Trending Topics Cybersicherheit – June 2022
SECURITY INSIGHTS | 1 July 2022
Myra’s monthly security highlights present IT decision-makers and security specialists with the most relevant topics from the world of cybersecurity. Hacker trends, defense strategies, and reports on cyber attacks, hacker campaigns, etc. are available here in a clearly laid out format.
Arne Schönbohm, President of the BSI (Federal Office for Information Security), currently sees a significantly heightened threat level due to cyberattacks in Germany. Schönbohm made this statement at the “Potsdam Conference for National Cyber Security” at the end of June. Although no centrally coordinated campaign has been identified so far, cyberattacks are having an increasingly frequent impact on the everyday lives of people in Germany, he said.
A large-scale cyberattack on an IT service provider, for example, affected several energy companies in the Rhine-Main region: The targets of the attack included the public utility company Mainzer Stadtwerke and the Darmstadt-based company Entega, as reported by Hessenschau and others. As a result of the attack, the websites and e-mail servers were unavailable; also affected were the websites of the public transportation provider Mainzer Mobilität and the local pool Taubertsbergbad.
The city of Kassel suffered a similar fate: a cyberattack on the servers of the Kassel municipal cleaning service led to a network outage. According to the city of Kassel, as yet unidentified persons managed to penetrate the company’s network, which had multilevel security in place. The attack had no effect on regular waste disposal and street cleaning. However, it was no longer possible to collect bulky or electronic waste from individual homes because, among other things, the schedule database had been destroyed.
Political parties and federal authorities are also increasingly becoming the targets of cyberattacks. On May 30, the internal network of the Bündnis 90/Die Grünen party was hit. The intranet known as the “Green Network” was attacked. According to a party spokeswoman the attack did not involve a “large amount of data”. However, it is not yet known exactly what data was taken and whether it included sensitive information.
BaFin: Increased risk of cyberattacks on the financial sector
At the beginning of June, BaFin warned for the second time within a matter of days of repeated attacks on IT infrastructure. The warning concerned DDoS attacks in particular. In its warning for the German financial sector, BaFin referred to the “Security Notice for Business” issued by the German domestic intelligence services (Verfassungsschutz).
Find out moreCyberattack on the Green Party’s internal IT system
The party’s intranet, known as the “Green Network”, was attacked by cybercriminals on May 30. It is not yet known exactly what data was taken and whether it included sensitive information. According to a party spokeswoman, however, it did not involve a “large amount of data”.
Find out moreCyberattack on authorities and energy suppliers in the Rhine-Main region
A ransomware attack targeted the websites of Mainzer Mobilität (public transportation), Mainzer Stadtwerke (public utility company), Mainzer Netze Gesellschaft (public services) and Taubertsbergbad (public swimming pool), some of which could not be accessed as a result of the attack. According to the Mainzer Stadtwerke, however, there were no outages of critical infrastructure.
Find out moreIT systems of University of Applied Sciences paralyzed after cyberattack
A “major IT security problem” led to the shutdown of all IT systems connected to the Internet on June 21, according to Münster University of Applied Sciences. The IT incident will probably also have an impact on exams, according to a spokesperson for the university.
Find out moreSwiss pharmaceutical company targeted by cybercriminals
According to the website BleepingComputer, information related to Novartis has been offered for sale on the Darknet for $500,000 payable in Bitcoins. The information allegedly came directly from the laboratories of a Novartis factory associated with testing drugs based on RNA technologies. According to Novartis, however, the theft of sensitive data can be ruled out.
Find out moreFailed: Digital health apps put to the test
The hacker collective Zerforschung has scrutinized two digital health applications (DiGAs) and found significant security flaws. The apps are designed to support patients suffering from depression and breast cancer. Sensitive data such as mail addresses, therapy programs, plain text passwords, diagnoses, diary data and doctor’s reports could be accessed.
Find out moreFailed: Digital health apps put to the test
The hacker collective Zerforschung has scrutinized two digital health applications (DiGAs) and found significant security flaws. The apps are designed to support patients suffering from depression and breast cancer. Sensitive data such as mail addresses, therapy programs, plain text passwords, diagnoses, diary data and doctor’s reports could be accessed.
Find out moreBSI chief warns of hacker attacks in Germany
Although no centrally coordinated campaign has been identified so far, Arne Schönbohm, President of the BSI (German Federal Office for Information Security), sees a significantly heightened threat level due to cyberattacks in Germany. Schönbohm said this at the “Potsdam Conference for National Cyber Security”.
Find out moreLarge-scale cyberattack on Lithuania
Lithuania has been hit by a large-scale cyberattack, according to the country’s government. As the Ministry of Defense explained, state institutions as well as private companies were subjected to fierce DDoS attacks. The worst attacks were quickly brought under control.
Find out morePrice drop for stolen credit cards on online black market
A study by Privacy Affairs has exposed huge growth rates in the online black market for stolen credit cards and hacked PayPal and cryptocurrency accounts. As a result of this growth, prices are already plummeting for some items.
Find out moreFBI seizes domains used for the sale of stolen data and DDoS services
The FBI and the U.S. Department of Justice recently seized three domains that cybercriminals had used to sell stolen data and DDoS attack services. As a result of the international law enforcement operation with the Dutch National Police Corps and the Belgian Federal Police, one suspect was arrested, server infrastructure was seized, and several sites were searched.
Find out moreFlubot: Europol seizes Android spyware infrastructure
The spyware known as FluBot infects Android devices, spreads aggressively via SMS, and steals passwords, online banking details, and other sensitive information. According to Europol, the Dutch police took over the associated infrastructure back in May, disabling this strain of malware.
Find out moreOperator of DDoS-for-hire service “Downthem” sentenced to two years in prison
Matthew Gatrel of St. Charles, Illinois, violated the Computer Fraud and Abuse Act (CFAA). He was sentenced to two years in prison for operating two DDoS-for-hire services through which thousands of customers had paid to carry out more than 200,000 attacks.
Find out moreEuropol succeeds in striking a blow against phishing gang
A Europol cross-border operation involving Belgian and Dutch police led to the dismantling of an organized crime gang involved in phishing, scams and money laundering. Firearms, ammunition, jewelry, electronic devices, cash and cryptocurrencies were seized during the investigation.
Find out moreBSI publishes technical guidelines for the security of digital health applications
The security requirements for different areas of healthcare applications have been written to provide further guidance to manufacturers and operators. The Technical Guideline (TR) includes several sections with requirements for mobile applications (TR-03161-1), web applications (TR-03161-2) and background systems (TR-03161-3).
Find out moreAttackers exploit zero-day vulnerability in Atlassian Confluence for remote code execution
Attackers are using a zero-day vulnerability in Confluence Server and Data Center to deliver malicious code to vulnerable systems. Atlassian has since released patched versions of the affected products. With the Myra Hyperscale WAF you can protect your systems until the migration to these patched versions has taken place.
Find out moreWhat is an Autonomous System and what are AS Numbers (ASN)?
Autonomous Systems (AS) are typically larger IP network associations that are managed by a single routing policy. For identification purposes, a unique Autonomous System Number (ASN) is assigned to each AS. The individual Autonomous Systems (AS) together make up the Internet.
Find out moreWhat is DNS over TLS?
DNS over TLS (DoT) is a protocol for the encrypted transmission of DNS (Domain Name System) queries. Name resolution on the Internet is typically transmitted unencrypted via UDP. With DoT, however, the assignment of domains and the associated IP addresses is encrypted using the Transport Layer Security (TLS) protocol.
Find out moreWhat is an Identity Provider (IDP)?
Identity providers (IDPs) are central access systems for service providers. Users make use of IDPs to verify their identity via password and/or other factors in order to log in to local devices or Internet accounts.
Find out moreRelated articles
SECURITY INSIGHTS
20 November 2020
SECURITY INSIGHTS
28 February 2022
SECURITY INSIGHTS
28 October 2021