The threat of ransomware has become abundantly clear this month. With 32 reported incidents in September, it accounted for almost one in three incidents that we’ve recorded.
This includes an attack on a French transportation company, which we take a closer look at in this blog. We also review a DDoS (distributed denial-of-service) attack on several major organisations in Hungary and an incident affecting the Norwegian parliament.
CMA CGM becomes latest ransomware victim
The French shipping firm CMA CGM recently confirmed that it had been hit by the Ragnar Locker ransomware strain.
The organisation initially denied the attack but later admitted that it was suffering ongoing disruption after being locked out of its systems.
In a message sent on 27 September, the criminals demanded that CMA CGM respond within two days via live chat to arrange payment for the decryption key.
Following the attack, CMA CGM shut down its IT operations to prevent the malware spreading and advised staff across Europe not to use company equipment.
CMA CGM Vice President Joël Gentil said: “We are progressively resuming connectivity so in some instances bookings can be taken online, but where customers cannot get online they can call their local offices. The situation is coming back to normal. It will take a few hours.”
Hungarian organisations hit by DDoS attack
Several banks and a telecommunications provider in Hungary were disrupted last week after cyber criminals launched a DDoS attack.
The attack, which used servers based in Russia, China and Vietnam, flooded the organisations’ networks with traffic until they were overwhelmed and crashed.
Magyar Telekom, the telecommunications provider affected in the incident, claimed that the volume of traffic was ten times higher than a typical DDoS attack.
“That means that this was one of the biggest hacker attacks in Hungary ever, both in its size and complexity,” the organisation said.
The attack reportedly took place in several waves, but Magyar Telekom and OTP Bank, one of the banks affected, managed to repel it and get their systems back online later that day.
It’s unclear why the criminals targeted these organisations, although DDoS attacks are often distractions from a more sophisticated attack – the results of which may only be discovered in time.
Norway’s parliament attacked by criminal hackers
Norway’s parliament, the Storting, recently confirmed that several ministers’ email accounts had been breached in a cyber attack.
The Norwegian parliament’s director, Marianne Andreassen, said that the incident affected “a limited number” of ministers and employees, and that a report had been filed with the police.
A spokesperson for Norway’s main opposition party, the Labour Party, confirmed that several party members had their accounts compromised.
In a statement, the Storting said that the attackers had stolen an unspecified amount of information. Fortunately, the incident was detected promptly, which limited the damage.
Andreassen said that the parliament had discovered “anomalies a little more than a week ago,” and had implemented measures to reduce the risk.
The incident is now under investigation, as the parliament tries to determine who was responsible and the full extent of the damage.
Stay up to date with cyber security news
Are you looking for regular updates on the latest cyber attacks and data breaches?
Subscribe to our Weekly Round-up to learn what’s happening in the cyber security industry and receive tips on the steps you should take to protect your organisation.