Welcome to our latest monthly review of cyber attacks and data breaches. In June 2022, we found 80 publicly disclosed security incidents, accounting for 34,908,053 breached records.
In this blog, we take a closer look at the cyber threat landscape in Europe.
Palermo government crippled by ransomware
On Friday, 3 June, the Italian city of Palermo confirmed that its systems had been crippled by a cyber attack. According to local media, the incident affected police operations, public video surveillance management and a host of government services.
The attack was later confirmed to be ransomware, with the criminal hacking group Vice Society claiming responsibility.
With the city refusing to pay the attacker’s ransom demand – instead attempting to restore its systems manually – the group issued another threat. It said that if the Palermo government didn’t pay up, the attackers would publish stolen documents.
The nature of the stolen data hasn’t been specified, and the Palermo government hasn’t confirmed that information was exfiltrated. However, it did confirm that a cyber attack took place but remained insistent that it will not negotiate with the attackers.
In a press release, the government said that it was relying on backups from its Arcserve recovery solution and the remaining accessible data from its Oracle database and NetApp storage.
It also provided specific details of its incident response process, noting that it will use a private network that’s available to a small number of verified workstations.
The government’s IT team will then attempt to re-install basic infrastructure and restore workstations before re-adding them to the network.
If the city gets back online without further disruption, it will be a major blow for ransomware gangs. They rely on the fear that paying the ransom is the only way to avoid catastrophic damage, and if this is proven not to be true, other victims should follow suit.
Restoring one’s systems from backups doesn’t take any longer than receiving a decryption key from the attackers and it will almost certainly be less expensive.
German political party confirms cyber attack
Police are investigating after a cyber attack compromised the email accounts of several prominent politicians were compromised.
The attack targeted the Greens, which are the second-largest party in the country’s coalition government. The party’s co-leaders, Omid Nouripour and Ricarda Lang, had their accounts compromised, as did cabinet ministers Annalena Baerbock and Robert Habeck.
“Everything points to both events coming from the same attacker,” a party spokesperson said of the hack. “We have informed security authorities, the data protection officer and have made a police report.”
Fortunately, the email accounts affected were not fully infiltrated and the criminal hackers reportedly had no direct access to sensitive information.
Although there is no evidence to suggest who is responsible for the attack, early reports indicate that it could be linked to pro-Russian hackers.
Germany’s response to the invasion of Ukraine has been muted, with the county issuing less strict sanctions than other European countries. However, the Greens have been vocal in debates over stronger action.
Foreign Affairs Minister Baerbock and Vice-Chancellor Habeck have backed calls for to send more weapons to Ukrainian forces, while Habeck has also led efforts to cut Germany’s reliance on Russian gas.
Since the invasion, Russian hackers – working either directly for the government or in independently in support of the war – have targeted numerous Kremlin critics. It’s possible that this incident is the latest in a line of these attacks, with the Greens being targeted for its opposition to the invasion.
Instagram faces sizeable GDPR fine after breaching children’s privacy
Meta Platforms, the parent company of Facebook and Instagram, faces severe disciplinary action after Ireland’s DPC (Data Protection Commissioner) ruled that the organisation improperly processed children’s personal data.
The proposed fine relates to an ongoing dispute regarding Instagram’s data processing activities. Commissioner Helen Dixon ruled that the social media platform’s data processing practices violate the GDPR (General Data Protection Regulation).
Dixon’s 2021 annual report said the case concerns the way Instagram handles “the operation by children of ‘business accounts’ and also certain default settings which were applied to children’s accounts”.
Records show that Meta has known for some time that a fine has been coming. In October 2021, the organisation agreed to sign off €724 million to cover administrative fines related to GDPR violations. This is on top of another €302 million that it had previously set aside.
However, proceedings have been delayed for several reasons. First, Meta has appealed the penalty – although that is the case in almost every high-profile GDPR investigation.
More worryingly, several European data protection bodies have refused to back the DPC’s proposed fine. Finland, France, Germany, Italy, the Netherlands and Norway have all distanced themselves from the investigation, but they haven’t publicly stated why.
Efforts to settle the dispute are currently underway at the EDPB (European Data Protection Board), the body that’s responsible for GDPR compliance across the EU.
Speaking to the Irish Times, the EDPB confirmed that it had “received a formal submission with regard to Instagram, which is the first step in the triggering of the dispute resolution mechanism”.
Are you prepared for a cyber attack?
If you’re facing a cyber security disaster, IT Governance is here to help.
Our Emergency Cyber Incident Response Service provides the support you need to deal with the threat, as our experts guide you through the recovery process.
They’ll review the breach, mitigate the damage and ensure that you are up and running again as soon as possible.