Relentless Ransomware: Top Cybersecurity News from the Week of Feb 20th
What’s in the paper for last week’s top cybersecurity news? This week is all about ransomware, again! The LockBit group has made back-to-back headlines this week, along with other high-profile attacks rattling major industries across the globe.
Here is the top cybersecurity news from the week:
LockBit targets Portuguese Water Utility Company
The infamous LockBit ransomware group has claimed responsibility for the attack on Águas e Energia do Porto, one of Portugal’s leading water utility providers. The attack occurred on February 8th, as the threat actors compromised sensitive data from the company’s encrypted database. LockBit has given the company until March 7th to pay a ransom, threatening to publish the sensitive data otherwise.
Águas e Energia serves water to half a million people across Porto, Portugal’s second-largest city. The attack, however, did not affect the company’s water supply operations. According to the organisation’s official statement, the attack has only affected some customer service operations and limited the company’s ability to respond to customer queries in time.
EU Commission staff banned from suing TikTok
The European Commission has temporarily banned its employees from having the TikTok app on their phones over fears of potential cyberattacks. The commission has stated that employees will have until March 15 to uninstall the app from their work devices and personal phones that are used for work.
European and US regulators are constantly scrutinising the popular Chinese-owned social media platform over security and data privacy concerns.
“The reason why this decision has been taken is to… increase the commission’s cybersecurity. Also, the measure aims to protect the commission against cybersecurity threats and actions which may be exploited for cyberattacks against the corporate environment of the commission,” – said Sonya Gospodinova, EU Commission spokesperson.
World’s leading fresh fruit distributors suffer a ransomware attack
Dole plc, one of the largest fresh fruit and vegetable producers in the world, has suffered a critical ransomware attack.
The company’s public statement described the attack’s impact as ‘limited’. However, a social media leak has reflected that the food giants were forced to shut down several production plants in North America because of the attack.
Dole has sent memos to its stores indicating that the company will implement its crisis management protocol. This includes the “Manual Backup Program.”, meaning that the firm might return to manual operations, which should resume production and shipments.
LockBit leaks more Royal Mail data
After two months of delays due to an attack by ransomware group LockBit, the UK’s Royal Mail has declared that its international delivery service is back up and operating. Earlier this week, the threat actors leaked more data allegedly belonging to Royal Mail.
LockBit originally promised to reveal data if a ransom demand was not met two weeks ago, but the deadline passed without this happening. According to screenshots from the gang’s blog obtained by Tech Monitor, the deadline has been postponed to today.
This suggests that LockBit is still hoping to make money from the breach. The new deadline is described as the “final chance to avoid leaks of [Royal Mail] information,” according to the site. For $40 million, we are willing to offer a discount, erase the stolen information, and supply a decryptor. There will be no further delays; once the timer runs out, all data will be delivered.”
For top cybersecurity news, insights and analysis every week, follow Code Red on Twitter and LinkedIn.