12 June 2020

IRM Weekly Cybersecurity Roundup: Honda SNAKE ransomware and more

Honda hack caused by SNAKE ransomwareSNAKE ransomware Honda hack

In the last week, Honda has confirmed it has been the victim of a SNAKE ransomware attack, leading to many of its online services being unavailable to customers.

Honda temporarily shut down some of its production facilities, the customer services and financial services operations.  A spokesperson said there was: “no current evidence of loss of personally identifiable information”. This corresponds with the idea that SNAKE ransomware was used, as this method doesn’t usually extract data to use for ransom demands.

So why would hackers use SNAKE ransomware if it doesn’t allow them to get their hands on sensitive information to sell on the Dark Web? The ransomware has additional functionality programmed into it which allows hackers to forcibly stop processes, especially in Industrial Control Systems (ICS) environments. This can be deeply impactful to an Original Equipment Manufacturer such as Honda.

You can read more here.

NASA experiences 366% rise in cyber incidents post-budget cuts

Figures from AtlasVPN show that, after NASA’s cybersecurity budget dropped by $3.1 million between 2018 and 2019, cybersecurity incidents rose by 366% within the same period.

Atlas VPN NASA Figures

It’s thought that incidents caused by “improper usage” and bad security practice accounts for over 90% of the increase.

Another observation from the researchers is that NASA was one of the few federal agencies in the USA who decided to decrease their cybersecurity budget in this period. Most agencies including the Department of Justice, Energy, the Treasury, and the State all increased spend in this area.

You can read more here.

Milk and beer production comes to a halt for Aussie manufacturer

The Australian dairy processor and drink manufacturer, Lion, was forced to shut down production on Monday after being hit by a cyber-attack.

The attack has apparently impacted the whole supply chain: “We immediately shut down all our systems as a precaution, and we have continued to work with cyber experts to determine how much longer our systems will be impacted.”

Rather than relying on IT-based systems, Lion has turned to manual-based processes to continue taking orders and to ship products across the country.

You can read more here.

$2 billion health app suffers from data breach

An AI and chatbot health app, Babylon Health, has suffered this week from a data breach after a user was able to access the videos of other patient consultations.

The app startup, which has been valued in excess of $2 billion, said that the breach was due to a “software error”. The error is thought to be specifically linked to a feature which lets users switch from audio consultation to video consultations mid-call.

Babylon Health said that a “small numbers” of UK users were able to see other people’s sessions. The issue was fixed within two hours but there are still concerns, as the ICO deems medical data to be one of the most personal types of data at risk.

You can read more here.

Quick-Fire Updates:

Norwegian shipbuilder infected with ransomware: The Norwegian unit of the Italian state-owned shipyard experienced a ransomware attack on its servers. Read more here.

Nintendo confirms number affected in April’s breach: The gaming company has now confirmed that that an additional 140,000 user accounts were breached in addition to the 160,000 acknowledged in April. Read more here.

Want to receive weekly updates on the latest cybersecurity news? Sign up to the IRM newsletter to receive this straight to your email inbox.