Ryuk Ransomware Source of Cyberattack Against Various US Newspapers
A form of ransomware called Ryuk is the source of a malware attack against various US newspapers that rely on Tribune Publishing systems (especially for printing). According to the Los Angeles Times, “This piece of ransomware managed to throw a monkey wrench into Tribune Publishing newspaper operations, which under-gird its printing plants as well as those of The Times and the San Diego Union-Tribune. […] The problem surfaced near midnight [on December 27, 2018], when sports editors at the Union-Tribune struggled to transmit finished pages to the printing facility. It spread rapidly over the following day, impeding distribution of the Saturday editions of The Times and Union-Tribune, as well as papers in Florida, Chicago and Connecticut and the West Coast editions of the Wall Street Journal and New York Times, which are printed in downtown Los Angeles.” While the Ryuk ransomware shares similarities with past North Korean cyberattacks, attribution is not yet confirmed.
Marriott Data Breach Estimate Reduced to 383 Million But Company Still Faces Heavy Financial Losses
While the reduced estimate of 383 million people breached is slightly better news than 500 million, additional bad news has emerged in the wake of the Marriott data breach. According to the Chicago Tribune, “[Marriott] confirmed Friday that approximately 5.25 million unencrypted passport numbers were accessed. […] The hackers accessed about 20.3 million encrypted passport numbers. There is no evidence that they were able to use the master encryption key required to gain access to that data. Unencrypted passport numbers are valuable to state intelligence agencies because they can be used to compile detailed dossiers on people and their international movements.” Marriott could face a loss of somewhere between $200 million and $600 million as a result of the data breach, according to Computer Weekly.
Cybersecurity Standards Updates
Two government entities recently released updates to cybersecurity standards and guidelines:
FBI Releases Alert About Critical Infrastructure Security Vulnerability
Building control systems have an ongoing significant security vulnerability that caused the FBI to release an alert to the private sector during the week of December 17, 2018. According to CyberScoop, “Major universities, state governments, and communications companies are among the organizations at risk of having their building-system data exposed, the bureau said in an industry advisory obtained by CyberScoop. The port in question – port 1911 – is serving up building-network information on the internet that could be of use to hackers. […] The concern is that attackers can collect data on a building network to eventually gain further access to the system.”
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week: