Cyber Weekly Digest - Week #9
Updated: Mar 5
In this week's cyber digest, we dive into another malware found to run on Apple's M1 called Silver Sparrow and the ransomware attack on the Dutch Research Council in which internal data was leaked. Keep reading to find out about more cyber security stories from across the globe.
The Ukrainian government suffered a cyberattack this week, which officials believe resulted from Russian hackers hoping to "contaminate" information in the government document management system. Ukrainian officials said the attackers uploaded documents on its document portal, which contained macro scripts. If users downloaded any of these documents and allowed the scripts to execute, the macros would secretly download malware to let the hackers take control of a victim's computer. It was also reported that Russian hackers launched DDoS attacks last week that targeted the websites of the Security Service of Ukraine, the National Security and Defence Council of Ukraine, and resources of other state institutions and strategic enterprises.
The attack forced the company to turn off some services and infrastructure as a preventative measure while it recovers. It does not appear that any critical or personal data has been accessed or stolen by the attackers. It is unknown which ransomware group was behind the attack. However, after recent attacks, ransomware gangs are targeting more IT providers because the attackers can use remote access software and support applications to spread the ransomware to their clients.
Another ransomware this week hit the Dutch Research Council in which some internal data was leaked. The attacker responsible was DoppelPaymer, who published proof of the attack on their data leak site in the hopes to pressure the council into paying the ransom demand. The ganger later leaked a dozen stolen files and stated they were still open to negotiations. The council is currently working on restoring the network, and operations are expected to resume in a few weeks.
Millions of test results and personally identifiable information for an entire geographic region's population were found exposed by a teenaged ethical hacker. They spotted the leak after seeing the contents of a text message sent to a COVID-19 test taker. The issue now appears to be remediated, and the URL endpoints previously leaking the COVID-19 reports now return a 404 "not found" message.