Cyber Weekly Digest - Week #17

Updated: Apr 30, 2021

This week's digest is dominated by ransomware stories as attacks continue to rise in number. Keep reading to find out about a gang trying to exploit Apple by threatening to release confidential Apple blueprints, another ransomware attack on a UK university and why attackers are demanding Discord gift codes as ransom payments.

1. The REvil ransomware gang tries to extort Apple by threatening to sell stolen blueprints.

REvil has been on a hacking spree over the last month, demanding extremely high ransom demands in attacks targeting Acer ($50 million), Pierre Fabre ($25 million), and Asteelflash ($24 million). This time, they targeted Apple after the gang allegedly stole confidential information from Quanta's network, an original design manufacturer for Apple products. REvil targeted Apple after Quanta failed to communicate with them. According to the Tor payment page, Quanta must pay $50 million until April 27th, or $100 million after the countdown ends. So far, REvil leaked over a dozen schematics and diagrams of MacBook components on its dark web leak site, although there is no indication that any of them are new Apple products.

2. MI5 warns LinkedIn users of spies who are tricking staff into spilling secrets.

At least 10,000 UK nationals have been approached by fake profiles linked to hostile states over the past five years. A campaign, run by the Centre for the Protection of National Infrastructure, which reports to MI5, has been launched to help educate government workers about the threat of malicious LinkedIn profiles. The campaign hopes to warn users of connection requests which might then be used to lure users into sharing secrets and confidential information.

3. The University of Portsmouth has remained closed for a week following a suspected cyber attack.

This week another UK university has been impacted by a suspected ransomware attack; last week, the University of Hertfordshire was hit. Research has shown that a third of UK universities have been hit with ransomware over the past decade. University of Portsmouth's key IT systems has continued to be offline, which has delayed the start of the new term. Staff and students were warned against logging into any university Windows devices on its network to help minimise the impact.