Skip to main content

Cyber News Rundown: Canadian Maple Leaf Foods targeted by weekend cyberattacks

Canadian food producer Maple Leaf Foods suffer an attack that caused numerous operational outages. The outages were spread across the company’s 21 manufacturing facilities, and they currently don’t have an estimate for when they’ll return to normal operation. In other cybersecurity news, Azov ransomware has been wreaking havoc by corrupting system files without abandon.

Azov ransomware corrupts, rather than encrypting

Researchers have been investigating the recent mass-distribution of Azov Ransomware, which leaves a ransom note with only journalists as contact points and corrupts all system files instead of using encryption. After hiding on a system for a pre-determined amount of time, the malware begins corrupting each file in 666-byte increment cycles, leaving the alternate 666 bytes original. The reasoning behind distributing wiping malware is still unclear, as it provides little gain to the distributor other than covering up tracks of possible nefarious activity that took place on the system.

ALMA Observatory suffers cyberattack

The Atacama Large Millimeter Array (ALMA) observatory in Chile fell victim to a possible ransomware attack that forced many of their systems offline, including all astronomical work and public-facing webpages. The overall extent of the attack is still unclear, as well as the initial attack vector, since the observatory has extremely limited email services. With ALMA being the world’s most expensive observatory, this attack proves that even top-of-the-line organizations can be compromised by a malicious email or lack of patching against the latest malware campaign tactics.

Ransomware confirmed in Medibank breach

A month after a cyberattack compromised the internal systems of Medibank, officials have confirmed that it was ransomware, and that the company had refused to pay for the return of their files. The attack has affected 9.7 million individuals who are either current or former customers of the insurance provider, and includes health records, sensitive identification data, and even passport information for international customers. Fortunately, Medibank does not store any payment card or banking information but affected customers should still be wary of phishing attempts or suspicious emails.

Cyberattack shuts down Maple Leaf Foods

One of Canada’s largest food producers, Maple Leaf Foods, has suffered operational outages due to a cyberattack over the weekend. The levels of service outages seem to vary across the company’s 21 manufacturing facilities, and investigations into the incident are still underway, with no current estimate for operations to return to normal. Hopefully, the IT staff were prompt in their response to this incident and were able to minimize any additional damage to the network.

Continental automotive group targeted by LockBit ransomware

The actors behind LockBit ransomware have recently leaked stolen data from the cyberattack on the Continental automotive group, back in August. The group demanded a ransom for the data before making it available, though they also haven’t posted any proof of the data’s authenticity. Officials for Continental still claim that the August attack was quickly identified and stopped, without causing any disruptions, though the deadline for paying the ransom will reveal the true extent of LockBit’s alleged intrusion into their systems.

@ConnorM  Thank you, some very interesting times we are living in. “corrupts all system files instead of using encryption” 3-2-1-1 backup rule is now more important than ever. 


Thanks for posting.

I wonder how often I talk about backups with customers!


The one missing thing in all these reports we hear about… what protection was supposed to be running on the systems that failed, and allowed the event to happen? THAT would make for some very interesting reading!


The one missing thing in all these reports we hear about… what protection was supposed to be running on the systems that failed, and allowed the event to happen? THAT would make for some very interesting reading!

It certainly would. But I'm not sure victims will want to publicly announce what failed. Not good press!


Thank you for these updates. It is almost as good as a morning cup of coffee to get the ol’ ticker up and running! 😀
 

I wonder how often I talk about backups with customers!

Well, for me it seems daily! 


Thank you for these updates. It is almost as good as a morning cup of coffee to get the ol’ ticker up and running! 😀
 

I wonder how often I talk about backups with customers!

Well, for me it seems daily! 

Yes. And “daily” is often mentioned along with the word ‘backups’!


I wonder how many Ransomware victims refuse to pay the ransom. Seems like file recovery is a mixed bag. Takes forever and may or may not work on everything.

I wonder what prompted Medibank to pass on paying the ransom.


I wonder how many Ransomware victims refuse to pay the ransom. Seems like file recovery is a mixed bag. Takes forever and may or may not work on everything.

I wonder what prompted Medibank to pass on paying the ransom.

I didn’t!  My Windows machine got encrypted and contained messages about payment. I found a number of unencrypted folders and pulled them to an external drive and scanned them for viruses. Then I did a low level format on the main drive, new boot sectors and restored the previous days backup. That I scanned as well and all was clean.  I found a few newer files in the saved folders and was back up in less than 4 hours!  I can’t see anything missing. A lot cheaper than payment for sure. 


Good on you for having backups. I think I’m so used to hearing these major companies don’t have viable backups that I made an assumption here. Would make sense if that’s the case.


Why no decent backups?! Bane of my life!


Thanks Connor as always!


Thanks for a new cyber news update. The hackers should have had more to chew on at Maple Leaf….


It’s so frustrating and overwhelming for small IT departments to try and stay on top of these types of threats…..


Reply