Successful ransomware attacks continue.

Welcome to Cyber Security Today. It’s Friday, February 3rd, 2023 . I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S.

News of successful ransomware attacks keeps emerging. Vice Society this week confirmed it was behind last month’s ransomware attack on Okanagan College in British Columbia. It has also begun posting stolen data for anyone to see. In a statement the college called it a double extortion attack, meaning data was copied by the crooks before it was encrypted. No ransom will be paid, the college said. It also won’t detail what data was compromised. Instead students and staff were told to assume any personal data on record with the college is at risk. The college is providing credit monitoring services.

Meanwhile, the LockBit ransomware gang says it is responsible for hacking the ION Group, a U.K.-based software provider to financial institutions. The company says only its ION Cleared Derivatives division suffered a cybersecurity incident. It is contained to a specific IT environment, the company said on Tuesday. No further update has been issued as of the recording of this podcast. According to Bleeping Computer, Lockbit says it will start publishing stolen data on Saturday.

Also in the U.K. data breach notices are going out to perhaps millions of customers of retailers. The victims shopped at JD Sports, Millets, Blacks, and Scotts stores. They are being told details of their orders made in a two-year period ending in October, 2020 are at risk. That would include their names, addresses, email addresses, phone numbers and the last four digits of their payment cards.

Still in the U.K., the Play ransomware group said this week it hit car dealership chain Arnold Clark. It says gigabytes of personal information — including copies of passports and leasing contracts — was stolen in December. The company has over 200 car dealerships in England and Scotland.

Cisco Systems has released patches to fix high-severity vulnerabilities in a number of its industrial products. This comes after researchers at Trellix discovered the holes allowing an attacker to bypass certain protections. To exploit the vulnerabilities an attacker would have to first authenticate to affected devices and get admin privileges on the system. Still, these devices have to be patched. They include industrial routers, industrial compute gateways, wireless industrial routers and devices running Cisco’s IOS XE operating system configured with IOx.

Finally, a former employee of Ubiquity pleaded guilty in a New York court to criminal charges relating to stealing gigabytes of data in 2021 and then tried to extort the company for nearly US$2 million for the return of the files. When he didn’t get anything he then planted misleading news stories about the company’s handling of the data breach he created. That caused the value of company’s shares to drop. A statement by the U.S. Justice Department named the accused but not the company. However, the man was identified two years ago when he was arrested. He will be sentenced in May.

That’s it for now. But later today the Week in Review will be available. Guest David Shipley of Beauceron Security and I will discuss new details of a ransomware attack against a U.S. school board, a debate on how secure applications should be, the discovery of more wiperware, and more.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Feb. 3, 2023 – Successful ransomware attacks continue first appeared on IT World Canada.

Leave a Reply