Week 30 Cyberattack Digest 2018 – COSCO, Jefferson County School, Idaho Department of Correction and others
Why checking news every day if you can simply read our cyber attack week digest and get the article compilation on the recent incidents? Check out our week 30 digest right now.
Fourth-largest shipping leader is affected
by Bleeping Computer – 26 July 2018
COSCO SHIPPING Lines, one of the leaders in the shipping industry, confirmed a security incident. China Ocean Shipping Company is the fourth-largest maritime shipping organization, so the news on the incident immediately drew a response in press. In the official press release, company’s representatives described the incident as a “network breakdown”, still, several sources designate the incident as a ransomware infection. The officials decided on requesting a computer inspection in China with anti-malware software. The employees were warned not to open any suspicious emails. Luckily, the sequences do not seem to be as harmful as in case with the recent Maersk case. NotPetya caused serious work process interruptions trapping Maersk’s shipments in a number of ports, and COSCO does not seem to be experiencing any problems of the same kind.
School coaches caught spying on rivals
by Bleeping Computer – 30 July 2018
It is not always utter hackers that perform espionage attacks. The Braden River High School football team is dealing with certain problems after being caught accessing the training videos of its rivals. The incident took place last year, but the details showed up recently as the results of an investigation were announced. Manatee County School District started investigating the case back in May. According to the latest news, Braden River coaches accessed the HUDL account that is online service used by Florida high schools to upload and store videos. The access to the videos can be obtained for recruitment purposes. According to the investigators, coaching staff accessed practice videos from Venice, North Port, Sarasota and Sarasota Booker high schools, which their rivals last year. District officials ordered certain punishment to Braden River High School officials. School officials have not yet given any details on a penalty against its coaching staff.
Another school cyber victim
by Citizen Tribune – 25 July 2018
The Jefferson County School email system was affected in a cyber attack Tuesday afternoon. School’s officials notified users not to open suspicious email messages. All the users that had opened any emails after the attack are strongly recommended to reset their Office 365 password. Data breaches performed on schools’ systems are nothing special nowadays – which should actually raise a red flag. One of the other recent attacks was performed on Roseburg Schools that led to financial losses.
Inmates getting credits for buying music and games
by The New York Times – 27 July 2018
364 Idaho prison inmates exploited a vulnerability in the tablets and have used it to assign nearly $225,000 worth of digital credits to their tablet accounts. The credits can be used to buy access to music and games for playing on the tablets. The incident was also spread to the other five institutions including the Idaho State Correctional Institution, Idaho State Correctional Center, Idaho Correctional Institution-Orofino, South Idaho Correctional Institution and the Correctional Alternative Placement Plan. All of them are operated by the same company —MTC Inc.. Low-security level prisons have used the tablets for a few years now offered through a partnership between CenturyLink and JPay. Representatives of both companies confirmed the vulnerability had been identified and fixed. The loss of state funds did not take place in the incident as inmates transferred only fictitious digital credits to their accounts. The majority of malefactors transferred small amounts of credits to their tablet accounts and about 50 of the 364 inmates transferred more than $1,000 worth of credits.
That was a week both of classis attack scenarios – as in case with the Jefferson County School – and quite sudden incidents. It would be likely for inmates to hack the system in order to reduce terms of imprisonment, but not getting digital credits, wouldn’t it? Anyway, don’t forget to care about your security in advance and follow us on Twitter, Facebook, and LinkedIn.