The German Chambers of Industry and Commerce (DIHK) association shut down all of its IT systems and switched off digital services, telephones, and email servers, in response to a cyberattack. A short statement published on the DIHK site describes the shutdown as a precaution and a way to give IT teams time to develop a solution and build up defense. The General Manager of DIHK, Michael Bergmann, informed the public via a LinkedIn post that the cyberattack occurred Wednesday August 3 and characterized the incident as 'massive."
July 17, 2022: ‘Massive’ Cyberattack on Government Services in Albania
Albania has come under a “massive cybernetic attack”. Albanians were unable to use scores of government services on Monday July 18, as the main servers went down, following what the authorities called 'a synchronised criminal attack from abroad'. The main servers of the National Agency for Information Society were all down after being hit. “Albania is under a massive cybernetic attack that has never happened before. This criminal cyber-attack was synchronized… from outside Albania,” the Council of Ministers said in a press release. The government recently closed desk services for the population and ordered mandatory use of its online services for everything from enrolling in school to obtaining an ISBN number for a new book at the National Library. However, several important services, such as online tax filing, are still working, as they use separate servers.
Reports later on suggests the attack to be of Iranian origin: "Research published by the threat intelligence firm Mandiant attributes the attack to Iran."
The Port Phillip Prison in Melbourne’s west computer systems fell victim to cyberattack believed to involve a ransom attack compromising G4S’s nationwide database. “G4S Australia Holdings have confirmed the incident involves data stored on their national corporate IT network,” the spokesperson said.
The Port Phillip prison run by G4S, which currently houses 1000 inmates, has increased security and suspended prisoner visits.
July 20, 2022: Ransomware Attack Hits Entire Canadian Town of St. Mary’s
The cyber incident locked and encrypted its internal server. St. Marys officials first became aware of the attack around 11 a.m. Wednesday 20 July, prompting staff to lock down the town’s IT systems and isolate its network to prevent any further damage, said Mayor Al Strathdee. “Since that time, we realized that it is a malware attack. There was a message asking for ransom,” he said.
According to cybernews.com, a group known as LockBit has taken responsibility for the recent ransomware attack, listing the small Southwestern Ontario town among its victims in a post on the dark web and is allegedly threatening to release troves of sensitive information if the Perth County town doesn’t pay up.
July 1, 2022: Cyberattack Disrupts Unemployment Services for Tens of Thousands of People in Multiple US States.
An apparent cyberattack on Florida-based IT provider Geographic Solutions disrupted unemployment and workforce benefits for thousands of people in multiple states and Washington, DC. Unemployment payments are delayed for people in Tennessee, where about 12,000 people rely on the program, and in Nebraska, according to statements from state labor departments. In Washington, the outage has prevented residents from filing new paid family leave claims and conducting job searches using a tool provided by Geographic Solutions. In a statement, Geographic Solutions described "anomalous activity" on its computer network but did not specify the cause; the Nebraska Department of Labor called it a "cyberattack." After discovering the activity, Geographic Solutions "immediately took some systems offline to halt the activity," its statement said. Agencies in several states said they were notified of the problem by GSI on June 26.
The incident is the most recent in a growing pattern of software supply chain attacks, in which cybercriminals target one company with the intention of infecting its partners and clients later on, basically widening the malware's system vulnerabilities.
April 13, 2021: Cyberattack Delays Start of Classes At Portsmouth University.
Key IT systems at the University of Portsmouth continue to remain offline this week after a supposed ransomware attack, delaying the start of the new term.
A notice on the university’s homepage doesn’t explicitly name ransomware as the cause of the “cyber incident,” but the “ongoing technical disruption” it describes is a tell-tale sign of such attacks. However, The News has reported that it has seen an email from the university claiming it suffered a ransomware attack.
October 26, 2021: Cyberattack Leaves Motorists Stranded At Gas Stations in Iran.
A cyberattack crippled gas stations across Iran, leaving angry motorists stranded in long lines. No group immediately claimed responsibility for the attack, which rendered useless the government-issued electronic cards that many Iranians use to buy subsidized fuel at the pump.
It bore similarities to another attack months earlier that seemed to directly challenge Iran's Supreme Leader Ayatollah Ali Khamenei as the country's economy buckles under American sanctions. Israeli cybersecurity firm Check Point later attributed the Iran train attack to a group of hackers that called themselves Indra, after the Hindu god of war.
July 2, 2021: Ransomware Hits MO City
A ransomware attack shut down the city of Joplin, MO, government’s computer system in early July, city officials said last week.
While the debate on whether to pay the ransom rages, an insurer paid $320,000 to someone not identified, to keep any sensitive information obtained as a result of the cyberattack from being exposed, City Manager Nick Edwards said in the statement.
A cybersecurity attack on the city of Tulsa’s computer system was similar to an attack on the Colonial Pipeline and that the hacker is known.
December 1, 2020: Security Provider, Stormshield, Hit In Cyber Attack
Security provider Stormshield revealed a security incident that resulted in unauthorized access to a technical portal and a “leakage” of some parts of the SNS (Stormshield Network Security) source code.