Search This Blog

Showing posts with label Ransom Attack. Show all posts

Canadian IoT Solutions Provider, Sierra Wireless Hit by a Ransomware Attack


Sierra Wireless, a Canadian IoT solutions provider said that it has reopened its manufacturing site's production after the company suffered a ransomware attack that breached its internal infrastructure and official website on March 20. When the company came to know about the attack, it called one of the world's best cybersecurity firms "KPMG," to help Sierra Wireless in the investigation and inquiry of the incident.

According to Sierra Wireless, "security is a top priority, and Sierra Wireless is committed to taking all appropriate measures to ensure the highest integrity of all of our systems. As the investigation continues, Sierra Wireless commits to communicating directly to any impacted customers or partners, whom we thank for their patience as we work through this situation." 

Currently, the staff at Sierra Wireless is working on re-installing the company's internal infrastructure, after the corporate website was brought back online. Besides this, the Canadian MNC said that ransomware attacks couldn't breach services and customer-oriented products as the internal systems that were attacked were separated. The company believes that the scope of the attack was limited to Sierra Wireless' corporate website and internal systems, it is confident that the connectivity services and products weren't affected, and the breach couldn't penetrate the systems during the incident. 

As of now, the company isn't expected to issue any firmware or software security updates or product security patches, which are generally required after the ransomware attack. The company hasn't disclosed the ransomware operator behind the attack, it has also not specified what data was stolen from the incident before the encryption could happen. 

The attack happened in March, after that the company took back its Q1 guidance. A company spokesperson said that Sierra wireless won't reveal any further information regarding the attack as per the company protocol, because the data involved is highly confidential and sensitive. Bleeping Computer reports, "Siera Wireless' products (including wireless modems, routers, and gateways) sold directly to OEMs are being used in IoT devices and other electronic devices such as smartphones, and an extensive array of industries." Stay updated for more news.

Data Analytics Agency Polecat Held To Ransom After Server Exposed 30TB Of Records

 


On October 29, 2020, the Wizcase CyberResearch Team which was lead by Ata Hakcil has discovered that the server ‘Elasticsearch’ which is being owned by Polecat company, displayed about 30TB of record data on the website without any authentication required to access the records or any other form of encryption in place. 

A UK-based data agency ‘Polecat’ that provides “a combination of advanced data analytics and human expertise, [to help] the world’s largest organizations achieve reputation, risk, and ESG (environmental, social, and governance) management success” its official website reads. 

Researchers team had found records dating back to 2007 containing important information including employees’ usernames and passwords, social media records, around 6.5 billion tweets, and around one billion posts that generated from independent websites and blogs. 

Polecat’s cyber research team ‘Chase Williams’ has reported its discovery in a blog post which has been published on First March of 2021. 

The public information collected by the Polecat organization is gleaned on a foundation of daily happening events including subjects such as Covid-19, politicians, firearms, racism, and healthcare. Polecat was warned by the Wizcase research team about the data ransom on October 30 and the first of November 2020. Nevertheless, it just takes some seconds for an open unsecured server or bucket to be traced and exploited by malicious actors – and this took place a day after the researcher’s findings. 

“On October 30, a Meow attack was launched against the database. Meow attacks replace database indexes with the suffix ‘gg-meow’, leading to the destruction of swathes of data” Wizcase said. 

Additionally, it added “approximately half of the firm’s records were wiped, and then in a second wave a further few terabytes of information were deleted. At this point, roughly 4TB remained in the server. Most of these records were then destroyed and a ransom note was spotted by the researchers that demanded 0.04 Bitcoin (BTC) – roughly $550 at the time – in return for the files’ recovery”. 

Wizcase research team has warned against these types of scams by saying that it is very essential to note that these types of cyberattacks are usually automated and sent to many unprotected open databases.