Brief Summary of October 2020

Written By David Palmer OBE 

EXPLOSION IN RANSOMWARE ATTACKS

IBM reports that ransomware attacks ‘exploded’ in June, with twice as many as the previous month. It is clear that this trend is still accelerating, both in number of attacks and of ransom demanded, often as much as $40M. MS warns of continuously evolving Android ransomware ‘MalLocker B’. Ryuk ransomware (linked to Russian cyber crime) victims include Universal Health Service, affecting 400 hospitals in US, French IT giant Sopra Stenia and a London District council. A ransomware attempt to disrupt US election by Trickbot has been avoided, although it remains a major threat to healthcare, particularly following the COVID-19 crisis. A hacker failed in attempt to ransomware Vastaam Clinics (Finland), but a ransom of €200 is now demanded from its 40,000 individual patients. US Treasury reports that paying cash to hackers overseas can be illegal under economic sanctions, and offenders may face prosecution. Botnet attacks continue and have hacked Tenda IoT routers (Miral) and CMS platforms (KashmirBlack). Microsoft 365 global outages have occurred 3 times in Oct, affecting many applications including Teams – particularly serious as it affects so many home workers. Increases in cyber attacks have resulted in a sharp increase in patches and warnings from ISPs and Apps. Google fixed 35 flaws in Chrome and 50 in Android, Adobe fixed 9 Magneto vulnerabilities (2 critical). SonicWall VPN patched a critical vulnerability which could allow DDoS. EU Court declares that UK ‘mass surveillance’ regime is illegal; and UK also faces legal action over ‘Test and Trace’ data retention.  H&M (Germany) fined €35M for GDPR violations, and Irish data regulator launches GDPR probe into Instagram.

Previous
Brief Summary of September 2020

Add a comment

Email again: