fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

World’s Largest Cruise Line Operator Carnival Hit By Ransomware

World’s Largest Cruise Line Operator Carnival Hit By Ransomware

Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.

Carnival Corporation is the largest cruise operator in the world with over 150,000 employees and 13 million guests annually. The cruise line operates under the brands Carnival Cruise Line, Costa, P&O Australia, P&O Cruises, Princess Cruises, Holland American Line, AIDA, Cunard, and their ultra-luxury cruise line Seabourn.

In an 8-K form filed with the Securities and Exchange Commission (SEC), Carnival Corporation has disclosed that one of its brands suffered a ransomware attack on August 15th, 2020.

“On August 15, 2020, Carnival Corporation and Carnival plc (together, the “Company,” “we,” “us,” or “our”) detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems. The unauthorized access also included the download of certain of our data files,” the cruise line operator stated in their filing.

As part of the attack, Carnival states data was likely stolen and could lead to claims from those affected by the potential data breach.

“Nonetheless, we expect that the security event included unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies,”

The filing does not indicate the ransomware operation that compromised their network, and there are close to twenty different gangs that steal and leak unencrypted files as part of their attacks.

This ransomware attack comes on the heels of a data breach announced in March 2020 that led to the exposure of customers’ personal information, including possible payment information.

BleepingComputer contacted Carnival with further questions about the attack, but they are not providing any additional information.

“We are not planning to discuss anything beyond the 8K filing at this point since it is early in the investigation process,” Carnival told BleepingComputer.

Do you have first-hand information about this attack or another ransomware attack? If you have information to share, contact us securely on Signal at +1 (646) 961-3731, via email at [email protected], or using our tips form.

Also read: Top 25 Data Protection Statistics That You Must Be Informed

Carnival utilizes vulnerable edge devices

According to cybersecurity intelligence firm Bad Packets, Carnival utilizes vulnerable edge gateway devices that allow an attacker to gain access to a corporate network.

Bad Packets Tweet

The CVE-2019-19781 vulnerability is for Citrix ADC (NetScaler) devices that, when exploited, allow a hacker to gain access to the company’s internal network. Patches for this vulnerability were released in January 2020.

The other vulnerability, CVE-2020-2021, exists in Palo Alto Networks firewalls and allows unauthenticated network-based attackers to bypass authentication. This vulnerability was patched at the end of June 2020.

Either of these vulnerabilities can be abused by ransomware operators to gain access to a corporate network silently. Once the attackers gain access, they spread laterally to other computers and harvest network credentials.

When they gain control over an administrator account and the Windows domain controller, the attackers deploy the ransom

While it is not known if either of these vulnerabilities were used in Carnival’s attack, they are commonly abused by ransomware operators in these types of attacks.

Update 8/17/2020 18:15: Updated to include information about vulnerable devices.

Also read: Completed DPIA Example: 7 Simple Helpful Steps To Create

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us