Tag Archive for: major

ICBC Grapples with Ransomware Attack – Will This Cause a Major Damage?

/in


In a significant cybersecurity incident, China’s largest commercial lender, the Industrial and Commercial Bank of China (ICBC), recorded a ransomware attack on its U.S. arm.

The incident, which occurred on Thursday, disrupted trades in the U.S. Treasury market, marking the latest victim in a series of ransom-demanding hacks this year.

ICBC Response to Major Ransomware Attack

The attack is suspected to be the work of the cybercrime gang Lockbit, known for its aggressive ransomware tactics. However, as of Thursday evening, Lockbit’s dark website, where it typically names its victims, did not include ICBC.

The attack reveals how vulnerable the systems at major financial institutions are, raising concerns about the effectiveness of cyber safety measures. Meanwhile, ICBC Financial Services remains committed to examining the attack, working to restore disrupted systems and mitigate potential losses.

 Also, China’s foreign ministry emphasized the bank’s effort, stating that it will do everything possible to reduce the impact on risk and losses.

Besides this, the U.S. authorities, which have been grappling with the increase in cybercrime, particularly ransomware attacks, are also trying to fight the funding of such criminal organizations.

Despite the disruption, the bank reported that it successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades conducted on Thursday. In the meantime, the bank has not officially commented on the attackers’ identity.

This is understandable, as it’s common for such organizations to refrain from publicly disclosing such information. Notably, market observers acknowledge that the effect of the attack was little on the market. However, they have decided to remain vigilant about its implications, particularly for cybersecurity controls in the financial sector.

Meanwhile, the U.S. Securities Industry and Financial Markets Association (SIFMA) has informed its members about the ransomware attack. They emphasized ongoing communication with key financial sector participants and federal regulators.

The Treasury market, according to LSEG data, appeared to function normally on Thursday….

Source…

American Airlines Pilots Union Hit By Major Ransomware Attack That Took Down Website And Could Have Resulted in Sensitive Data Being Stolen

/in


The union, which represents more than 15,000 pilots at American Airlines, says it fell victim to a ransomware attack that took down its website and may have allowed hackers to steal the sensitive personal data of its members.

The Allied Pilots Association (APA) says it became aware of the hack attack on October 30 when its servers were taken offline, blocking access to both the union’s public website and secure member-only pages, as well as specific tools built for pilots.

The APA website and its online services are completely separate from American Airlines, and there is no suggestion that the airline’s systems have been compromised.

The attack was so widespread that APA was forced to update its members via social channels because its website was inaccessible and email systems had been taken offline.

In a statement set up on a temporary new website, APA said it was still assessing the full extent of the damage and that cyber security experts were trying to determine whether personal data had been compromised.

The union warned that it may take some time to figure out whether sensitive information has actually been stolen.

“On October 30, we experienced a cybersecurity incident,” the union confirmed on Thursday. “Upon discovery of the incident, we immediately took steps to secure our network.”

“Our IT team, with the support of outside experts, continues to work nonstop to restore our systems. We are pleased to report that our restoration efforts are progressing, and we will soon be able to begin to bring back some of our online services”.

The union said it could take days to restore all of its online services.

A preliminary investigation suggests APA was targeted in a ransomware attack and that the hackers had managed to encrypt certain systems, which has blocked access to the union’s IT team.

“The restoration of those systems has entailed a methodical and time-consuming process for our IT team and outside experts,” the union warned.

Earlier this year, thousands of pilots who had applied for positions at American Airlines and Southwest had their personal details stolen by hackers who…

Source…

Major international police operation brings down Ragnar Locker ransomware group

/in


A large group that carried out ransomware attacks has been dismantled in an international police operation. The suspected leader has been arrested, and their platform has been taken offline. Five of the group’s servers were seized in the Netherlands and Dutch investigators assisted in the investigation.

According to coordinator Peter Bos of the East Netherlands Cybercrime Team, he and his colleagues have made an important contribution to this large-scale international operation that was started in 2021.

“As a team, we have succeeded in mapping the IT infrastructure of the Ragnar Locker group, as well as their working methods. We also seized several servers and took down hosting services during the week of action, in which eleven countries worldwide participated. Furthermore, we have secured victim data from more than 60 multinationals and during the investigation, we notified some victims of impending ransomware attacks by this group,” Bos said.

European services Europol (police) and Eurojust (justice) announced the results of the action against the Ragnar Locker group on Friday. The main suspect was arrested in Paris last Monday. His house in the Czech Republic was searched. In addition, five other suspects were subsequently interrogated in Spain and Latvia. The group’s website on the dark web was shut down in Sweden. In addition to the Netherlands, servers were also seized in Germany and Sweden.

The ransomware, also called Ragnar Locker, has been active since December 2019. Its creators infected and locked computer systems. They also stole internal data. They then demanded a ransom from victims, both for unlocking systems and for returning sensitive data. They then offered a decryption key in exchange for a ransom amount ranging from $5 to $70 million, threatening to leak the stolen data on the dark web if their demands were not met, according to the police. They also threatened to release all files to the public if the victims filed charges.

Investigators believe that the group attacked about 168 organizations. Last year, they attacked the Portuguese national airline TAP. A month ago, they perpetrated a digital attack on a hospital near Tel Aviv in Israel.

In 2021,…

Source…

Xiaomi announces 13T Pro with promise of four major Android updates

/in


Xiaomi is launching the 13T and 13T Pro today, two smartphones that will benefit from more Android upgrades than what it’s offered previously. Both are due to receive four major Android updates as well as five years of security patches, Xiaomi’s communications director, Daniel Desjarlais, announced earlier this month

The Xiaomi 13T Pro will start at £649 (€799, or around $790), while the 13T will start at £549 (€649, or around $669), and both will be available starting today in the UK. The phones will primarily be sold in European markets, but based on Xiaomi’s previous smartphone releases, they’re unlikely to be officially available in the US.

Xiaomi 13T Pro in green.
Image: Xiaomi

A support commitment of four major Android updates and five years of security patches brings Xiaomi more or less in line with what Samsung promises for its latest Galaxy S23 phones and is technically better than the three major Android upgrades Google offers with its latest Pixels. But there’s an important caveat with Xiaomi’s 13T series: they’re shipping with last year’s Android 13 out of the box. So at least one of these Android upgrades is going to be used on updating the phones to this year’s Android 14. 

And in black.
Image: Xiaomi

Like Xiaomi’s previous phones, the 13T and 13T Pro once again feature a Leica-branded camera system, though there are fewer hardware novelties this time around. There’s no one-inch-type sensor like we saw with the Xiaomi 13 Pro, nor are Xiaomi buyers getting a 200-megapixel sensor this time around. (It’s probably for the best.) Instead, on both phones, you’re getting 50-megapixel main cameras with a 1/1.28-inch sensor paired with a 50-megapixel telephoto, a 12-megapixel ultrawide, and a 20-megapixel front camera. 

Internally, the Xiaomi 13T Pro is powered by a MediaTek Dimensity 9200 Plus processor, while the 13T packs a Dimensity 8200-Ultra. Both have 5,000mAh batteries, but only the 13T Pro can be fast-charged at up to 120W for a full charge in as little as 19 minutes. (The non-Pro 13T tops out at 67W.)

Around front, both phones have a 6.67-inch display with a 144Hz refresh rate, a peak brightness of 2,600 nits (1,200 nits typical), and a…

Source…