While cyberattacks targeting large corporations or government agencies tend to make splashy headlines, the truth is that many attackers are shifting their priorities to focus on small businesses. Unfortunately, these smaller businesses generally lack the resources and security capabilities of larger organizations. In fact, 83% of small business owners report handling cybersecurity matters themselves. Although …
Pharmaceutical giant Merck & Co says a recent cyber-attack resulted in production shutdowns and cost it around $135m in lost revenue.
Merck – known as MSD outside North America – said the attack had a particular impact on its ability to supply its human papillomavirus (HPV) vaccine Gardasil, used to prevent cervical and related cancers. The cost of implementing remediation measures in the wake of the attack also pegged back its gross margin in the third quarter.
It’s the third major outbreak of the year – here’s what we know so far.
A new ransomware campaign has hit a number of high profile targets in Russia and Eastern Europe.
Dubbed Bad Rabbit, the ransomware first started infecting systems on Tuesday 24 October, and the way in which organisations appear to have been hit simultaneously immediately drew comparisons to this year’s WannaCry and Petya epidemics.
Some of the big companies hit by the NotPetya malware in late June have reported losing hundreds of millions of dollars due to the cyberattack.
The NotPetya malware outbreak affected tens of thousands of systems in more than 65 countries, including ones belonging to major organizations such as Rosneft, AP Moller-Maersk, Merck, FedEx, Mondelez International, Nuance Communications, Reckitt Benckiser and Saint-Gobain. Many of the victims were located in Ukraine, the home of a tax software firm whose product was used as the main attack vector.
Researchers initially believed NotPetya (aka PetrWrap, exPetr, GoldenEye and Diskcoder.C) was a piece of ransomware, similar to WannaCry. However, a closer analysis revealed that it was actually a wiper and it was unlikely that victims could recover their files, even if they paid the ransom.
The Scottish Parliament has been targeted by a “brute force” cyber attack, officials have said.
Chief executive Sir Paul Grice said the attack, from “external sources”, was similar to that which affected Westminster in June.
He confirmed the attack in a message to MSPs and staff with parliamentary email addresses, urging them to be vigilant.
A massive cyberattack that took down government websites in Venezuela earlier this week also has left seven million mobile phone users without service, the government said Thursday.
A group that calls itself The Binary Guardians claimed responsibility for attacks that targeted the websites of the government, the supreme court and the National Assembly.
“These terrorist actions which affected the Movilnet’s GSM platform on Wednesday left without communication seven of the state operator’s 13 million users,” Science and Technology Minister Hugbel Roa said.
The most concerning revelation to come out of the security industry over the past couple of years isn’t the Mirai botnet, nor the hacks of Verizon, Yahoo! (before the acquisition), or the Democratic National Committee (DNC), or even the infamous Jeep hack. Instead, it came from security company FireEye’s June 2016 Mandiant M-Trends Report, in which it was revealed that the average time between compromise and detection of a cyberattack is 146 days.
While this number is unnerving for enterprises of any kind, it’s particularly disconcerting for industrial and Internet of Things (IoT) companies that deal in sensitive and/or safety-critical products. 146 days is nearly five months, or almost half a year that advanced persistent threats have to siphon sensitive intellectual property (IP) or customer data, propagate into critical systems, and, potentially, do serious physical damage.
The latest HBO hacking scandal is shaping up to be much, much worse than a few leaked Game of Thrones episodes.
Now the FBI is getting involved, according to the latest update from the Hollywood Reporter. The cyberattack that occurred earlier this week compromised around 1.5 terabytes of data, which, it turns out, is seven times the amount of data that was leaked during the 2014 Sony hack (around 200 gigabytes of data).
What makes this hack even more frightening is that, according to multiple sources, there has been no ransom declared. That means the hackers’ motivation may have less to do with money and more to do with a political agenda, harnessing the power to release potentially compromising data (including internal memos and email correspondence) for HBO and its investors.