InfoSec Round-Up June 4th

Conservatives Fined, JBS Ransomware & Health Cyber-Attack

This is the Hut Six InfoSec Round-Up, where we look at some of the most pressing matters, latest trends, and industry news from across the world of information security.

Meat Supplier Cyber Attack

JBS, the world’s largest meat processing company has been hit by a ransomware attack, forcing the temporary shutdown of operations in Australia, the US and Canada.

With the attack occurring in the early hours of May 31st, the company has stated that they were able to suspend all systems as soon as the attack was detected, and that backup servers have not been affected.

The Federal Bureau of Investigations has also officially stated that those behind the attack are the Russia-based REvil gang, the same ransomware syndicate responsible for the recent attack against Taiwanese Apple supplier Quanta Computer.

Occurring soon after the attack against fuel supplier Colonial Pipelines, US President Joe Biden is expected to discuss this issue of Russia-based cyber-crime with Vladimir Putin in an upcoming Geneva summit.

In a statement the FBI noted: “We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable.”

Conservative Party Fined

The UK’s data watchdog, the Information Commissioner’s Office (ICO) has issued a £10,000 fine to the Conservative Party for sending 51 unlawful marketing emails.

Sent in July of 2019, soon after PM Boris Johnson’s election, the party were found to have, during the process of changing email provider, failed to retain clear records of the basis upon which people had consented to receive marketing emails.

Of the 1,190,280 emails sent during the eight-day period, the ICO states that 51 of which were in violation of Regulation 22 of the Privacy and Electronic Communications Regulations (PECR).

Additionally, criticised by the ICO for further communications sent in December of 2019, which resulting in a further 95 complaints, the watchdog expressed concern over the Conversative party conducting a “industrial-scale marketing email exercise” during their ongoing investigation.

Stephen Eckersley, ICO Director of Investigations, has stated on the matter: “All organisations – be they political parties, businesses or others – should give people clear information and choices about what is being done with their personal data. Direct marketing laws are clear, and it is the responsibility of all organisations to ensure they comply.

Swedish Database Offline

An infectious disease database, run by the Swedish Public Health Agency has been taken offline following being targeted in several hacking attempts.

SmiNet, which is used to store and share reports, including information relating to Covid infections, was shut down late last week to halt the attack and investigate if any data had been breached.

With the health agency temporarily unable to report public health data, the organisation did note that it is working to investigate as quickly as possible and rectify any system deficiencies, adding that so far, there are no signs that information was “taken out of the database.”

Though the database is now back online, the incident is just the latest in the increased number of cyber-attacks against health services; coming only weeks after attacks on Ireland’s Department of Health and Health Service Executive.

Though the perpetrators of this attack against SmiNet have yet to be identified, the organisation did note: “We [take] the incident very seriously and it [has been] reported to the Swedish Police as well as the Swedish Authority for Privacy Protection.”

Thank you for reading this edition of Infosec Round-Up. Please be sure to subscribe to the Hut Six YouTube Channel to keep up to date with the latest news and see all our latest information security videos.