Infosec Round-Up: May 15th 2020

Norfund Breach, Celebrity Data hack, and Ransomware Research

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

This week we are looking the New York law firm hack that is holding celebrity data hostage, how paying a data ransom can affect the cost of recovery and a private equity company scammed out of $10 million. Welcome to the Hut Six Infosec Round-up.

100 Million Krona Lost in Suspected BEC

The private equity fund, Norfund has lost 100 million Krona, or $10 million USD to sophisticated online scammers.

Occurring in March, the money was lost when funds intended for a Cambodian microfinance company were diverted to a third-party account, following criminal intercepting key communications.

Believed to have been diverted to Mexico, the missing funds went unnoticed for around 6 weeks before the scam was discovered around the end of April.

With realistic design, content and language, Norfund has termed the attack an “advanced data breach”
Norfund, which is owned and funded by the Norwegian government’s Ministry of Foreign Affairs, has stated that they are working with law enforcement agencies across the territories to track down the lost funds and with security specialists to conduct a review of the company’s practices and systems.

Celebrity Data Stolen

A New-York law firm has fallen victim to a hack, loosing the personal data of clients such as Elton John, Lady Gaga and Madonna.

Grubman Shire Meiselas & Sacks this week acknowledge the loss of around 750GB of client data, much of which relates to plethora of entertainers, musical acts, and well-known companies, such as Facebook and Sony.

Thought to be stolen with the   aid of the infamous ransomware strand REvil, or Sodinokibi, this same software was used in the Travelex heist which demanded six million USD for the return of customer data.

In a press release, the company stated, “We have hired the world's experts who specialise in this area, and we are working around the clock to address these matters."

It is unknown how much is being demanded in this attack, or whether the firm will be paying the ransom.

Bringing us to our next story:

Paying Ransom Doubles Attack Cost

New research suggests that companies that pay a data ransom, end up spending almost double than those that do not.

As a prevalent form of cyber threat, it is thought that a ransomware attack now, on average costs around three quarters of a million USD for those that don’t pay, as opposed to almost one and a half for those who shed out.

Putting something of a stop to the idea that paying a ransom is the easiest and cheapest solution, the research also asserts that around only 6% of ransomware victims failed to get their data back, with the majority of companies relying on back-ups to recover information.

As well as the recent and destructive ransomware attack against IT services provider Cognizant, which is expected to cost somewhere between fifty and seventy million USD, this week offers plenty in the way of stark reminders regarding the ongoing danger of ransomware and the cost of being underprepared for attacks.

Thank you for reading this edition of InfoSec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.