CyberSec Roundup
A synopsis of the Latest Cybersecurity News
Conti Ransomware targeting Healthcare
The FBI released a flash alert last week, where they disclosed that Conti ransomware operators have been targeting US healthcare and first responder networks during the last year. However, the group has been busy worldwide, compromising over 400 networks around the world, as it makes up 10% of all ransomware attacks this year so far. They were also responsible for the major attack against Ireland’s HSE. The HSE refused to pay the ransom, but their demands have been as high as $25 million.
Ireland’s DoH also attacked by Conti
The Conti ransomware group that attacked the HSE also attacked Ireland’s Department of Health. Although they were able to breach the DoH’s network and deploy the ransomware, none of the machines appeared to have been encrypted. While the matter is being investigated, the National Cyber Security Centre confirmed there seems to be a link between the attack on the DoH and the one on the HSE.
Qlocker Ransomware Fix
QNAP had a serious vulnerability in their NAS units, specifically within the Hybrid Backup Sync application. The Qlocker ransomware would attack internet exposed devices, encrypt all of the files, and also remove any snapshots. They recently fixed the issue (CVE-2021-28799) and are asking all customers to ensure they update their units to fix the vulnerability.
By: David Pinder
IT & Security Consultant
Certified Ethical Hacker (Master)