Top Cybersecurity News From September

Top Cybersecurity News of Sept 2023: Ransomware Hits Leading Charity & Google States New AI Policy

Welcome to our weekly dose of trending cyber stories across industries. So, what are the top cybersecurity highlights from September so far?

Ransomware attacks are breaking all records. Just in the past two weeks, ransomware groups have hit key businesses across the hospitality, critical national infrastructure, and even the charity sector. Google has also launched a new policy for AI-generated ads.

Here are this month’s top stories:

Ransomware crew claims to have hit Save The Children

The cybercrime group BianLian has allegedly breached the IT systems of a leading non-profit, suspected to be Save The Children International. The group claims to have stolen a significant amount of data, including financial, health, and medical records. Based on the description provided by BianLian, the targeted organization operates in 116 countries and has revenues of $2.8 billion. 

The stolen data reportedly includes 6.8TB of international HR files, personal data, and over 800GB of financial records. BianLian, known for targeting healthcare and critical infrastructure sectors, may leak or sell the information if their ransom demands are not met. 

 

MGM Resorts heavily impacted by cyberattack

MGM Resorts International faced a significant “cybersecurity issue” that led the company to temporarily shut down its computer systems across the U.S. The cyberattack, which began on a Sunday, is believed to have affected MGM properties in multiple states, including Nevada, Maryland, Massachusetts, and others. 

As the largest casino operator in Las Vegas, MGM Resorts owns renowned establishments like the MGM Grand, Bellagio, and Mandalay Bay. The attack disrupted the company’s reservation system, slot machines, emails, and room keys. The online betting platform BetMGM’s Nevada site was also down. While the company has informed law enforcement about the issue, it remains unclear if the incident involved a data breach.

 

Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data

A significant ransomware attack has impacted the Lanka Government Cloud (LGC), Sri Lanka’s government cloud system. The Sri Lanka Computer Emergency Readiness Team and Coordination Center (CERT|CC) is currently investigating the incident. The attack, which is believed to have started on August 26, 2023, resulted in the encryption of LGC services and backup systems. 

Mahesh Perera, CEO at the Information and Communication Technology Agency (ICTA), stated that approximately 5,000 email addresses with the “gov[dot]lk” domain were affected. Although systems were restored within 12 hours, data from May 17 to August 26, 2023, was permanently lost. The outdated version of the system was identified as a vulnerability, and measures are being taken to enhance security.

 

Google: Political adverts must disclose use of AI

Google has announced that political advertisements on its platforms will soon need to disclose if they contain content generated using artificial intelligence (AI). This decision comes as a response to the increasing use of tools that produce synthetic content. The implementation of this rule is set for November, well ahead of the upcoming US presidential election. 

AI-generated political ad

Image: An AI-generated campaign ad from The Republican party.

Concerns have been raised about AI’s potential to amplify disinformation during campaigns. Google’s updated policy will necessitate election-related ads to clearly indicate if they feature “synthetic content” portraying real or seemingly real individuals or events. Examples of suitable labels might include “this image does not depict real events” or “this video content was synthetically generated.” The move aims to enhance transparency and combat the spread of misleading AI-generated content.

 

Hackers publish Israeli hospital’s records after Cyberattack

The ransomware hacker group “Ragnar Locker” has released patient data stolen from Israel’s Mayanei Hayeshua Medical Center. The cyberattack took place at a hospital in Bnei Brak, near Tel Aviv, approximately a month prior. The group had threatened to disclose the sensitive information if they did not receive a ransom amounting to tens of millions of shekels. 

On a recent Wednesday, the group announced on Telegram that they had uploaded the initial 402 gigabytes of data to the darknet and would release the remaining data if not paid. Notable figures, including the prime minister, lawmakers, and senior rabbis, could have their medical histories exposed if the ransom demands aren’t met. The country’s Privacy Protection Authority has confirmed signs of a data leak from the hospital’s systems. 

For more cybersecurity news, insights and analysis, follow Code Red on Twitter and LinkedIn.

 

Back to Knowledge Hub