July 10th, 2020
Welcome to the transcript of CyberCure podcast.
The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.
The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.
ST Engineering is a Singapore based Technology company with an integrated engineering group in the aerospace, electronics, land systems and marine sectors, producing products used by militaries around the world.
ST Engineering announced that its US subsidiary, VT San Antonio Aerospace, Inc., recently discovered a cybersecurity incident where a group of cybercriminals, known as the Maze group, gained unauthorized access to its IT network and deployed a ransomware attack.
Upon discovering the incident, ST Engineering took immediate action, including disconnecting certain systems from the network, retaining leading third-party forensic advisors to help investigate the incident and notifying appropriate law enforcement authorities.
While they do share a lot of information some questions are still remain open for now:
Was it made for profit or for knowledge ?
a 7bn us $ company is tempting target but also manufacturer to military air industry is interesting target.
As usual, we will update if something new develops!
The University of California in San Francisco is dedicated entirely to health science. It is a major center of medical and biological research and teaching.
On June 3, UCSF IT staff detected a security incident that occurred in a limited part of the UCSF School of Medicine’s IT environment a few days earlier, the organization said in a statement on its website.
the organization posted an update that it negotiated with the hackers to pay a portion of the ransom to regain access to the medical school servers. “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained” UCSF officials said.
In other words, someone out there is sitting with 1.1M USD in his hands after a week or two of work.
The sad reality is that if the university would have spent proper budgets and resources on cyber security it would have cost them much less.
such successful cyber attacks are the reason why attackers are becoming more sophisticated and with more ambitions.
the only way to defend against tomorrows threats are by stop being reactive,
it is time for organizations to start using tools that enables them to become proactive.
employee training,cyber intelligence,proactive testings, these are the tools organizations should focus in order to keep the sophisticated attackers outside the doors.
While In its online statement, UCSF said the incident did not affect UCSF’s patient care delivery operations, overall campus network or COVID-19 work but didnt said what would happen without paying the ransomware.
SC Media reported that UCSF was targeted by the NetWalker ransomware group,
as evidenced by data leaked to a website.
These ransomware operators not only encrypt their targets’ files but also publish stolen files on a piecemeal basis unless and until the victim pays up, SC Media said.
In October, the FBI warned that ransomware attacks are becoming “more targeted, sophisticated and costly, even as the overall frequency of attacks remains consistent.” The FBI does not advocate paying a ransom, the agency said, “in part because it does not guarantee an organization will regain access to its data.” In some cases, victims who paid a ransom were never provided with decryption keys.
You should listen to them no matter where you live.
—–
Don’t forget to visit www.cybercure.ai for the latest podcasts on cyber intelligence.