Hackers storm The Weather Channel, Bayer cures a software infection, the City of Augusta goes down, and a multinational IT company faces potential liability.
April's The Month in Hacks serves as a reminder to organizations everywhere that hackers are always on the prowl for network vulnerabilities, regardless of industry.
A ransomware attack knocked The Weather Channel's live broadcast off the air for 90 minutes on April 18th. They were forced to replace their live morning show with reruns of Heavy Rescue, a reality TV show. After an hour and a half, the channel was back up, and The Weather Channel tweeted that it had restored service “through backup mechanisms.”
This attack underscores the importance of maintaining backups of all data. While, ideally, a robust cybersecurity program will prevent ransomware attacks, robust backup mechanisms provide a critical failsafe.
Bayer, the German pharmaceutical company, identified malicious software on its networks early in 2018. After secretly monitoring the software for over a year, the company removed it from its system at the end of March. Security experts say the attack showed characteristics of ‘Wicked Panda', a group of hackers originating in China.
For the most part, this group has targeted the gaming industry, but as this attack shows, hackers will exploit any vulnerable network. Additional security measures, such as two-factor authentication, will help to shore up weak points in any corporate network.
Officials from the City of Augusta in Maine refused to pay what they said was a “six-figure ransom” in a cyber attack that froze all of the city's servers and rendered all computer systems inaccessible. From early Thursday morning until Monday of the following week, Augusta's computer network was impacted. Even the city's public safety dispatch system was shut down. However, dispatchers were able to manually track fire, police, and ambulance staff using the city's phone and public safety radio systems.Fred Kahl, the director of IT for the city “believes the city might never know with 100 percent certainty how the software got into city servers.” However, you can be sure that extra security measures, such as two-factor authentication, can help reduce the chances of this kind of attack in the future.
KrebsOnSecurity, a cybersecurity website, reported that Wipro, an Indian information technology company, was compromised by hackers who then launched phishing attacks on Wipro's clients. The company's CEO, Abidali Neemuchwala, refuted certain parts of the report from KrebsOnSecurity, but Wipro did confirm that it hired a company to investigate the attack.
The attack leveraged a “zero-day” vulnerability to access Wipro's systems which is a vulnerability for which a patch has not been created yet. The investigation is still underway, but if it finds that client information was compromised, Wipro could face significant and costly liability issues.