Trending Topics Cybersecurity – January 2023 

The top IT security topics in January

IT-Security-Trends

Cyber incidents and business interruptions are the biggest business risks globally in 2023

This is according to the latest Allianz Risk Barometer. "For many businesses, the threat of cyber attacks remains greater than ever, and cyber insurance claims remain at a high level," comments Shanil Williams, AGCS board member, on the survey's findings.

Executives are particularly vulnerable to phishing attacks

Three times more often than employees, decision-makers are victims of phishing attacks. This is confirmed by Ivanti's "State of Security Preparedness 2023" study. In 2022, two out of three CXOs are said to have been the target of such attacks. Around one-third of all executives have already fallen victim to phishing attacks in the past.

Risks in the focus of Bafin 2023: Increase in cyber attacks with serious impact

The German Federal Financial Supervisory Authority (BaFin) classifies cyber attacks as one of the greatest risks for the financial sector. Digital monetary assets and sensitive data are attractive assets for cybercriminals. The threat from external attacks is therefore still considered to be extremely high.

Cybercrime

DDoS attack campaign on German authorities, airports and banks

A coordinated wave of DDoS attacks caused outages on the websites of German authorities, airports and banks at the end of January. It is seen as a reaction to Germany's decision to supply tanks to Ukraine. The Killnet group is said to have claimed responsibility for the attacks via Telegram.

Public administration in Potsdam still offline

After a serious cyber attack at the end of December 2022, the Potsdam city administration had taken its IT systems offline as a precaution. Less than a month later, the reboot into regular operation had to be aborted after just one day. It could not be ruled out that professional criminals would try to access data, said Mayor Mike Schubert (SPD) about the cyber incident.

Around 1,000 ships affected by cyber-havoc on fleet management system

A ransomware attack on the ship fleet management software Shipmanager has crippled the IT infrastructure behind it. Around 70 customers or 1,000 ships are affected – they now have to operate offline.

Credential Stuffing: attack on PayPal

Via credential stuffing attacks performed by automated bots, cybercriminals have managed to hijack around 35,000 PayPal accounts and access the information stored there. This includes names, dates of birth, mailing addresses, social security numbers, tax numbers, transaction history, details of connected credit or debit cards, and billing information. However, the attackers are said not to have transferred any funds.

DDoS attack wave on Danish banks and financial service providers

Several of Denmark's largest and most important banks and financial service providers have fallen victim to an orchestrated wave of DDoS attacks. The group "NoName057(16)" is said to be behind the attacks. The attacks were announced under their name on the Telegram platform.

E-bike manufacturer Prophete: Cyber attack drove company into insolvency

A cyber attack is said to have played a significant role in the insolvency of Prophete, a bicycle and e-bike manufacturer based in Rheda-Wiedenbrück, Germany. The attack resulted in a business outage that lasted several weeks.

2022 broke all records: DDoS attacks on Russian ISP

As Russian Internet Service Provider (ISP) Rostelecom reveals in a recent report, the cyber threat situation has become extremely severe over the past year. In total, more than 500,000 DDoS attacks were identified. The most powerful attack, at 760 Gbps, was twice as strong as the strongest attack of the previous year. The longest attack lasted almost three months.

Cyber attack paralyzes IT of TU Freiberg

Cyber criminals have managed to penetrate the systems of the TU Freiberg in Saxony. As a precautionary measure, the university's computer center was taken offline for this reason. Rector Klaus-Dieter Barbknecht explained in an interview with MDR that no data was leaked as a result of the intrusion attack.

Lockbit extorts port administration in Lisbon

US$1.5 million ransom is being demanded by the Lockbit ransomware group from the Lisbon port administration for the release of data. Among the data affected by the malware are said to be financial reports, contracts, cargo information, ship logs, crew details, customer information, email correspondence, and much more.

Best Practice, Defense & Mitigation

Security researchers hijack cars from numerous manufacturers

Unlocking, driving away, tapping personal data or taking over customer accounts: Security researchers have succeeded in launching these and other attacks via security holes in the APIs of numerous car manufacturers. Vehicles from Mercedes-Benz, Ferrari, BMW, Toyota and Porsche are said to be affected by faulty interfaces.

Authorities' smash ransomware group Hive

In international cooperation, law enforcement agencies from Germany, the Netherlands, the U.S. and other countries have managed to take control of the Hive ransomware network. For this purpose, numerous servers were seized and various data and accounts of the network and its users were secured.

German federal ministries lack IT security specialists

IT security specialists are in high demand on the job market. This is also reflected in the sluggish recruitment of IT security specialists by the federal ministries. According to a federal government response to a parliamentary question from the Left Party, one in five positions for IT security specialists is unfilled at the federal level.

Things to know

Cyber threat ChatGPT?

ChatGPT – a machine-learning-based natural language processing application – is increasingly attracting interest from cybersecurity professionals. They say there is concern that the software could be misused by attackers for phishing attacks and other frauds.

What is Whaling?

Whaling is a variant of (spear) phishing that targets C-level management. By means of elaborately forged emails, attackers try to persuade their victim to hand over valuable confidential data or transfer large sums of money.