Top news stories this week
- Outage. Financial losses of GBP 32.7 million attributed to Synnovis ransomware attack in June 2024.
- Super-power. ASEAN countries intend to integrate power grids.
- Don't trust and verify. Criminals are impersonating trusted entities to gain unauthorised access.
- DDoS. Bug in ChatGPT’s API could lead to distributed denial of service attacks.
- On the market. Stolen Hewlett Packard Enterprise data for sale on dark web.
- Leading the way. Australia’s ACSC and global partners tackle Bulletproof Hosting Providers.
1. Data breach and financial fallout due to Synnovis ransomware attack in June 2024
In June 2024, Synnovis, a lab service provider for the NHS, was targeted by a ransomware attack, forcing the manual delivery of blood test results instead of using electronic systems. This disruption led to significant delays in patient appointments, with financial losses estimated at approximately GBP 32.7 million.
So what?
Operational disruption due to system outages from cyber attacks can lead to significant financial ramifications in the long term. Putting incident response plans into place can help mitigate such financial risks.
[Researcher: Lena Krummeich]
2. ASEAN countries intend to integrate power grids
Singapore's foreign affairs minister announced the creation of a digital payments system and power grid across ASEAN. Initially five countries – Singapore, Malaysia, Thailand, the Philippines, and India – are planning to integrate their respective power grids into a fully integrated Southeast Asian power grid system.
So what?
Users and companies – notwithstanding the regional network itself – must first navigate a complex set of cyber security requirements, including infrastructure readiness.
[Researcher: Fairuz Yakob]
3. Criminals are impersonating trusted entities to gain unauthorised access
Ransomware gangs are sending large volumes of spam to overflow users' mailboxes followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. Separately, criminals are impersonating tech support from Ukraine's computer emergency response team (CERT-UA) to gain unauthorised access to victims' devices.
So what?
Organisations should keep their employee security and awareness training up to date and regularly communicate about the latest and relevant social engineering threats to their employees.
[Researcher: Milda Petraityte]
4. Bug in ChatGPT’s API could lead to distributed denial of service attacks
Researchers have identified a vulnerability in ChatGPT’s API, responsible for handling HTTP POST requests to a specific website. Without a limit on the number of URLs a person can submit within a single request, threat actors could potentially create a huge volume of HTTP requests, resulting in DDoS attacks against targeted websites.
SO WHAT?
Artificial Intelligence, like most technologies, has the potential to be used for both good and bad. It is essential that as new methods to misuse it come to light, developers remain responsive and willing to put safeguards in place.
[Researcher: Anna Tankovics]
5. Stolen Hewlett Packard Enterprise data on sale
Cybercriminal group IntelBroker announced on a dark web forum that it is selling files stolen from Hewlett Packard Enterprise (HPE). The stolen data reportedly includes sensitive information from HPE's developer environment, such as access to the company's API, WePay service, and private and public GitHub repositories.
So What?
Robust security controls are essential to protect sensitive business data. Organisations should regularly update and patch their software, employ firewalls, and use intrusion detection systems to safeguard against unauthorised access.
[Researcher: Aditya Ganjam Mahesh]
6. Australia’s ACSC and global partners tackle Bulletproof Hosting Providers
The Australian Cyber Security Centre (ACSC) warns against Bulletproof Hosting Providers (BPH), which lease infrastructure that enables cyber criminals to launch undetected attacks. In an effort to disrupt BPH operations, the ACSC collaborates with global law enforcement, governments, and private cyber security experts. Their goal is to identify and block known BPH services, reducing the impact of these attacks across Australian sectors.
SO WHAT?
Successful takedowns of criminal infrastructure proves that collaboration is an effective tool in the fight against cyber crime. These efforts weaken and limit criminals' capacity to operate.
[Researcher: Blanche MacArthur]
-1-1.jpeg?width=121&height=121&name=MicrosoftTeams-image%20(11)-1-1.jpeg)
