Hackers from India say they are targeting Canadian websites.
Welcome to Cyber Security Today. It’s Monday, September 25th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.
Hackers from India may be going after vulnerable Canadian websites. It’s in retaliation for Canada alleging the government of India may have been involved in assassinating a Canadian citizen advocating an independent Sikh state. India denies the allegation. A group calling itself the Indian Cyber Force posted a threatening message last week on the X messaging platform. It says, “Get ready to feel the power of IndianCyberForce attacks will be launching on Canada cyber space in the coming 3 days. It’s for the mess your started.” A website that appears to belong to a Canadian dental clinic has been defaced with a message, “Hacked by Indian Cyber Force.” However, the real website, whose address begins with ‘www,’ isn’t affected. The defaced website has a similar name and could be a phony spoof. Or the dental clinic’s site was defaced and it quickly set up a new one.
The Royal ransomware gang that attacked the city of Dallas, Texas earlier this year was in the municipality’s IT environment undetected for almost a month. That’s according to an after-action report released by the city. The personal data of just over 30,000 individuals was stolen. The city has set aside US$8.5 million to recover and restore systems from the attack. The gang initially got into the IT system by using a service account. The report doesn’t say if this was with stolen or brute-forced credentials.
Hinds County of Mississippi has approved more than US$600,000 to pay for recovery costs after this month’s ransomware attack. Since the September 7th attack residents have been unable to pay property taxes, complete many real estate transactions or buy car tags.
The AlphV ransomware gang claims to have hacked Clairon, a manufacturer of audio, video and navigation equipment for vehicles made by major manufacturers. According to the Security Affairs website, as proof of the hack the gang posted screenshots of what it claims are stolen documents.
It’s been almost four months since organizations began admitting they were directly or indirectly hacked through a vulnerability in Progress Software’s MOVEit file transfer software. The list keeps growing. It now includes the U.S. National Student Clearing House. It provides educational reporting and verification services to American educational institutions and employers. It’s notifying an unstated number of individuals their personal data was stolen from the clearing house’s MOVEit server. But while we don’t know how many people were affected, the company did tell California’s attorney general’s office that almost 900 of its customers, like American high schools and colleges, were involved.
Financial Institution Service Corporation, which processes data for southern U.S. banks and trust companies, is notifying just over 753,000 Americans their data was stolen from its MOVEit server.
Johnson Financial Group of Wisconsin is notifying just over 93,000 people that their personal data was stolen. It was taken from the MOVEit server of an unnamed partner company handling the data.
Threat actors have been exploiting holes in a number of file transfer applications such as Accellion FTA and GoAnywhere in the past two years. An Oregon healthcare support company called Kannact Inc. is now notifying almost 118,000 people of a data breach the company says came as the result of the hack of its file transfer software. The notice to Maine’s attorney general’s office last week didn’t name the software. Kannact announced this hack in June but it is still trying to get an accurate number of victims.
Finally, a Nigerian man will be sentenced by a U.S. judge in November after pleading guilty to conspiracy charges for his involvement with others in a business email scam. The scam used spoofed email messages convincing victims into sending money to bank accounts the gang controlled. The gang pulled in at least US$1 million in 2017. The man was extradited to the U.S. from Canada in April. He faces a maximum sentence of 20 years.
Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.