Cyber Weekly Digest - Week #23

Updated: Jun 18, 2021

In this week’s digest, we dive into some of the largest ransomware attacks so far in 2021 on Fuji Film and JBS. We also look at a newly discovered backdoor that has been developed over three years, linked to Chinese threat actors. Keep reading to find out about the latest and biggest cyber security stories from the week.

1. Fuji Film shuts down its network after a suspected ransomware attack.

On Tuesday night, Fuji Film confirmed a cyber-attack on their Tokyo headquarters. As a part of investigations, the network partially shut down to prevent the attack’s spread. Fuji Film is a Japanese multinational conglomerate that has 37,151 employees across the world. Although Fuji has not confirmed whether the attack was a ransomware attack, Advanced Intel CEO Vitali Kremez has claimed that Fuji Film had been infected with the Qbot trojan last month. The Qbot malware group currently works with the REvil ransomware group.

2. The US Department of Justice seized domains used by APT29 in a recent phishing attack.

This week the US Department of Justice seized two domains used by ATP29 group NOBELIUM (also known as Cozy Bear and The Dukes). The domains were used in a recent phishing attack that impersonated USAID to distribute malware and gain access to internal networks. The attack targeted more than 150 organisations, including government agencies and human rights organisations. The two domains seized by the DOJ are theyardservice[.]com and worldhomeoutlet[.]com.

3. Is cyber insurance leading to an increase in ransom payments?

According to new research, ransomware victims are more likely to pay ransom demands by relying on their cyber insurance. According to a new report, in the first half of 2020, ransomware payments accounted for 41% of the total filed cyber-insurance claims. For example, in the recent Colonial Pipeline attack, the energy firm paid a $4.4 million ransom. It has since been revealed that Colonial Pipeline had a cyber-insurance protection policy covering them for at least £15 million, although it is unclear whether the firm utilised the policy. With more companies falling victim to ransomware attacks, does cyber-insurance policies mean that ransomware gangs are more likely to be paid off?

4. The world’s largest meat supplier hit by REvil ransomware attack.