Resources

October's security round up

Written by Chloe Schofield | Oct 31, 2023 9:45:37 AM

Let's look at the most recent hacks and threats against organisations in October, starting with the Royals.

Royal Family’s official website targeted

At the start of October, a DDoS attack was launched on the royal website. The site remained operational on Sunday, 1st October, but appeared to perform additional security checks before granting users access.

According to a royal source, the incident was not a hack and no access to the website was gained. Although it has not been proven who was behind the attack, Russian hacking organisation Killnet did write about it on their Telegram channel, claiming responsibility of the event.

Cyber criminals take advantage of chatbots

Scientists from the University of Sheffield discovered that chatbots can be programmed to generate malicious code.

AI tools are sweeping the world and garnering a lot of attention. It's no surprise that they're another entry point for cybercriminals. And this is exactly what researchers at the University of Sheffield discovered. The Department of Computer Science determined that it is possible to mislead chatbots like ChatGPT into developing code that can be used in a cyberattack to access other systems.

The research found that chatbots could be exploited to assist in stealing sensitive personal information, destroying, or tampering with databases, and disrupting services in DDoS assaults.

Vulnerabilities were found in six commercial AI technologies, including ChatGPT. Baidu-Unit, a Chinese platform, was targeted by researchers who deployed malicious code to obtain confidential Baidu server configurations and interfered with one server node. Baidu was made aware of the flaws and has now corrected them.

A university PHD student stated that the issue with chatbots is that they are increasingly being utilised as productivity tools rather than conversational ones, raising the possibility of everyday users unintentionally creating faulty codes that might be potentially harmful.

Exploitation of Cisco IOS XE vulnerabilities

On 23rd October, the NCSC published an article recommending businesses to take action to resolve Cisco IOS XE vulnerabilities (CVE-2023-20198 and CVE-2023-20273).

The cybersecurity centre provided this article in response to a Cisco alert message exposing two exploited vulnerabilities affecting Cisco IOS XE equipment. Exact information can be found here.

Dual ransomware attacks are on the rise

At the end of September, the FBI saw an increasing trend of dual ransomware attacks against businesses that occurred in quick succession. It was found that two different ransomware strains were employed during the attacks, creating a dangerous mix of tools.

The strains involved combinations of data encryption and exfiltration. The significance of these dual ransomware attacks is that the second attack usually occurs within 48 hours of the first, harming an already susceptible system and providing a greater risk to an organisation's data.

Cybercriminal arrests

34 members of a cybercriminal organisation based in Spain were arrested after law enforcement conducted targeted searches in various Spanish towns. The anonymous criminal group was responsible for a variety of computer scams, including email and SMS phishing, and stole the personal information of over 4 million people.

It is estimated that the profit from reselling stolen data to other criminal groups is over €3 million.

Final thoughts

No organisation is immune to attack, regardless of its size, sector, or location. To avoid the long-term consequences of cyberattacks, every business should strive for robust defence.

Next month, we will continue to keep you up to date on the latest dangers. Please contact the Brigantia team to explore your cybersecurity requirements.