Note posted to LockBit's darknet data-leak site in August claiming responsibility for the Accenture attack and threatening to leak stolen data

Accenture: Ransomware Attack Breached Proprietary Data

Mathew J. Schwartz • October 18, 2021

Accenture says an online attack against it that it first disclosed in August resulted in "the extraction of proprietary information by a third party, some of which was made available to the public by the third party." The LockBit 2.0 ransomware operation has taken credit for the attack and dumping data.

Breach Notification

Ransomware: No Decline in Victims Posted to Data Leak Sites

Profiles in Leadership: Dr. Frances Undelikwo, Fidelity Bank

Latest

Blockchain & Cryptocurrency

New York Tells 2 Cryptocurrency Firms to Cease and Desist

Dan Gunderman • October 19, 2021

New York State AG Letitia James served cease and desist letters to two cryptocurrency lending platforms that her office says engage in "unregistered and unlawful activities." Three other platforms were told by the OAG to "immediately provide information about their activities and products."

Cybercrime

New Business Model: White Labeling of Ransomware

Mihir Bagwe • October 19, 2021

Researchers at cybersecurity firm Trend Micro have observed the adoption of a new franchise-based business model by ransomware operators that moves away from the traditional ransomware-as-a-service model. Operators now rebrand a "supplier" ransomware before deployment.

Endpoint Detection & Response (EDR)

More Attempted Cyberattacks on Israeli Healthcare Entities

Marianne Kolbasuk McGee • October 19, 2021

Israeli officials say they have fended off a wave of attempted cyberattacks on several hospitals and healthcare entities in recent days, as Hillel Yaffe Medical Center continues to recover from a ransomware attack last week that authorities reportedly suspect was carried out by Chinese hackers.

3rd Party Risk Management

Profiles in Leadership: Mustapha Kebbeh, CISO, Brinks

Tom Field • October 19, 2021

Ransomware and nation-state threats are daunting. But the one that concerns Mustapha Kebbeh the most? Supply-chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.

Incident & Breach Response

Positive Security: Inspiring Behavioral Change at Workplace

Anna Delaney • October 19, 2021

To mark Cybersecurity Awareness Month, the National Cyber Security Alliance and U.K. based behavioral science and data analytics company, CybSafe, have released their Annual Cybersecurity Attitudes and Behaviors Report 2021, which uncovers key trends, behaviors and habits among tech users.

Critical Infrastructure Security

Preparing for Ransomware Attacks in the Education Sector

Anna Delaney • October 19, 2021

A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.

Business Continuity Management / Disaster Recovery

BlackMatter Ransomware Defense: Just-In-Time Admin Access

Mathew J. Schwartz • October 19, 2021

How many ways do U.S. businesses need to be told to lock down their systems to safeguard themselves from ransomware? That's the focus of a new, joint cybersecurity advisory from the U.S. government pertaining to BlackMatter, following an advisory issued last month about Conti.

Breach Notification

Acer Taiwan and India Hit in 2nd and 3rd Attacks of 2021

Prajeet Nair • October 18, 2021

After being targeted by a ransomware attack in March 2021, Acer, one of the world's largest PC and device makers, has now suffered two further cyberattacks within a week. DESORDEN threat actors are reported to have claimed responsibility for the attacks.

Cyberwarfare / Nation-State Attacks

Twitter Suspends North Korean Threat Actor Accounts

Mihir Bagwe • October 18, 2021

Social media platform Twitter has suspended two accounts that were being used by members of the DPRK, a North Korean government-backed threat group, according to Adam Weidemann, an analyst with the Google Threat Analysis Group. The accounts allegedly targeted security researchers around the globe.

Fraud Management & Cybercrime

Analysis: Top Ransomware Gangs Targeting Healthcare Sector

Marianne Kolbasuk McGee • October 18, 2021

Ransomware attacks are continuing to threaten the U.S. and global healthcare sectors, in part due to many organizations' high dependency on legacy systems and lack of security resources, says new analysis by federal officials, which also identified the top ransomware gangs hitting the sector.

Breach Notification

Sinclair TV Stations Targeted in Weekend Ransomware Attack

Dan Gunderman • October 18, 2021

Sinclair Broadcast Group, Inc., which owns or operates 186 television stations across 87 U.S. markets, has been hit with a ransomware attack that has disrupted operations. The company says the attack has impacted its ability to deliver advertisements and certain programming.

Anti-Money Laundering (AML)

Treasury Dept. to Crypto Companies: Comply with Sanctions

Dan Gunderman • October 16, 2021

The U.S. Department of the Treasury unveiled additional steps to curb the illicit use of cryptocurrencies on Friday, warning enterprises not to engage with sanctioned entities exploiting the financial system - particularly to launder ransomware proceeds.