Cyber Security & Business Continuity Incident Log w/e 10th March 2017


Pennsylvania Democrats’ computers taken down by cyberattack

The computer network of the Pennsylvania Senate Democratic Caucus remained inaccessible over the weekend after a Friday morning cyberattack locked lawmakers out of their own systems.

The cyber attack was performed via “ransomware” which encrypted the data on the  server and demanded an online payment in exchange for a key code to unlock the compromised system.
Update 6th March 2017: network remains inaccessible


Breach at eCommerce firm exposes millions of Internet Users

Customers of 40 online stores have had their bank card numbers and addresses stolen by a malware infection at backend provider Aptos.

The security breach originally occurred in December 2016  when a hackers injected malware to spy on servers Aptos used to support its services for online shops. It is understood that the malware has accessed customer payment card numbers and expiration dates, full names, addresses, phone numbers and email addresses.

Amazon S3 Outage Highlights Cloud Supplier Concentration Risk

The recent outage of the Amazon S3 cloud service, which impacted large swathes of the internet, has highlighted the exposures related to over-reliance on a single cloud services supplier – no matter how large they may be.


VeriFone Systems Internal Network Suffers Cybersecurity Attack

Verifone Systems is currently investigating an internal networks breach that also seems to have impacted the point-of-sale card terminals at several companies.

Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not impacted,” according to the report on Tuesday.

A Verifone executive said in an internal memo “We are currently investigating an IT control matter in the Verifone environment”.

Homes & businesses damaged in Kansas storms

Emergency officials in Oak Grove, Missouri, said nearly 500 homes and businesses sustained some damage after tornadoes and severe storms hit the Kansas city area.

Nearly 500 homes were damaged in Oak Grove during  storms that struck the Kansas City area on Monday night and 10 to 12 commercial buildings also were damaged.

Wealth Firms Hit by Cyber Attacks

Four separate cyber attacks on wealth management firms were reported to the Financial Conduct Authority (FCA) in 2016.

Following a Freedom of Information Request to the FCA, the regulator told Wealth Manager that two were ransomware attacks. Ransomware attacks are basically ‘cyber blackmail’ which force the victim to pay a ransom to decrypt their data and regain access to their systems.

One of these attacks hit the Argyle Financial Group, according to FCA records

Another financial organisation was hit by a distributed denial-of-service (DDoS) attack which make websites inaccessible by overwhelming them with bursts of messages and requests.


Duesseldorf: 8000 People Evacuated Following Discovery of WWII Bomb

Some 8,000 people were evacuated Thursday from homes, shops and offices in the western German city of Duesseldorf after an unexploded World War II bomb was uncovered, local authorities said.

The 250-kilogramme (550-pound) dud explosive was found on Wednesday evening during construction works in the northern district of the city.

A one-kilometre radius was sealed off, and several roads blocked, including two highways, city authorities said, warning that this could affect traffic to the airport.

A hotel with 250 guests was also evacuated, with the bomb expected to be defused in the early afternoon.

More than 70 years after the end of the war, unexploded bombs are regularly found buried in German soil, a legacy of the Allies’ intense bombing campaigns against Nazi Germany.

Authorities estimate that some 3,000 unexploded bombs remain underground in Berlin alone.