It’s been a week that’s highlighted the true impacts a cyber-attack can have on both businesses and nations with it being revealed that one such attack came close to a NATO member triggering Article 5 in response. Here’s the stories that made this week’s headlines.
Earlier this year, Albania was hit by a cyber attack so damaging and debilitating that it considered triggering Article Five – which treats an attack against one NATO member as an attack against them all.
Albanian Prime Minister Edi Rama told the media that he was seriously considering triggering the treaty after Iranian hackers shut down websites across the country including sites citizens used to pay for utility bills or obtain official documents. Over 95% of Albanian government services are done online, meaning the attack halted vital government activities.
Highlighting just how serious the attack was, it would have been only the second time a NATO member would have invoked article 5. The only previous instance was when the United States of America triggered it following the September 11th terrorist attacks.
The incident and subsequent damage to relations between Albania and Iran also made headlines this week after it was revealed an Iranian hacking group called Homeland Justice published information apparently stolen from Albania’s State Police database. The details of 100,000 people including their ID numbers, names and surnames, names of their fathers, dates of birth, birth cities and nationality were all published online.
The conflict between Ukraine and Russia continues to rage online after the Ukrainian authorities announced that it had ‘neutralized’ a hacker group that was claimed to have been responsible for operating bot farms used to produce and spread information aimed to destabilize the political situation in Ukraine.
“Their wholesale clients were pro-kremlin propagandists. It was them who used the received identification data of Ukrainian and foreign citizens to spread fake news from the front lines and spread panic,” said the Ukrainian law enforcement agency.
Insurance giant Lloyd’s of London hit the headlines on Wednesday after it revealed that it was investigating a suspected cyberattack. According to a spokesperson it had called in cybersecurity experts who ‘detected unusual activity on its network’.
No further details of what occurred have yet been released but the media is speculating that the attack may a result of Llyod’s firm support for sanctions against Russia. As the war rages and goes poorly for Russia in Ukraine Russian hackers may be striking out at organisations who have shown support for Ukraine.
“As a precautionary measure, we are resetting the Lloyd’s network and systems. All external connectivity has been turned off, including Lloyd’s delegated authority platforms. We have informed market participants and relevant parties, and we will provide more information once our investigations have concluded,” the spokesperson said.
On Monday the media was speculating as to whether luxury sports car manufacturer Ferrari had been the victim of a cyber-attack.
According to the Italian newspaper Corriere della Sera, Ferrari had seven gigabytes of documentation, including sensitive internal ones, repair handbooks and datasheets released to the public.
Ferrari later denied it had suffered a breach but admitted that some internal documents had been posted online. It stated that it was working on identifying how it happened and was taking all appropriate actions needed.
In a case which is likely to set a precedent for how culpable individual security staff and executives are when it comes to cyber attacks a San Francisco jury has found Joe Sullivan, the former security chief at Uber guilty of failing to report the 2016 breach to authorities. In the breach the data of 57 million Uber passengers and drivers was stolen.
Concerns over culpability have grown in recent months as the number of ransomware attacks have increased sharply and as cyber insurers hike premiums. Sullivan was found guilty for an obstruction of justice and for the deliberate concealment of felony.
In yet another cyber-attack against a major Australian organization, G4S employees have been warned to be on alert for scams or fraud after the company disclosed that it had been the victim of a ransomware attack back in July.
In mid- September G4S admitted it had learned that some of the stolen information had been shared online. Despite this the company only warned employees affected on Tuesday this week. The compromised data includes, tax file numbers, bank account information and medical check information.
Still in Australia, the fallout of the Optus breach continues with the telecoms company revealing that 2.1 million people were impacted. Earlie, predictions had warned that all 9.8 million customers were affected.
The incident has led to the Australian government looking into revising the current laws regarding cyber security and cybercrime.
The cost of repairing the damage of a ransomware attack on Gloucester City Council’s systems is expected to surpass £1 million causing local politicians to question just how much is the recovery going to cost the taxpayer.
A cyber-attack last December took down the city council website, impacting planning applications, house sales and benefit payments. Likely via a phishing attack a user at the council inadvertently clicked a malicious link containing sleeper malware that lay dormant for an unknown period of time before being triggered.
The source of the attack was attributed to a Russian hacker group with the current remediation costs being around £787,000. The council was forced to rebuild all of its servers in order to clear the malware.
When asked by a local councillor whether the costs will not rise over £1 million the deputy leader of Gloucester City council said that she could not give such an assurance.
Get in touch to find out how you can protect your organisation itself from financial services most challenging cyber-threats.