Incident Of The Week: Hackers Take Out Caribbean Govt., Access Railway Data
In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.
Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. CSHub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.
In this edition of “Incident of the Week,” we examine a string of cyber-attacks that have unfolded in recent days – one affecting a Caribbean nation’s government, and the other involving customer accounts for a British railway.
Sint Maarten Knocked Offline
The first cyber-incident of note this week took place on the Caribbean island-nation of Sint Maarten, which is an independent country within the Kingdom of the Netherlands – on the island of Saint Martin. (The northern portion of the island is the “French bit,” while the southern tip is the “Dutch bit.”)
There was a bit of cyber-trouble recently in the southern section, population around 42,000. While details of the breach are scarce, local outlet The Daily Herald labeled it an “attack” and said its effects were first felt on April 2. Public services were still being reorganized this week.
The government of Sint Maarten took to Facebook on Monday to say: “Government Offices re-open to the Public, Civil Registry remains closed… The Ministry of General Affairs hereby informs the public that all departments that render service to the public will re-open on Tuesday April 10th with the exception of the Civil Registry Department. Work on the full restoration of the Government of Sint Maarten ICT Network will continue.”
The post goes on to say: “The public will be duly informed as to when the services of the Civil Registry Department will be available. The Ministry of General Affairs on behalf of the Government of Sint Maarten would like to thank the people of Sint Maarten for their patience during this period.”
The size and scope of this attack remain unclear.
Cyber-Attack Sends GWR ‘Off Rails’?
In the latter segment of this week’s “IOTW” column, we review an apparent cyber-attack on the British line Great Western Railway (GWR). News emerged this week suggesting that 1,000 customer accounts may have been compromised. Customers were told to change their passwords, and the company took to social media to directly address concerns.
With the help of automation, hackers reportedly attempted to access sensitive customer information using heisted passwords.
A company spokesperson told Sky News that the activity was eliminated quickly and that a small proportion of accounts were successfully cracked.
The spokesperson said that the company’s security systems encrypt financial information “to high standards.”
The same report notes that the threat actors used harvested account details to prey on those with “poor password habits.”
The GWR spokesperson said that it’s the “kind of attack that is experienced on a daily basis by businesses across the globe, and is a reminder of the importance of good password practice.”
Cyber Security Hub’s “Incident of the Week” column is a recurring feature and aims to capture the week’s most pressing – often eye-opening – breach news.
Be Sure To Check Out: Incident Of The Week: Ransomware Cripples Atlanta City Government