Hacking siphons $500 million from troubled crypto exchange FTX, ransomware attacks strike Canada’s food supply chain and SMB security and compliance training priorities.
FTX: Cryptocurrency Exchange
Risk to Business: 1.171 = Extreme
The collapse of cryptocurrency exchange FTX has been an epic disaster for the crypto world, and the saga isn’t even close to over. On the heels of the company’s bankruptcy filing, FTX experienced a hacking incident that resulted in an estimated $500 million being siphoned from users’ cryptocurrency wallets late last Friday. The company’s CEO took to Twitter to confirm the hack. In its Telegram channel, FTX cautioned users that “FTX has been hacked. FTX apps are malware. Delete them. Chat is open. Don’t go on FTX site as it might download Trojans.” The company says that it is working with law enforcement officials and making every effort to secure users’ remaining assets.
How It Could Affect Your Customers’ Business: This adds insult to injury at the worst possible time further compromising the cryptocurrency market.
Jackson Intermediate School District
Jackson Intermediate School District: Education Authority
Risk to Business: 2.101 = Severe
The Jackson Intermediate School District (Jackson ISD) near Lansing, Michigan, was hit by a ransomware attack that forced area schools to suspend classes for a day. The attack forced systems offline last Monday. Jackson ISD provides technology services for schools and school districts in Jackson and Hillsdale counties. School officials said that the attack impacted several critical operating systems that necessitated the closure. No word on any ransom demand was available at press time.
How It Could Affect Your Customers’ Business: Schools at every level have been extremely pressed by ransomware groups and need to maintain strong security.
United Kingdom & European Union
Sobey’s: Supermarket Chain
Risk to Business: 1.652 = Severe
Sobey’s, Canada’s second-largest supermarket chain, has been the victim of a ransomware attack that impacted the supermarket chain’s operations. Stores remained open and mostly operational for shoppers, but some systems were down or spotty causing delays in services. Customers were unable to refill prescriptions or purchase gift cards. Payment systems were not impacted. The chain consists of 1,500 stores in all ten provinces under multiple retail banners, including Sobey’s, Safeway, IGA, Foodland, FreshCo, Thrifty Foods and Lawtons Drugs. Black Basta ransomware is likely to be behind the attack. No information about what if any data was stolen or a ransom demand was available at press time.
How It Could Affect Your Customers’ Business: Ransomware operators have been focusing on sectors that impact people’s daily lives for maximum gain, with Food & Agriculture high on their list.
Maple Leaf Foods
Maple Leaf Foods: Meat Processor
Risk to Business: 1.882 = Severe
Maple Leaf Foods has fallen victim to an unnamed cyberattack that has disrupted its operations. The company, producers of meat brands Maple Leaf, Schneiders, Mina, Greenfield Natural Meat Co., Lightlife and Field Roast, said that it successfully executed its business continuity plan and that it is working to restore the impacted systems. But the company also cautioned that it expects further operational and service disruptions. Experts suspect that ransomware may be the root cause of the trouble.
How it Could Affect Your Customers’ Business: Manufacturers in the food supply chain are key points for cybercriminals to attack, especially with ransomware.
United Kingdom & European Union
UK – Silverstone Circuit
Silverstone Circuit: Motor Racetrack
Risk to Business: 1.819 = Severe
Silverstone Circuit has been the victim of a ransomware attack. The up-and-coming ransomware group Royal has claimed responsibility, adding the racetrack to its dark web leak site on November 8. Silverstone Circuit is the legendary home of the British Grand Prix as well as dozens of Formula One automobile and motorcycle events. The track is operated by the British Racing Drivers’ Club (BRDC). No word on any ransom demand was available at press time.
How it Could Affect Your Customers’ Business: Ransomware groups that are making a name for themselves may choose to hit high-profile targets for publicity.
Russia – Central Bank of the Russian Federation
Exploit: Hacking (Hacktivism)
Central Bank of the Russian Federation: Bank
Risk to Business: 1.733 = Severe
Ukrainian hacktivists say that they’ve hacked the Central Bank of the Russian Federation, sometimes called the Central Bank of Russia. The hackers say they’ve snatched a 2.6 GB folder of documents that was released publicly last Thursday. The Record said that it had seen a portion of the documents and that the trove includes 27,000 files detailing the bank’s operations and its security policies as well as the personal data of some of its current and former employees. This is the second hacking incident this year for Russia’s Central Bank. Anonymous allegedly obtained 35,000 documents from the bank in March 2022 and published them online.
How it Could Affect Your Customers’ Business: The ongoing Russia-Ukraine conflict has led to unprecedented levels of nation-state and hacktivist activity.
Asia & Pacific
Vanuatu – Government of Vanuatu
Government of Vanuatu: National Government
Risk to Business: 2.283 = Severe
Several government departments of the island nation of Vanuatu have been knocked offline following an unspecified cyberattack. The websites of Vanuatu’s parliament, police, prime minister and Cyber Emergency Response Team were among the government agencies impacted. Officials also confirmed that they had limited access to platforms because of sporadic internet outages. Several key web-based services including email and voice communications were also down. The small island nation has requested assistance in investigating and remediating the attack from its neighbor Australia.
How it Could Affect Your Customers’ Business: Governments of every size have been getting hammered by cyberattacks in the last year and need strong security to stay out of trouble.
You can read the rest of the ID Agent post here for additional information