Search results for: norsk hydro


Ransomware has become a cost of doing business

It’s easy to see why ransomware aimed at businesses is such a cash cow for criminals: for every Norsk Hydro and Fujifilm that refuses to pay the ransom, there is a Colonial Pipeline and JBS USA that pays up millions. A recent Randori survey that polled 400 security decision-makers across the US confirms that impression: among the companies that were hit by ransomware in the past two years, 47% have paid the ransom. How many … More

pipeline biohazard

What the pipeline attack means for critical infrastructures

The big news in critical infrastructure security is the ransomware-triggered shutdown of the Colonial gasoline pipeline – the largest such pipeline in the USA. The attack has been attributed to the DarkSide ransomware group. The group subsequently posted an apology on their website saying “they didn’t mean” to impact critical infrastructure. We’re joined today by Lior Frenkel, CEO and Co-Founder of Waterfall Security Solutions. Mr. Frenkel founded the company specifically to address the then-emerging threats … More


The anatomy of an endpoint attack

Cyberattacks are becoming increasingly sophisticated as tools and services on the dark web – and even the surface web – enable low-skill threat actors to create highly evasive threats. Unfortunately, most of today’s modern malware evades traditional signature-based anti-malware services, arriving to endpoints with ease. As a result, organizations lacking a layered security approach often find themselves in a precarious situation. Furthermore, threat actors have also become extremely successful at phishing users out of their … More


Danish company Demant expects to suffer huge losses due to cyber attack

Danish hearing health care company Demant has estimated it will lose between $80 and $95 million due to a recent “cyber-crime” attack. Though the company has yet to share details about the “IT infrastructure incident”, it is widely believed to be the work of ransomware-wielding attackers. What is known? The attack started on September 2 and, apparently, the company quickly decided to shut down IT systems across multiple sites and business units: Still, the reaction … More


Week in review: Crafty Office 365 phishing, how DNS firewalls can burn security teams

Here’s an overview of some of last week’s most interesting news and articles: Phishers targeting Office 365 admins have a new trick up their sleeve Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are valid, the victims are redirected to their real Office 365 inbox. Healthcare’s blind spot: Unmanaged IoT and medical devices Depending on … More


The need for scalable OT security

As manufacturers and other industrial network owners are becoming more security conscious, they are coming up against security performance issues. Operational Technology (OT) networks are increasingly becoming targets for cyberattacks, yet many of the existing solutions for OT security are not designed for the high volume of traffic on these networks. Recent incidents such as the attack against Norsk Hydro have proven yet again that any OT network, whether operating a manufacturing plant, critical infrastructure, … More


Cybersecurity crisis communication: How to do it well

Riviera Beach is one of the several cities and towns in Florida which have recently been hit with ransomware. Its local government, like that of Lake City before it, decided to pay the ransom demanded by the attackers to get their files decrypted. They have also chosen to hire “an experienced crisis communications manager” and have been telling journalists to direct all questions regarding the incident to that public relations firm. So, what does crisis … More


Ransomware disrupts worldwide production for Belgian aircraft parts maker

ASCO Industries, a manufacturer of aerospace components with headquarters in Zaventem, Belgium, has been hit with ransomware, which ended up disrupting its production around the world. The attack reportedly started on Friday and the extent of the internal damage is still unknown. About ASCO Industries ASCO Industries is a privately held company that was acquired by Kansas-based Spirit AeroSystems in 2018. At the time it had 1,400 employees world-wide. It designs and manufactures wing components, … More


Another European manufacturer crippled by ransomware

Aebi Schmidt, a Switzerland-based manufacturer and provider of municipal and agriculture machinery, has apparently been hit by ransomware. What happened? “Due to an IT system failure, the Aebi Schmidt Group can temporarily neither receive nor send emails,” the company announced on Thursday. “The IT system failure is due to an attempt by third parties to infiltrate malware into our systems. More and more companies worldwide are being affected by such attacks.” At the moment, only … More

BEC scams

Latest numbers show why BEC/EAC scams are here to stay

Extortion has become the second most often reported type of cybercrime, but BEC/EAC scams still reign supreme when it comes to monetary loss (or criminals’ earnings), the latest IC3 Internet Crime Report has revealed. BEC/AEC scams are the most lucrative In 2017, FBI’s Internet Crime Complaint Center (IC3) reported that the BEC/EAC complaints they dealt with (15,609) came with an approximate $676 million loss. In 2018, the BEC/EAC complaints were 20,373, but the losses reached … More


The unique business-critical threats facing converged IT-OT systems

Manufacturing networks still running outdated technology could risk their intellectual property and production processes. The Trend Micro report, Securing Smart Factories: Threats to Manufacturing Environments in the Era of Industry 4.0, outlines the security dimension of a new era for manufacturing driven by IoT and connectivity everywhere. Manufacturers are heavily investing in the convergence of traditional operational technology (OT) with IT networks in 2019, adding new technology to environments that are still vulnerable to more … More


A LockerGoga primer and decrypters for Mira and Aurora ransomwares

There’s some good news for victims of the Mira and Aurora ransomwares: free decrypters have been made available. New decrypters F-Secure has released a decrypter for victims of the Mira ransomware. (You’ll known you’ve been hit if the encrypted files sport the .mira extension.) “Most often, decryption can be very challenging because of missing keys that are needed for decryption. However, in the case of Mira ransomware, it appends all information required to decrypt an … More