Cyber Weekly Digest - Week #44
Updated: Nov 6, 2020
Happy Halloween! This digest will explore some of the cyber security horror stories from the week. With the US Presidential election next week, there are a lot of cyber threats to watch out for and in this week's digest we will discuss how Trump's campaign website was briefly hacked. Other stories include the rising threat of ransomware attacks on the healthcare sector and why multiple employees were fired from Amazon. Keep reading to find out more.
The US 2020 election is just one week away, meaning that law enforcement and intelligence agencies are on high alert for digital interferences. However, this did not stop cryptocurrency scammers from briefly hijacking Donald Trump's re-election campaign website earlier this week. Those who visited the site were met with a message claiming that the scammers had evidence which would discredit Trump as President and information "proving that the trump-gov is involved in the origin of the coronavirus". Visitors were then asked to choose whether they would pay money into a Monero cryptocurrency account to "share the data".
This week started with news that a Finnish psychotherapy clinic, Vastaamo, had patient data stolen. The patients affected were being individually blackmailed, asking for a ransom after Vastaamo refused to pay. The theft of Vastaamo's database appears to be from November 2018 and March 2019, however it is only now that these data breaches have come to light. The compromised data includes therapy session notes, along with personal identification records.
This week the FBI and CISA issued a warning for the US healthcare industry as they believe there is an "imminent cybercrime threat". This has proven to be true, as late this week both hospitals in Brooklyn and Vermont became the latest victim of the Ryuk ransomware spree. The threat that these attacks can have on the healthcare industry in the past has shown to be dangerous and sometimes fatal, as seen with the ransomware attack on a German hospital earlier in the year.
Amazon fired employees who unlawfully disclosed customer email addresses to a third party, which violated Amazon policies. An Amazon spokesperson has revealed that multiple employees have been fired and have been referred to law enforcement for criminal prosecution. As we have seen with other insider threat attempts such as Tesla, inside actors are the most formidable threat to prevent and will continue to attack organisations of all sizes.
For the second time this year Enel, the multinational energy company has been hit by a ransomware attack. This time the attack is by Netwalker, they are asking for $14 million for the decryption key and prevention of several terabytes of stolen data being released. Netwalker has shared screenshots on their data leak site of unencrypted files from the Enel Group.
It is the last few day of Cyber Security Awareness Month! Don't forget to get your free KnowBe4 resource pack, which you can use all year round.