Sophisticated Attacks Around the World.
1. The Volt Typhoon Campaign:
The month of May 2023 was marked by a series of major cyber attacks around the world. The US State Department has warned that China has the ability to launch cyberattacks against critical infrastructure, including oil and gas pipelines as well as rail systems. These statements were made after researchers discovered that a group of Chinese hackers were spying on these networks. A multinational alert revealed that this Chinese espionage campaign targeted military and government targets in the United States.
Microsoft analysts, who identified the campaign as Volt Typhoon, said it could disrupt critical communications infrastructure between the United States and the Asian region in future crises, a a nod to growing tensions between the United States and China over Taiwan and other issues. The group targeted critical infrastructure organizations in the US Pacific Territory of Guam and used FortiGuard devices from security firm Fortinet to break into the target networks.
2. Attacks Across the Globe:
In addition to this major espionage campaign, May saw many other cyberattacks around the world, affecting various sectors and industries.
Atos (FRA): French IT services giant Atos has been the victim of a computer attack that has crippled some of its online services and staff.
Ministry of Justice of Jordan: The Ministry of Justice of Jordan has reported a cyberattack on its computer system. The attack is under investigation.
B. Braun (DEU): German healthcare group B. Braun has reported a cyberattack that has affected its operation. The group has nearly 64,000 employees.
Swatch Group (CHE): Swatch Group, the Swiss watch giant, has been the victim of a cyberattack that has disrupted its operations. Efforts are underway to resolve the issue.
Cloudflare (USA): Cloudflare, an American company specializing in website security and performance services, suffered a cyberattack on May 25, 2023.
CNH Industrial (ITA): CNH Industrial, a global leader in industrial equipment, was hit by a cyberattack on May 25, 2023.
3. Impact on Hospitals and the Media:
Hospitals and the media have not been spared from these attacks. In Germany, the computer network of the "Gesundheit Nord" hospital group in Bremen was disconnected from the Internet after suspicious activity was discovered. Fortunately, the hospitals were able to continue to communicate with each other, but the employees were unable to access the Internet.
At the same time, KD Hospital in India fell victim to a ransomware attack, blocking access to all of its online systems, including patient data. The hackers demanded a ransom of $70,000 in bitcoins to decrypt the files. Hospital staff worked manually for a day before the servers were back up and running.
In the media sector, The Philadelphia Inquirer newspaper suffered a cyberattack that disrupted its operations over the weekend. The newspaper was unable to print its Sunday edition, but was able to continue publishing online.
4. French Companies in the Line of Sight:
In France, the outsourcer Group DIS reported a major computer attack. Many customers' websites have become unavailable. The attack was claimed by Alphv/BlackCat on May 15. Lacroix Electronics, the Côtes-d'Armor department, and Actu.fr are among the collateral victims.
LACROIX also suffered a targeted attack on its sites in France, Germany and Tunisia. Some systems have been encrypted and an analysis is underway to identify the exfiltrated data. The affected sites are closed for the week with a reopening scheduled for May 22.
Comments