Cyberattacks on the US and UK continue to grow for the fourth week running. Most of these attacks are coming from Eastern Europe and South-East Asia and are targeting manufacturing, utilities, and urban governance bodies including municipalities and counties. The attacks include both reconnaissance and full-fledged attacks targeted at core systems including data centers, grids, Industrial control systems, video surveillance systems, and networks connected with critical data.
Two large clusters of data with personally identifiable information and credentials of at least 5 utility firms in Western Europe were discovered during our Dark Web scan. These clusters belong to a breach that occurred in late March to early April this year in the early phase of the Covid-19 pandemic. The release of such information indicates that hacker groups are possessing more such information stolen from various entities and we may see more such leaks in the future.
Hackers are also modifying their tactics to lure victims. An old method involving sending an email to a large database asking recipients to reset their Netflix accounts was also discovered last week.
Weekly advisory
Entities belonging to these segments should be on their guard:
- Smart cities
- Healthcare
- Airports
- Power grids
- Government websites and agencies – especially lawmakers and government agencies connected with internal/homeland security
- Manufacturing plants and maritime agencies
- Defense establishments
- Utility entities
- Financial services