Twelve Norwegian Ministries fall victim to cyber attack
Norway's government reported a cyber-attack on twelve of its ministries. Erik Hope, the head of the agency servicing these ministries, announced that a vulnerability in a government third party supplier's platform enabled the attack. He reassured that the loophole was quickly closed and detection was made possible by observing unusual traffic activity on the platform.
The details of the attack remain under wraps as investigations continue since its discovery on July 12. It's too early to determine the perpetrators and the full impact of the breach. Jamie Akhtar, CEO of CyberSmart, suggests the attack's traits hint at state-sponsored involvement.
He remarked, “Given Norway’s geopolitical stance and the rise in attacks on state infrastructure in Ukraine-supportive countries, this appears to be a state-backed act.”
Key government entities, including the Prime Minister's office and the foreign, defense and justice ministries, remained unaffected, thanks to their separate IT platform.
Previous cyber-threats have plagued Norway’s state sector. Elliott Wilkes, CTO at ACDS, reminded that the Norwegian Parliament's email systems were attacked by China-affiliated groups in 2021, and pro-Russian group Killnet launched a DDoS attack against public websites in 2022.
He stressed the importance of timely evaluation and mitigation of supplier-related security vulnerabilities, linking the current attack to such a weakness.
SiegedSec group leaks 1GB of NATO data
The hacktivist group SiegedSec, has reportedly attacked NATO, claiming a breach in the organisation's COI portal and subsequently leaking an array of sensitive documents intended for NATO nations and associates. The leaked data allegedly includes comprehensive personal information of around 70 NATO officials, including names, email addresses, phone numbers, office locations, and ranks.
This latest cyber attack reflects the group's increasing audacity and ability to infiltrate high profile targets. SiegedSec has evolved into a substantial cyber threat, fuelled by a combination of hacktivism motives and personal profit objectives.
SiegedSec cites NATO's supposed violation of human rights as the motive behind the hack and denied it being linked to Russia’s incursion into Ukraine and the subsequent proliferation of such threat groups. However, SiegedSec maintains that its assault on NATO is a response to the perceived assaults on human rights by NATO nations.
Yamaha confirms cyber attack
Yamaha's Canadian music division this week disclosed a cyberattack that led to unauthorised data access. In response, they quickly initiated countermeasures, engaged external cyber security specialists, and strengthened their IT team to minimize the potential impact. The company did not confirm if the incident was ransomware-related, but it adds to a growing list of corporations experiencing cyber threats.
According to cyber security experts Yamaha Canada Music was listed as a victim by two separate ransomware groups, Black Byte and Akira, marking an increase in the number of double postings.
Multiple listings have emerged this year, and while the exact reasons remain uncertain, experts theorise that it may involve affiliates operating with dual groups to enhance victim visibility and leverage ransom negotiations.
Allan Liska, a ransomware researcher, commented that these double listings seem to be gaining prevalence and are advantageous for both the affiliate and the ransomware-as-a-service group in terms of attention and clout. Questions have been raised concerning the payment structure under such circumstances. It's also speculated that cybercriminal groups might operate multiple ransomware brands and rotate between them.
Cost of a Data Breach hits highest ever level according to new report
IBM's annual Cost of a Data Breach Report indicates that the worldwide average cost of a data breach in 2023 escalated to a record $4.45 million, reflecting a 15% rise over the past three years. The detection and escalation costs, constituting the major share of breach costs, surged 42% during the same period, denoting the shift towards intricate breach investigations.
The study disclosed that 40% of the examined breaches resulted in data losses across multiple environments, such as public and private clouds, and on-premise systems, implying successful compromises by attackers while bypassing detection. The breaches influencing multiple environments correspondingly led to elevated breach costs, averaging $4.75 million.
