mistake.
Planned parenthood LA data exfiltrated, 400,000 affected
- Planned Parenthood Los Angeles is notifying about 400,000 individuals of an apparent ransomware attack in October that involved exfiltration of files containing sensitive health information, including patients’ diagnoses and medical procedures.
- In a sample data breach letter provided to the California attorney general’s office on Wednesday, PPLA says that on Oct. 17, it identified “suspicious activity” on its computer network.
- PPLA says it immediately took its systems offline, notified law enforcement authorities and engaged a third-party cybersecurity firm to assist.
Suspected Chinese hackers breach more US defense and tech firms
- A suspected Chinese hacking campaign has breached four more US defense and technology companies in the last month, and hundreds more US organizations are running the type of vulnerable software that the attackers have exploited, according to research shared with CNN.
- The apparent espionage activity, which the National Security Agency helped investigate when it emerged in recent months, is more extensive than previously known and has seen the hackers steal passwords from targeted organizations with a goal of intercepting sensitive communications.
- The cybersecurity researchers in November publicly confirmed just one victimized US organization, CNN reported then, but they now say the number is at least five and could continue to grow.
Former Ubiquiti Dev arrested for orchestrating data breach, trying to extort $2M
- The DOJ says Nickolas Sharp stole data, demanded a $2 million ransom, and pretended to be a whistleblower in communications with reporters.
- The DOJ accuses Sharp of “secretly stealing gigabytes of confidential files from a New York-based technology company where he was employed…and then, while purportedly working to remediate the security breach, extorting the company for nearly $2 million for the return of the files and the identification of a remaining purported vulnerability.”
- BleepingComputer reports that Sharp was employed by Ubiquiti, a networking equipment provider that disclosed a data breach in January.
- Brian Krebs of KrebsOnSecurity reported in March that an anonymous whistleblower claimed the Ubiquiti breach was “catastrophic” and that the company was covering up the full extent of the incident to protect its share price.