This large cloud company fell for a phishing attack

In this week's Cyber Weekly:

1. The most recent cloud company falling victim to a phishing attack
2. Boeing subsidiary attacked
3. Train system stopped
4. LockBit attacked again
5. How much ransomware cost us in 2021

Thanks to all 8643 subscribers. It really takes a community to fight against cyberattacks. By sharing these newsletters, we can reach more people and help others from becoming a statistic. To share, press the icons in the top right corner.

Also, follow me on LinkedIn for daily tech discussions >> Luigi Tiano.

1. DropBox Employees Fell for a Phishing Attack

‍

Another cloud company attacked through phishing. DropBox employees were sent a sophisticated email mimicking the software development platform CircleCI. The landing page seemed to be an identical replication of their landing page where they asked users to enter their credentials.

Hackers did not access the credentials of their 200 million users. Instead, they accessed and copied 130 DropBox code repositories stored on GitHub. This included internal prototypes, personal information of thousands of current and former employees and sales leads and vendors. (bankofinfosecurity)

‍

Thoughts: The attack on DropBox just happened. Therefore, the extent of the breach is not fully understood. As a result, I would highly recommend DropBox users update their passwords. Keep a close eye out for this. Who knows what else they have!

2. Boeing Subsidiary Attacked?

‍

Jeppesen is the leading aviation navigation services provider in the world. They provide navigation databases for aircraft, flight planning applications and more. Last week, the Boeing subsidiary was hit with a potential ransomware attack. They came out with a notice advising they were experiencing technical issues and did not have access to their phone systems. It was a private source that came forward to discuss the case. They remained anonymous due to the sensitive nature of the issue.

The parent company was hit by the WannaCry Virus in 2018 leading to alarm within the company. This ransomware attack seems to be contained within the subsidiary. (liveandletsfly)

‍

Thoughts: This isn’t the first time Boeing gets caught in cyber breaches. It goes back to the idea that once you are breached, you are likely to get hacked / breached again. I wonder if ransomware gangs keep a list of all their successful and unsuccessful attacks. Just like companies would send out a campaign for “dead leads,” the ransomware gangs attack “warm leads” again.

‍

3. Train System Stopped

‍

Denmark’s train network suffered a major breakdown over the weekend as the result of a cyber attack on an IT subcontractor’s software testing environment.

“The attack prompted subcontractor Supeo to shut down its servers, which in turn affected locomotive drivers' ability to operate the trains for several hours on Saturday, according to DR.” (reuters)

‍

Thoughts: We’ve been talking about third-party breaches for a little while now. They are more prominent than ever. Vet your business partners carefully and often. You are only as strong as your weakest business partner. Here is a checklist to get started.

‍

4. LockBit Strikes Again

‍

LockBit is one of the largest ransomware-as-a-service operations that we continue to see making headlines. Their latest victim is automotive giant, Continental, had reported sales of €33.8 billion in 2021.

The actual attack happened back in August, but the ransomware group just put a deadline for paying the ransom. It doesn’t seem like Continental plans on cooperating with the criminals. As a result, LockBit plans on releasing the data stolen on the dark web. (bleepingcomputer)

Thoughts: I still think we are giving ransomware groups too much media attention. We should instead demonstrate ways to keep business and individuals safe! Thoughts?

‍

5. Fact of the Week

‍

Ransomware costs reached $1.2 billion in 2021.

In case you didn't know...

‍

I started Assurance IT with my childhood friend Ernesto Pellegrino in 2011. Our mission is to help 100,000 companies become cyber resilient through our services and free content. We focus on helping mid-sized organizations with data protection and data privacy. Our primary services include: endpoint management, cloud backup, DRaaS, Office 365 backup, and Quebec's Law 25 training.

‍