fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Australian govt warns of escalating LockBit ransomware attacks

Australian govt warns of escalating LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.

“ACSC has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia,” Australia’s cybersecurity agency said in a security alert issued on Thursday.

According to the agency, LockBit victims also report threats of having data stolen during the attacks leaked online, a known and popular tactic among ransomware gangs to coerce their targets into paying the ransoms.

Also Read: 4 Reasons to Outsource Penetration Testing Services

Increasing number of attacks since July

“The majority of victims known to the ACSC have been reported after July 2021, indicating a sharp and significant increase in domestic victims in comparison to other tracked ransomware variants,” the ACSC added.https://www.ad-sandbox.com/static/html/sandbox.html

“The ACSC has observed LockBit affiliates successfully deploying ransomware on corporate systems in a variety of sectors including professional services, construction, manufacturing, retail and food.”

The agency also published a ransomware profile with additional information on the LockBit group, including initial access indicators, targeted sectors, and mitigation measures.

It added that these threat actors are opportunistic and could target organizations from any industry sector. Therefore, not being included in the list of already targeted sectors does not necessarily indicate LockBit’s target won’t switch to other industries.

The ACSC provides mitigations focused on LockBit TTPs (Tactics, Techniques, and Procedures), which include:

  • enabling multifactor authentication (MFA) on all accounts to block the use of stolen credentials
  • encrypting sensitive data at rest to block exfiltration of sensitive information
  • segmenting corporate networks and restricting admin privileges to block lateral movement and privilege escalation attempts
  • maintaining daily backups to reduce a successful attack’s impact
  • patching internet facing Fortinet devices against CVE-2018-13379, a security bug heavily exploited by LockBit to breach networks

Organizations affected by these escalating ransomware attacks or who need assistance are advised to reach out using ACSC’s 1300 CYBER1 hotline.

From LockBit to LockBit 2.0

The LockBit ransomware gang started operating in September 2019 as a ransomware-as-a-service (RaaS), recruiting threat actors to breach networks and encrypt devices.

Since its launch, LockBit has been very active, with gang representatives promoting the RaaS and providing support on various Russian-language hacking forums.

LockBit announced the LockBit 2.0 RaaS in June 2021 on their data leak site after ransomware topics were banned on cybercrime forums [12].

While the alert issued by the Australian cybersecurity agency would imply that LockBit has hit never before seen levels of activity, the ransomware gang is just ramping up their engines again following a slowdown in attacks since January 2021, as shown by the number of ID Ransomware submissions.

LockBit submissions (ID Ransomware)

This relaunch came together with redesigned Tor sites and advanced features, including the automatic encryption of devices across Windows domains using Active Directory group policies.

With LockBit 2.0, the gang is also attempting to remove the middlemen by recruiting insiders who would provide them with access to corporate networks via Remote Desktop Protocol (RDP) and Virtual Private Network (VPN).

In related news, the ACSC and the FBI also warned in May of ongoing and escalating Avaddon ransomware attacks targeting organizations from an extensive array of sectors worldwide.

One month later, the Avaddon ransomware gang shut down operations and released decryption keys for their victims to BleepingComputer.

Also Read: Don’t Be Baited! 5 Signs of Phishing in Email

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us