Switzerland

February 25, 2022: Novartis claims no sensitive data breach in latest cyberattack by Industrial Spy.

June 2022: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, 2022 the hacking group began selling data allegedly stolen from Novartis on their Tor extortion marketplace for $500,000 in bitcoins. The data being sold consists of 7.7 MB of PDF files, which all have a timestamp of 2/25/2022 04:26, likely when the data was stolen. As the amount of data for sale is minimal, it is not clear if this is all the threat actors stole or if they have further data to sell later.

Novartis declined to answer any further questions about the breach, when it occurred, and how the threat actors gained access to their data.

February 3, 2022: Ransomware Attack at Swiss Airport Services Firm

Swissport, the world’s largest airport ground services and cargo handling company, fell victim to a ransomware attack.
The Zurich-based firm said it spotted the hack early on Feb. 3 to contain potential damage to its IT systems. Some flights were delayed at Zurich airport and passengers are being warned of further potential disruption.
Swissport’s website was forced offline by the cyberattack and the company said some services had been affected for passengers and freight.

January 1, 2004: Instability of the OSI Layer-2 Bridging

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2003: Change of Network Service Stopped OSI Layer-2 Communication

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2004: Blockage of 12 Out Of 13 PLC Systems

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2004: Weekly Connection Loss to PLCs

WIZARD SPIDER is a sophisticated eCrime group that has been operating the Ryuk ransomware since August 2018, targeting large organizations for a high-ransom return. This methodology, known as “big game hunting,” signals a shift in operations for WIZARD SPIDER. This actor is a Russia-based criminal group known for the operation of the TrickBot banking malware that had focused primarily on wire fraud in the past.

January 1, 2018: Winnti attack on Roche

Consequences not disclosed. ARD, a public broadcaster reported that company had been attacked by a group associated with Chinese government with malware which allows attackers to access victims network remotely.

Pin It on Pinterest

Scroll to Top