May Monthly Roundup
Our round-up of news and updates for May
Ransomware, ransomware and more ransomware.
Ransomware attack shuts down America’s major fuel pipeline, blocking 45% of US East Coast daily energy consumption.
The criminals allow themselves to be paid out in cryptocurrency, making them difficult to trace. The energy sector is actually the number one target of cyber criminals at the moment, as it is one of the most important sectors for the economy and everyday life.
This is also one of the reasons why the EU has set additional cybersecurity requirements for these and other “critical infrastructure” sectors in the Directive on Security of Network and Information Systems. In addition to GDPR compliance, companies from the energy sector must therefore also comply with this Directive.
Full article: https://www.npr.org/2021/05/10/995405459/what-we-know-about-the-ransomware-attack-on-a-critical-u-s-pipeline?t=1621270673688
Law firms are hacked every day because grey hairs make decisions about an IT landscape that they do not understand
According to this article on a Dutch news website (for the non-Dutchies amongst our readers, Google Translate is your friend!): "Grey hairs make decisions about an IT landscape that they do not understand". In our opinion, this might actually be one of the biggest problems the legal sector faces today.
Spoofing was the cause of the installation of ransomware on various computers of two law firms in the Netherlands. Spoofing isn't just another one of our terrible puns, but it is an actual type of cyber attack. We speak of spoofing when a trick is used to assume a different identity. A well-known example of spoofing is receiving a (phishing) e-mail from your own e-mail address or supposedly on behalf of an existing email address from a bank or other organisation. These emails contain a malicious link, causing ransomware to be downloaded onto your machine.
Ireland’s Health Services hit with $20 million ransomware demand
Ireland�s health service, the HSE, shut down all of their systems after suffering a Conti ransomware attack. HSE say they are refusing to pay a $20 million ransom demand to the Conti ransomware gang after the hackers encrypted computers and disrupted health care in Ireland, causing limited access to diagnostics and medical records, transcription errors due to handwritten notes, and slow response times to healthcare visits.
Conti ransomware is believed to originate from a Russia-based cybercrime group known as Wizard Spider.
Full article: https://www.bleepingcomputer.com/news/security/irelands-health-services-hit-with-20-million-ransomware-demand/