Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

UK Water company now safe after Ransom Claims

The South Staffordshire PLC, which owns South Staffs’ Water supplies, confirmed that they had indeed suffered a cyber attack on August 15th. This attack disrupted the internal network.

A spokesperson for the South Staffordshire PLC said, “As you’d expect, our number one priority is to continue to maintain safe public water supplies. This incident has not affected our ability to supply safe water, and we can confirm we are still supplying safe water to all of our Cambridge Water and South Staffs Water customers.”

The perpetrator has claimed to have large amounts of data of South Staffordshire PLC that has been threatened to be released if the ransom is not paid. They have also claimed they had access to a SCADA System that controls industrial processes at the treatment plants and other facilities.

The Ransom group also claimed, “It would be easy to change chemical composition for their water, but it is important to note we are not interested in causing harm to people.”

Although it is not clear how the group gained access to the network, a report was released with thousands of exposed Virtual Network Computing instances managed by a Global Critical Infrastructure. This included organisations within the water treatment organisation.

It is vital to ensure all aspects of your organisation are protected and up to date. Network segmentation can also create barriers to specific areas of your network, further protecting your network from lateral movement and the spread of ransomware.

Neu Cyber Threats

CISCO Hacked by Yanluowang Ransomware Gang

CISCO is a well-known brand that develops Networking Equipment. The Firm fell victim to a cyber attack back on May 24th. The attack was successfully performed by the ransomware group Yanluowang. They gained access to the CISCO network and exfiltrated data which was published on their website on August 10th.

The Hacker group gained access to the network through a compromised employee’s Google account. The account had all the information synced from their browser. It allowed the attackers to see all the passwords that had been saved to their browser. This included the CISCO VPN username and password the employee had saved to their browser.

The published information included the Box Cloud storage folder associated with the compromised employee’s account and does not appear to have any valuable data.

It is important not to save business-critical information to browsers, and the use of Password Manager Tools allows for the safe storage of passwords and information. It is also essential to ensure staff safety training is provided to help protect their employee, which in turn help protect your organisation.

CCTV is a way in for attackers

CCTV is a standard implementation in most organisations now and acts as a security infrastructure and the ability to view sites both within the network and sometimes externally from the network. With this, it is vital to understand how to protect your CCTV systems and their network.

Attackers have used CCTV as an entrance to organisations’ networks as they are often forgotten about and have vulnerabilities making them prime targets. The attackers than can use lateral movement to spread throughout the network.

So, what can you do to protect your CCTV systems? Ensuring all systems are patched with the most up-to-date security updates and having the accounts that access these systems utilise a nice complex password are great starting points. If the system is needed to be accessed remotely, consider using a VPN connection instead of opening the service to the outside world. You can also segment things like your CCTV system from the rest of your network so that the attacker is restricted as to where they can go if compromised.

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.