Insurer AXA hit by ransomware after dropping support for ransom payments
Branches of insurance giant AXA have been struck by a ransomware attack. The Avaddon ransomware group claimed on their leak site that they had stolen 3TB of sensitive data from AXA’s Asian operations. In addition, there was a DDoS attack against AXA’s global websites making them inaccessible for some time on Saturday, and the attack comes just a a week after AXA stated that they would be dropping reimbursement for ransomware extortion payments when underwriting cyber-insurance policies in France.
Darkside says it lost control of servers and money a day after Biden threat
A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware group said they had lost control of their web servers and some of the funds they made from ransom payments stating that cryptocurrency had been withdrawn from the gang’s payment server. Opinion varies as to whether this was a coordinated takedown by US authorities or a ruse that will allow the gang to return under a new name.
CEOs could face jail time for IoT attacks by 2024
Gartner has warned that as many as 75% of business leaders could be held liable by 2024 due to increased regulations around so-called “cyber-physical systems” (CPSs) such as IoT and operational technology (OT), stating that the financial impact of such attacks on CPSs resulting in fatalities could reach as much as $50 billion by 2023. Katell Thielemann, research vice president at Gartner, states that many business leaders aren’t even aware of the scale of CPS investment in their organization, often because projects have happened outside of the control of IT. Technology leaders in the organization must step up to help CEOs understand the risks that CPSs represent, and why more budget needs to be allocated to operational resilience management (ORM) in order to secure them, she says.
Colonial Pipeline did not tell CISA about ransomware incident
CISA still didn’t have technical details about the Colonial attack as of Tuesday morning of last week, the agency’s top official told senators at a Senate Homeland Security and Governmental Affairs Committee hearing held that day. In fact, CISA only found out through the FBI with whom they have a close information sharing relationship. Although CISO was forgiving about Colonial’s lack of communication, one Republican Senator in attendance called the attack “potentially the most substantial and damaging attack on U.S. critical infrastructure ever,” referring to the fact its shutdown withheld its daily delivery of 100 million gallons of fuel products and prompted the Biden administration to declare an emergency, triggering the Environmental Protection Agency to issue its own emergency waiver.
Thanks to our episode sponsor, Trend Micro
Cloudflare wants to kill the CAPTCHA
CAPTCHAs, those irritating tests, which require you to look at images and pick out objects such as cars, bridges, or bicycles, put friction in front of their users, the company stated, equating it to 500 human years wasted per day. Their solution is for users to use a hardware security key that is plugged in or tapped, which provides a signature that delivers cryptographic attestation to the challenging website. The key must authenticate with the FIDO alliance to establish personhood.
(ZDNet)
IBM says chip shortage could last two years
IBM President President Jim Whitehurst says that many firms have seen production delays because of a lack of semiconductors, triggered by the pandemic. The shortage has been exacerbated by surging demand for TVs, phones, and gaming consoles while consumers are stuck at home, paired with shutdowns of factories for the same pandemic reason. IBM licenses its microprocessor technology to the world’s biggest chip makers such as Intel, TSMC and Samsung. Whitehurst told BBC News, “we are looking at couple of years […] before we get enough incremental capacity online to alleviate all aspects of the chip shortage.”
(BBC News)
Ireland shuts down hospital computer systems nationwide after ransomware attack
Ireland’s public health care system, known as the Health Service Executive or HSE, shut down all of its computer systems nationwide Friday after hospital administrators became aware of a cyberattack late Thursday. All medical equipment at Ireland’s hospitals remained operational, according to the Irish Times, but registration and record-keeping reverted to pen and paper. The nation’s ambulance service continued to operate normally, and covid-19 vaccinations were still taking place. The disruption was still occurring as of Sunday.
(Gizmodo)
CISA to pilot secure cloud instance in response to SolarWinds
CISA will use some of the $650 million it received through the American Rescue Plan to test out a new way to secure agency cloud instances. Brandon Wales, the acting director of CISA stated at the Security and Governmental Affairs hearing on Tuesday, that one of the real lessons out of SolarWinds was the exploitation of cloud environments. CISA will “stand up a secure, threat hardened cloud environment. We will pilot that out and then promulgate the reference architecture across the federal government to help improve the security of cloud environments for all of our federal partners.”