Incidents Of Interest: An Overview Of Recent Cyber Attacks

The Incident of the Week as seen in Q2, 2020

Add bookmark

Seth Adler
07/14/2020

Each week Cyber Security Hub offers an Incident of the Week for considertion by the community. Initially the incidents centered around misconfiguration, credential stuffing, password exposure, phishing, unauthorized access, malware and ransomeware.

30 months in, of course- these incidents persist. What we've noticed is that physical events tend to play out on the cyber landscape. Whereas digital money was first found on gambling sites, the onset of online banking brought systematic DDoS attacks. 

The pandemic has been a breeding ground for quick cyber wins around the healthcare industry, the distribution of government money and the education space due to collaboration platforms.

The sense is, without a major incendent reported since the dawn of the outbreak- the other shoe is set to drop.

APRIL

Finastra: Finastra reported that it detected a ransomware attack on its servers, last Friday. The company followed by acknowledging it had detected ransomware activity - but that customer and employee data remained untouched.

Marriott: The breach originated from a franchise hotel that operates under the Marriott brand. Unknown individuals used the log-in credential of two employees at the hotel to access the guests’ information.

Healthcare: While hackers direct some of their attacks at health organizations, CISOs should be cognizant of cybercriminals' capabilities. From the World Health Organization (WHO) to Italy's INPS, these are the pressing threats that come from the coronavirus crisis.

Cognizant: Hackers had likely crawled its network for weeks, if not longer, spreading through the system as they stole data and administrator credentials.

MAY

Nintendo: The Japanese video game company has since readdressed weak points in its security. Rumors of a breach circulated throughout the month as users noticed unusual account behavior. Players reported that funds went missing from their accounts.

Impact Communities: One of the largest owner-operators of manufactured housing communities in North America experienced a data privacy breach on July 3, 2019. Although Impact Communities isn’t aware of any misuse of the data, they have invested in employee training and security technology to prevent future breaches.

Educational Infrastructures: As educators are scrambling to create distance learning curriculum, they are being thrust into a world of technology that they are not all well-versed or trained in.

Shiny Hunters: During the first two weeks of May, over 73 million user records across over at least 10 different organizations showed up on the dark web. The hacker group Shiny Hunters claims credit.

JUNE

BofA & SBA: Bank of America is making headlines with the recent announcement of a security incident on affecting an undisclosed number of PPP loan applicants on April 22nd.

Maze: The IT services enterprise, Conduent, which provides HR and payment infrastructure to “a majority of Fortune 100 companies and over 500 governments,” was hit by a Maze ransomware attack on May 29, 2020. A week later, on June 5, a U.S. subsidiary of ST Engineering Aerospace discovered Maze ransomware

Claire's: Cyber criminals preemptively planned to benefit from the uptick of online purchasing through retail giant Claire’s eCommerce store.

Anonymous: After a decade of relative inactivity, self-described hactivist group Anonymous takes credit for a 269-gigabyte data dump of police department, fusion center, and law enforcement files. Dubbed BlueLeaks, the information collected comes from over 200 state, local, and federal agencies.

RECOMMENDED