Just three and then some . . .
Hackers attack UK water supplier but extort wrong company
Bill Toulas
South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack.
As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn’t impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water.
“This is thanks to the robust systems and controls over water supply and quality we have in place at all times, as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis,” explains the statement published on the company’s site.
Also, South Staffordshire Water reassures its customers that all service teams are operating as usual, so there’s no risk of extended outages due to the cyberattack.
Clop misidentifies victim?
Meanwhile, the Clop ransomware gang claimed Thames Water as their victim via an announcement on their onion site today, alleging to have accessed SCADA systems they could manipulate to cause harm to 15 million customers.
Thames Water is UK's largest water supplier and wastewater treatment provider, serving Greater London and areas surrounding river Thames.
The hackers allege to have informed Thames Water of its network security inadequacies and claim that they acted responsibly by not encrypting their data and only exfiltrating 5TB from the compromised systems.
However, following a supposed collapse in the negotiations of the ransom payment, the actors published the first sample of stolen data that includes passports, screenshots from water treatment SCADA systems, driver’s licenses, and more.
Thames Water has officially disputed these claims via a statement today, saying that reports of Clop having breached its network are "cyber-hoax" and that its operations are at full capacity.
One key detail in the case is that among the published evidence, Clop presents a spreadsheet with usernames and passwords, which features South Staff Water and South Staffordshire email addresses.
Additionally, BleepingComputer observed, one of the leaked documents sent to the targeted firm is explicitly addressed to South Staffordshire PLC.
As such, it’s very likely that Clop misidentified their victim or that they are attempting to extort a much larger company using false evidence.
This attack comes during dire drought times for UK consumers, with eight areas in the country imposing water ration policies and hosepipe bans.
Cybercriminals don’t pick their targets randomly, as hitting water suppliers during harsh drought periods could apply insurmountable pressure to pay the demanded ransom.
For this to happen, though, Clop has to redirect its threats to the correct entity, but considering the publicity the matter has taken, it’s probably too late for that.
- August 16, 2022
- 05:05 AM
- 0
✓ 1
CS:GO trading site hacked to steal $6 million worth of skins
CS.MONEY, one of the largest platforms for trading CS:GO skins, has taken its website offline after a cyberattack allowed hackers to loot 20,000 items worth approximately $6,000,000.
- AUGUST 16, 2022
- 09:59 AM
1
✓ 2
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers
A dozen malicious Python packages were uploaded to the PyPi repository this weekend in a typosquatting attack that performs DDoS attacks on a Counter-Strike 1.6 server.
- AUGUST 15, 2022
- 06:03 PM
- 0
Twilio hack exposed Signal phone numbers of 1,900 users
Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month.
- AUGUST 15, 2022
- 05:46 PM
- 0
Microsoft disrupts Russian hackers' operation on NATO targets
The Microsoft Threat Intelligence Center (MSTIC) has disrupted a hacking and social engineering operation linked to a Russian threat actor tracked as SEABORGIUM that targets propland organizations in NATO countries.
- AUGUST 15, 2022
- 02:22 PM
- 0
Russian hackers target Ukraine with default Word template hijacker
Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notoriousOk
✓ 3
Callback phishing attacks see massive 625% growth since Q1 2021
Phishing is constantly evolving to bypass user training and email protections, and as threat actors adopt new tactics with better success ratios, quarterly stats reflect interesting threat trends on multiple fronts.
- AUGUST 15, 2022
- 10:32 AM
- 0
No comments:
Post a Comment