The Queensland University of Technology (QUT) is just the latest higher education institution to suffer a ransomware attack. With many of their systems forced to shut down after the attack, they’ve warned students and staff that they might face disruptions during the beginning of the semester. In other cybersecurity news, LockBit made headlines for attacks against the Port of Lisbon and locomotive giant Wabtec Corporation.
Queensland University of Technology suffers ransomware attack
At the starting of the new year, officials for the Queensland University of Technology (QUT) in Australia revealed that their computer systems had been the victim of a ransomware attack, which had forced the institution to shut down many of their systems. While the university plans to re-open this week, they have alerted students and staff that disruptions to normal operations are to be expected in the following weeks. The Royal ransomware group has claimed responsibility for the attack and have already begun posting data from the attack on their dark web leak site, though the authenticity of the files is still undetermined.
LockBit takes down Port of Lisbon website
On Christmas Day, the main website for the Port of Lisbon, one of the largest ports in Portugal, suffered a ransomware attack by the LockBit ransomware group. Shortly after the attack, an announcement was posted to the LockBit group’s leak site stating that they would be leaking all the stolen data on January 18th if the ransom hasn’t been paid. The website for the Port of Lisbon is still inactive, and the impact of this attack on the Port’s daily operations won’t be clear for quite some time.
Major locomotive corporation falls victim to LockBit
Following a months-long investigation into an unauthorized network intrusion at the locomotive giant, Wabtec Corporation, officials have finally released a notice to customers about a confirmed data breach. The LockBit ransomware group quickly took responsibility for the attack and posted the stolen data to their leak site on August 20th. While the investigation didn’t end until late November, officials for Wabtec only began informing customers that a significant amount of their data had been compromised at the very end of December.
Ransomware takes down Copper Mountain Mining Corp.
Towards the end of December, the Copper Mountain Mining Corporation (CMMC) revealed that their systems had fallen victim to an unidentified ransomware attack, which caused many of their operations to be shut down temporarily. Fortunately, the mining company has implemented strong security protocols and quickly identified the attack and isolated the affected systems to prevent further spread. Officials are still working to determine the overall extent of the intrusion, or if any data was stolen during the incident.
LockBit delivers decryptor to unintended ransomware victim
After a record-breaking year by the LockBit ransomware group, the threat actors behind the organization did something quite unexpected: delivering a ransomware decryptor to a children’s hospital that was victimized by an affiliate of the Ransomware-as-a-Service, along with an apology for the inconvenience. The actors behind LockBit have made it clear that users of their service are not to target organizations that provide life-saving procedures and have since banned the offending affiliate.
