Vice Society Ransomware Responsible for Cyberattack Palermo Italy
Industry: Government | Level: Strategic | Source: BleepingComputer
The threat actor group responsible for the cyberattack on the Italian city Palermo, was identified as Vice Society ransomware. The attack occurred on June 3rd, 2022, resulting in the shutdown of the city’s IT infrastructure to mitigate the attack. However, as services dependent on internet connectivity were offline, the impact of the outage affected 1.3 million residents, as well as any tourists visiting the city in addition to many booking sites rendered unavailable. The Vice Society ransomware gang confirmed their involvement in the attack on their dark web data leak site and has threatened to publish stolen data by Sunday, June 12th, 2022, if the ransom demand was not met. Technical details regarding the attack have not been disclosed by Palermo officials.
FBI Warns of Ransomware Threat to Food and Agriculture Organizations
Industry: Agriculture | Level: Strategic | Source: IC3
The US Federal Bureau of Investigation (FBI), latest private industry notification alerts of ransomware actors likely to target agricultural cooperatives during critical planting and harvest seasons. The attacks aim to disrupt business operations, create financial losses, and impact the supply chain. As described in the report, “The FBI noted ransomware attacks during these seasons against six-grain cooperatives during the fall 2021 harvest and two attacks in early 2022 that could impact the planting season by disrupting the supply of seeds and fertilizer. Cyber actors may perceive cooperatives as lucrative targets with a willingness to pay due to the time-sensitive role they play in agricultural production.” Initial attack vectors from threat actors appear from common vulnerabilities with secondary infections resulting from the compromise of network resources or managed services. In 2022 there have been two identified impacts on agricultural companies. A multi-state graining company was impacted by Lockbit 2.0 in March 2022 and in February 2022 a feed milling, agricultural services company identified and prevented a potential network intrusion. There are severe repercussions to supply chain impact from grain production as it would affect consumers, animals, and commodities for trading.
Nordex Group’s Cyber Attack
Industry: Manufacturing | Level: Strategic | Source: Nordex
The Nordex Group a wind turbine manufacturer headquartered in Germany suffered a cyberattack on March 31st, 2022 resulting in the “precautionary” shut down of their IT systems in various locations. The company maintains factories in Germany, China, Mexico, the United States, Brazil, Spain and India, with no details on the locations impacted. The company’s press statement states the intrusion activity was in the “early stage.” Adding that their incident response procedures were executed immediately, “The incident response team of internal and external security experts has been set up immediately in order to contain the issue and prevent further propagation and to assess the extent of potential exposure.” Nordex Group has not released any additional updates regarding the incident.
News Corp Cyberattack
Industry: Media | Level: Strategic | Source: BleepingComputer
Reported by BleepingComputer, American mass media corporation, News Corp, discloses a cyberattack, identified in January 2022. News Corp SEC filing detailed the attackers are aligned to a “foreign government,” but has not shared the full extent of the impact, however did confirm that data exfiltration had occurred. The attack, “reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists.” The News Corp media corporation is associated with properties including “Fox News, The Wall Street Journal, New York Post, and News UK.”
McMenamins suffers Conti Ransomware Attack
Industry: Hospitality, Food & Beverage | Level: Strategic | Source: BleepingComputer
A ransomware attack by Conti, disrupted operations for Portland brewery and hotel chain McMenamins. The attack occurred on December 12th, 2021, and impacted point-of-sale systems, servers, and workstations forcing McMenamins to shut their IT systems down. The investigation is ongoing and it is unknown at the moment if there is any impact on customer data.
Sports Gear Sites data breach impacts 1.8 million people
Industry: Retail | Level: Strategic | Source: BleepingComputer
A law firm representing four affiliated online sports gear sites Tackle Warehouse LLC, Running Warehouse LLC, Tennis Warehouse LCC and Skate Warehouse LLC, has disclosed a cyberattack resulting in stolen credit card information impacting 1,813,224 customers. The breach was identified on October 15th, and confirmed on November 29th. Compromised data includes name, financial account number, credit/debit card numbers with CVV, and website account password. No details are provided on the cyberattack and notices were sent to impacted customers by the company, however no identity protection service was provided.
Vestas Wind Systems Impacted by Cyberattack
Industry: Manufacturing | Level: Strategic | Source: Vestas
Vestas Wind Systems, a wind turbine manufacturer, suffered a cyberattack on Friday, November 19th, 2021. The latest company update as of November 22nd, indicated they were still working to get systems online with investigations still ongoing. Preliminary findings reported by the company have identified impacts to Vestas’ internal IT infrastructure and at this stage no indication the incident impacted third party operations involving customer and supply chain operations.