Top news stories this week
- Parched. Japan’s largest brewery, Asahi, targeted in a cyberattack.
- Shut down. US federal government shutdown impacts cybersecurity agency.
- Burning down the house. South Korean data centre fire sparks hacking fears.
- Remote control. Cyber criminal attempts to recruit BBC journalist.
- Exploit evolution. Akira’s attacks against SonicWall devices continue.
- Prompt command. Multiple providers release patches to address critical-severity vulnerabilities.
1. Japan’s largest brewery targeted in cyberattack
The Japanese brewery Asahi has halted its local operations following a cyberattack. The company, owner of global beer brands Peroni, Pilsner Urquell and Grolsch, reported suspensions across order processing, shipments, call centres, and some customer services due to a system failure linked to the attack.
So what?
This attack highlights the importance of security practices that segregate and segment networks to contain the impact attack and ensure business continuity in unaffected areas.
[Researcher: Jenny Eysert ]
2. US federal government shutdown impacts national cybersecurity agency
The US federal government shutdown on October 1, due to budget approval failures, will significantly impact government contractors at federal agencies including the Cybersecurity and Infrastructure Security Agency (CISA) where around 1,600 of employees will be furloughed.
So what?
There is a risk that cyber criminals will see this as an opportunity to increase their efforts to attack federal systems, employees, and contractors.
[Researcher: Steve Ross]
3. South Korean data centre fire sparks hacking fears
South Korea’s intelligence agency has raised the national cyber threat level to ‘caution’ after a fire at an operational government data centre led to the offline status of over 600 government websites. The fire has reportedly disabled various systems, resulting in the shutdown of email services and multiple websites.
So what?
Organizations should test response plans for diverse scenarios beyond ransomware and ensure recovery strategies are operational. Increased vigilance is also essential when national infrastructure has been impacted, as threat actors often exploit these systemic events.
[Researcher: Lester Lim ]
4. Cyber criminal attempts to recruit BBC journalist
A cyber criminal reportedly affiliated to the Medusa cyber crime gang has tried to recruit a BBC cyber journalist. The threat actor contacted Tidy on the encrypted app Signal requesting that he provided access to the BBC network in return for “15% of any ransom payment”.
SO WHAT?
The incident highlights not only the risk of disgruntled employees becoming insider threats due to the temptation of high payments, but also how threat groups are motivated by a desire for fame, seeking notoriety through mainstream media.
[Researcher: Miles Arkwright]
5. Akira ransomware attacks against SonicWall devices continue despite the released fixes
The criminal gang Akira is continuing to aggressively exploit SonicWall SSL VPN device accounts using one-time password (OTP) for multi-factor authentication. While SonicWall attributed the issue to a previous patched vulnerability (CVE-2024-40766), security researchers suggest Akira exploited OTPs stolen in earlier zero-day attacks to access patched devices.
So What?
Organizations are strongly advised to reset all VPN credentials on all devices that previously ran vulnerable SonicWall software. It is also recommended to diligently monitor VPN logins, SMB activity, and to ensure visibility across the internal networks.
[Researcher: Milda Petraityte]
6. Multiple providers release patches to address critical-severity vulnerabilities
The US National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) have alerted to critical vulnerabilities affecting operating systems and networking and storage devices, prompting key providers such as Linux, Cisco, Broadcom and Western Digital to issue patches.
SO WHAT?
Diligent and expedient patching should be standard practice for companies. As tech stacks become increasingly complex, investing in a robust patch management system could be beneficial.
[Researcher: Mark Farley]
-1-1.jpeg?width=121&height=121&name=MicrosoftTeams-image%20(11)-1-1.jpeg)
