Royal Ransomware & Data Breaches: Top Cybersecurity News from the Week of Feb 27th
What’s in the paper for last week’s top cybersecurity news? Across the industry, there is a significant buzz about the Royal ransomware and its dangerous capabilities. This week has also seen a range of different attacks, affecting popular fast-food chains to Critical National Infrastructure.
Here is the top cybersecurity news from the week:
White House announces new national cybersecurity strategy
The Biden-Harris administration has published its national cybersecurity strategy, which aims to provide guidelines regarding how companies in the US allocate roles, responsibilities and resources in cyberspace.
The strategy shifts the cybersecurity burden from individuals, small businesses and local governments to technology firms. It also pushes towards a realignment of incentives to favour long-term investments in a bid to find a balance between existing and future threats.
Five pillars are included in the Strategy, guidelines aimed at improving specific aspects of cybersecurity across the US.
These are, respectively, the defence of critical infrastructure, the disruption and dismantlement of threat actors, the push toward reshaping market forces to drive security, then investing in a ‘resilient future,’ and the creation of international partnerships.
According to Bryan Cunningham, former White House lawyer and advisor at Theon Technology, the strategy is the culmination of a shared belief that the cybersecurity industry should have more mandatory regulations.
Royal Ransomware demands $11 million in ransom
Royal ransomware has gained momentum since it began operations last year, extorting over a hundred organisations with ransom demands in the six-digit territory per victim.
The US Cybersecurity and Infrastructure Security Agency (CISA) said that cyber crooks had used a variant of Royal ransomware to attack American and international organisations.
Once inside the target’s system, cybercriminals disable antivirus software and take large amounts of data before deploying the encryption malware. The Central Intelligence Agency (CIA) believes Royal’s malware is derived from malicious software called Zeon.
“Royal actors have made ransom demands ranging from approximately $1 million to $11 million in Bitcoin. In observed incidents, Royal actors do not include ransom amounts and payment instructions as part of the initial ransom note,” CISA said in an advisory.
Hatch bank discloses major data breach
Fintech banking platform Hatch Bank has reported a data breach after hackers stole the personal information of almost 140,000 customers from the company’s Fortra GoAnywhere MFT secure file-sharing platform.
Hatch Bank is a financial technology firm allowing small businesses to access bank services from other financial institutions.
As reported by TechCrunch, data breach notifications sent to impacted customers and filed with Attorney General’s offices warned that hackers exploited a vulnerability in the GoAnywhere MFT software to steal the data of 139,493 customers.
Chick-fil-A confirms customer data breach
American fast food chain Chick-fil-A has confirmed that customers’ accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information.
In January, BleepingComputer reported that Chick-fil-A had begun investigating what it described as “suspicious activity” on customers’ accounts.
At the time, Chick-fil-A set up a support page with information on what customers should do if they detect suspicious activity on their accounts.
For more cybersecurity news, insights and analysis, follow Code Red on Twitter and LinkedIn.