The Month in Hacks: February 2019

Payroll provider forks over a ransom, Airbus employees targeted by Chinese hackers, and cyber attacks span all the way from the land Down Under to Norway in February's version of The Month in Hacks.

Payroll Provider Pays Up to Restore Service

Apex Human Capital Management, a payroll software provider, faced a difficult decision when they were hit with a ransomware attack this month. They were given the choice to weather an extended outage that would affect hundreds of their customers, or they could pay up. Chief Marketing Officer, Ian Oxman summed up their decision, “We paid the ransom, and it sucked.”

While none of their customer's data was touched, all their systems data was encrypted. As a result, service to their customers was severed, and all the company could do was pay up for an encryption key.

State-sponsored Hackers Foiled in Attack on Australian Federal Parliament

In a story that's still developing, a “sophisticated state actor” targeted the electoral system of Australia. The plot was revealed during an investigation of a breach of Parliament House's computer servers, according to the Australian Broadcasting Corporation (ABC). Currently, the source of the attack has not been confirmed but the attack targeted National, Labor, and Liberal parties in Australia.

Investigators did not uncover evidence that the attack had any effect on Australia's electoral systems though staffers have been advised to reset passwords. They'd likely do well to implement two-factor authentication while they're at it.

Hackers Steal Personal and IT Identification Info From Airbus European Employees

The European aerospace company, Airbus, was scant on details regarding a security breach that “resulted in unauthorized access to data.” They said that “some personal data was accessed” which included “professional contact and IT identification details” from Airbus employees.

Airbus is still reportedly investigating the attack but says that its operations are continuing as usual. Airbus's security team is still looking into what caused the hack and where it came from but said they've taken steps to bolster their defense against future attacks.

“Cloudhopper” Campaign Targets Norwegian Software Firm

Visma, a Norwegian software firm was the victim of an attack perpetrated by hackers sponsored by Chinese intelligence, according to TODAY. The attack was an attempt to steal trade secrets from Visma's clients and it's believed to have been part of an ongoing hacking campaign that cybersecurity firms and Western government have dubbed, “Cloudhopper.”

Visma's security manager said that the attack was unsuccessful but it could have been “catastrophic.” According to Paul Chichester, a cybersecurity expert at Britain's National Cyber Security Center, this attack was a clear example of the increasing threat of cyber attacks on corporate supply chains.

In short, this shows that even firms that don't house sensitive data can act as critical network access points for hackers. This makes enacting preventive measures such as two-factor authentication increasingly critical for companies of all kinds.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.