Cyberattacks rise across world as war in Ukraine continues
New research shows cybercrime surged to its highest levels this year as Russia invaded Ukraine. In the first days of the conflict, cyberattacks on Ukraine nearly tripled, with attacks also rising on almost every continent.
According to new research, attacks on Ukraine’s government and military were up 196% during the first three days of the conflict. They have since dropped off, but attacks around the world have increased, with APAC up 11%, the Americas up 17% and Europe up 14%. A hacking group linked to China has hit European diplomats with phishing attacks, while several hacker groups around the world are attacking Russian systems. These events are a reminder that geopolitics impacts cybercrime in varied and often unpredictable ways, with some groups taking aim at specific targets, while others probing for network weaknesses or using the conflict as cover for their own crimes. All organisations should be vigilant in the weeks and months to come.
NZ cloud services firm announces ransomware attack
Rotorua cloud IT company iTCO has been hacked. A ransomware gang, who have not been named, claim to have uploaded 4.56 gigabytes of stolen data to the internet.
The attack appears to have come from “Russian-speaking cybercrime actors”, with an iTCO spokesperson underlining that “we have not engaged with those responsible”. iTCO serves over a thousand businesses in New Zealand and beyond, offering cloud networks, accounting and security. Ransomware attacks are an increasing risk, with ransom demands growing higher each year. System downtime and reputational damage mean the impact of an attack can be long-lasting. New Zealand’s National Cyber Security Centre advises that businesses respond with defense in depth and effective incident management.
Private hospitals warn Australia’s cyber bill puts ICUs under threat
Several private healthcare providers have said that the cost of government cyber measures could mean Intensive Care Units having to close. The critical infrastructure bill would leave hospitals with ICUs with $8.5 million in set-up costs and annual bills of $5.8 million.
The proposed critical infrastructure bill would allow the government to demand that key infrastructure, including hospitals that have ICUs, implement cybersecurity risk management programs. Catholic Health Australia, Ramsay Health Care and Uniting Care told Australia’s security and intelligence committee that they “simply cannot afford” the additional expense, and that several private hospitals would have to close ICUs as a result. The hospitals are hoping to be excluded from the bill, although the Department of Home Affairs said that the cost would be “minimal when compared to the damage to the economy if businesses underinvest in security and allow breaches to occur”.
Australian firms report almost 500 data breaches, with healthcare hardest hit
There were 464 data breaches recorded in the second half of 2021, the Office of the Australian Information Commissioner (OAIC) has announced. The figure represents an increase of 6% on the first half of the year, with healthcare (18%) and finance (12%) the leading sectors.
Malicious attacks made up 55% of the beaches, with human error (41%) not far behind. The most common data exposed was contact information. It’s little surprise to see healthcare topping the list: their data is highly valuable, while their cybersecurity often struggles to keep up with threats. Good cyber resilience is crucial in any sector, but the OAIC’s research underlines the importance of good cyber practice in healthcare. While the upcoming critical infrastructure bill may increase costs for institutions, some coordinated action for securing this crucial sector is essential.
Cryptominers hijack Land Information NZ
Hackers breached a Land Information New Zealand (LINZ) cloud service and used its resources to mine cryptocurrency. The news emerged during a LINZ annual review which noted that no data was accessed. The operation was shut down within 24 hours of detection.
Bitcoin miners verify crypto transactions in the hope of releasing new blocks of currency, and earning a cut as they do so. The process requires serious computing power, which is why cloud accounts such as LINZ’s are often targeted. The June 2021 attack may have been resolved relatively painlessly, but cloud resources are growing at scale, and bitcoin mining breaches are likely to escalate in the future. Ensuring patches are up-to-date, enforcing multi-step authentication and zero-day protection are among the best ways to ensure your organisation doesn’t get sucked into illicit crypto mining operations.