Security Breach – 25 Oct 2024

holiday season

25 Oct Security Breach – 25 Oct 2024

Posted at 15:00h in Security Breach, TCT News by

The season of celebrations is coming soon. For most of us, it is a long-awaited chance to take our foot off the gas, unwind with friends and family, and eat our favorite meals. The holiday season also witnesses a drastic spike in online spending. However, holiday time isn’t always a relaxing time for IT professionals as cybercrime rates skyrocket and threat actors come calling. With a significant increase in online spending, cybercriminals see the holiday season as the perfect opportunity to launch attacks, and ransomware is their favorite gift to give any organisation.

Making sure that a company has an incident response plan ready is essential for ensuring that a company can quickly respond to threats and mitigate damage from a successful attack. These resources can help IT professionals learn more about the holiday season cybersecurity risk and digital fraud threats that businesses face.  One major mitigation that companies can enact is security awareness training including phishing simulations. Many major holiday threats like ransomware are often email-based. Organisations should step up training for their employees in advance of dangerous periods to prevent them from falling into cybercriminals’ traps.

Recent Breaches

 

Japan – Nidec – Technology

Exploit: Ransomware

Risk to Business: Severe: Japanese electric motor maker Nidec confirmed that a ransomware attack in August 2024 compromised its Vietnam-based subsidiary, Nidek Precision (NPCV). After Nidec refused to pay the ransom, the attackers leaked 50,694 stolen files on their Tor site, including internal documents on procurement, health and safety, policies and business transactions. The breach likely occurred using stolen credentials from an NPCV domain account. In response, Nidec said that it investigated the incident, reviewed server access, changed passwords and suspended a VPN suspected to be part of the attack in response to the intrusion. Both the 8base and Everest ransomware groups have claimed responsibility for this attack.

United States – Cisco – Technology

Exploit: Hacking

Risk to Business: Severe: Dark web legend IntelBroker claims to have accessed Cisco’s systems on October 6. Allegedly stolen data includes source code, GitHub and GitLab projects, certificates, API tokens, AWS and Azure storage buckets, confidential documents and encryption keys. Alleged victims include Microsoft, AT&T, Bank of America, Vodafone Australia and government entities like the Australian Department of Defence. Cisco denies an internal breach, attributing the leak to a public-facing DevHub environment. The investigation is ongoing.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
25/10/2024

Related Articles:
Protecting Your Company from AI Data Breaches
Build a Culture of Cyber Awareness