World’s 2nd largest laptop manufacturer hit by Ransomware
The Taiwanese electronics company Compal that manufactures laptops for Acer, Apple, Dell, HP, Fujitsu, Lenovo and Toshiba among others, was hacked by a Ransomware attacker earlier this month. The responsibility for the breach is believed to be the DoppelPaymer ransomware gang, according to a screenshot of the ransom note shared by Compal employees with reporters at ZDNet.
Compal is the 2nd largest laptop manufacturer world-wide after Quanta Computer which is another Taiwanese computer manufacturer. The hacking gangsters demanded almost $17 million in Bitcoins in order to have Compal receive a decryptor for the ransomware. The DoppelPaymer ransomware operates by gaining access to a Windows domain controller and then spreads across all devices on a network. The hackers make use of the ransomware-as-a-service (RaaS) model which has them sharing their infrastructure with other hackers in exchange for commissions that are paid to the various parties after successful security breaches. They also typically increase their ransom demands if the victims of their attacks don’t manage to make payments on time.
Software AG down after ransomware attack
The second-largest software vendor in Germany and one of the largest in Europe, Software AG was hit by a Clop ransomware attack in October, infiltrating the company’s systems that compromised their employee information and company files.
The Software AG provides business infrastructure products to over 10 000 organisations in over 70 countries and has over 5,000 employees. It is estimated that 70% of the Fortune 1,000 companies use their software tools. The Clop ransomware group, which has been very active during the current pandemic, threatened to dump Software AG’s data on the dark web when Software AG refused to pay the $23 million ransom demand. According to Bloomberg, Software AG confirmed the public release of its data shortly after the attack after refusing to pay the ransom demand but also announced that its services to its customers would remain unaffected, even though it had needed to shut down its own internal systems as a result of the attack.
British Airways fined over R400M over cyberattack
British Airways was recently fined £20M (over R400 million) by the UK’s Information Commissioners’ Office (ICO), a data protection watchdog, for a breach during a cyber-attack in 2018 that compromised the personal and financial details of over 400 000 customers.
The fine is the largest so far by the ICO and was reduced from the larger amount of over £183M that was originally planned by the regulator for the contravention of the General Data Protection Regulation (GDPR) regulations. The reason for the fine was the airline not having the necessary security measures in place to protect the huge amounts of personal data that they process for their customers. Almost 400 000 credit card transactions had been compromised during the data breach that the ICO said that British Airways had failed to put the necessary technical and organisational measures in place to protect the personal data being processed on their systems in terms of the GDPR legislation that came into effect in May 2018.
Cybercriminals arrested in Lagos, Nigeria
Three Nigerian citizens suspected of being members of an organized cybercrime group behind distributing malware, carrying out phishing campaigns, and extensive Business Email Compromise (BEC) scams were arrested by Interpol in the city of Lagos on 25 November 2020 according to Hacker News.
“In addition to perpetrating BEC campaigns and sending out emails containing malware-laced email attachments, the attacks have been used to infiltrate and monitor the systems of victim organizations and individuals, leading to the compromise of at least 500,000 government and private sector companies in more than 150 countries since 2017”, commented Hacker News. “About 50,000 targeted victims of the criminal schemes have been identified so far, as the probe continues to track down other suspected gang members and the monetization methods employed by the group”.
Manchester United football club falls victim to cybercrime
The Manchester United football club in the United Kingdom has confirmed that the team fell victim to a cyberattack on its systems recently. Although the club mentioned that the attack was apparently a sophisticated operation by very well organised cyber-criminals, they also claimed that personal data associated with fans or customers was not breached.
According to Manchester United’s statements and information provided to Threatpost its cyber -defence architecture kicked in, allowing it to take an orchestrated action. The club also mentioned that they had procedures developed for such incidents which not only covered technical measures, but also internal and external communications. F.C. Barcelona, another major football club in Europe also apparently fell victim to a credential-stuffing attack in February this year, according to Threatpost.