Weekly Cyber News Roundup

October 2nd to October 6th 2023

Content 

01. News Bites
  • Killnet hacker groups claims responsibility for crashing UK Royal Family’s website
  • German Hotel Chain claims to have thwarted major ransomware attack
  • Hacking group claims to have hacked NATO, some websites affected
  • European SME cyber threat concerns have increased in 2023
  • Kenya reports it has been hit by 860 million cyber attacks in 2023
02. Conclusion

Quick News Bites

Killnet hacker groups claims responsibility for crashing UK Royal Family’s website

Over the weekend, the British royal family's website, royal.uk, suffered a denial-of-service (DoS) attack that rendered it inoperable for over an hour on Sunday morning. A royal source clarified that the website wasn't hacked, as no unauthorised access to systems or content occurred. Buckingham Palace has not released an official statement.

A pro-Russia hacktivist group known as Killnet claimed responsibility for the cyberattack.

Established around the time of Russia's invasion of Ukraine in 2022, Killnet has targeted countries supporting Ukraine, particularly NATO members.

The Health Sector Cyber security Coordination Center within the U.S. Department of Health and Human Services released an analyst note earlier this year detailing Killnet's activities. While the group's connections to Russian government organizations remain unverified, their DDoS attacks have caused outages lasting hours or even days and are considered a threat to government and critical infrastructure.

The cyberattack followed recent comments from Britain's King Charles III, who expressed support for Ukraine and denounced Russia's "military aggression" in a speech at the French Senate. The British monarch has previously spoken out against Russia's involvement in the Ukraine conflict.

German Hotel Chain claims to have thwarted major ransomware attack

Motel One Group, a German hotel chain with 90 locations across 13 countries, recently thwarted a ransomware attack. The company stated that thanks to existing security measures, the impact was minimized and their business operations were never endangered. A certified IT specialist was engaged for immediate action, and the firm is collaborating with public investigation and data protection authorities. An undisclosed number of customers had their addresses accessed, and details of 150 credit cards were exposed. Affected cardholders have been informed.

The company declined to comment on claims by the AlphV/Black Cat ransomware gang, which alleged it had stolen 6 TB of data, including three years of booking confirmations and various internal documents. This ransomware group recently targeted another major player in the hospitality sector, MGM Resorts.

Reports indicate a growing number of cyberattacks on the hospitality industry, known for its wealth of customer data. A study from cyber security firms has noted at least 59 ransomware attacks against hotels, primarily involving credential access. Other global chains like Radisson and Hilton have also been recent targets, and last year, Marriott faced an extortion attempt involving stolen data.

This surge in attacks highlights a broader risk in the hospitality industry, drawing attention from both cybercrime gangs and state-sponsored groups specialised in targeting hotels globally. 

Hacking group claims to have stolen data from NATO, some websites affected

NATO is investigating claims by hacking group SiegedSec that it stole 9 GB of data from various unclassified NATO platforms. SiegedSec, known for targeting U.S. municipalities, boasted about the breach on Telegram. The group allegedly infiltrated multiple NATO portals, including training, logistics, and standardization sites, and shared a link to over 3,000 documents mostly from the NATO Standardization Office.

A NATO spokesperson stated that no operational issues have arisen and that additional cybersecurity measures are in place. They did not provide further details on the timing of the intrusion or what other information might have been accessed. This is the second incident involving SiegedSec and NATO; a previous attack compromised personal data from people in 31 countries.

NATO faces ongoing cyber threats and has cybersecurity experts actively addressing incidents. This comes as SiegedSec has recently targeted state-run websites and claimed attacks on city and state government systems, although some claims were later debunked as involving only publicly available data.

European SME cyber threat concerns have increased in 2023

Concerns over cyber threats among European small and medium-sized enterprises (SMEs) have significantly increased, affecting brand, reputation, and revenue. According to research commissioned by Sharp Europe, 38% of SMEs are more worried about cyber security than last year, and over a quarter have experienced security breaches. These include phishing (31%), malware (30%), data loss (30%), and virus attacks (25%). Almost a quarter faced password and cloud security issues.

Despite these concerns, 61% of SMEs lack confidence in their ability to manage security risks. Strikingly, 60% have no plans to increase their IT security budget this year. The study, which surveyed 5,770 IT-purchasing professionals across Europe, revealed that financial loss, reduced customer confidence, and brand damage are the top concerns following a security breach.

Kenya reports it has been hit by 860 million cyber attacks in 2023

Cyberattacks in Kenya have skyrocketed, with 860 million incidents reported in the last year, a drastic increase from 7.7 million in 2017, according to the country's Communications Authority. The regulator is increasingly concerned about the rising frequency, sophistication, and impact of these cyber threats, especially those targeting critical information infrastructure.

A significant attack in July, attributed to pro-Russian hacking group Anonymous Sudan, disrupted over 5,000 online government services, including crucial visa, passport, and driver's license processes, as well as online train bookings and mobile money transactions. The authority disclosed that 79% of the cyberattacks resulted from criminals infiltrating computer systems, 14% involved malicious software, 6.5% were due to traffic overloads on servers, and the remainder targeted web applications.

Kenya now ranks as the third most targeted country in Africa for cybercrime, behind Nigeria and South Africa, accentuating the urgent need for robust cybersecurity measures to protect the nation's vital digital assets.

Closing Summary

If you are worried about any of the threats outlined in this bulletin or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager, or alternatively Get in touch to find out how you can protect your organisation. 

Disclaimer

The Threat Intel Roundup was prepared by Integrity360 summarising threat news as we observe it, current at the date of publishing. It should not be considered to be legal, consulting or any other professional advice. Any recommendations should be considered in the context of your own organisation. Integrity360 does not take any political stance in the information that we share. Moreover, the opinions expressed may not necessarily be the views of Integrity360.

Need advice?

If you are worried about any of the threats outlined in this roundup or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please contact your account manager or fill in the form for a complimentary no-commitment consultation.

More detailed threat intelligence news?

If you’d like more detailed threat intelligence news, Integrity360 offers this as part of our security monitoring managed services.

We also offer a tailored threat intelligence monitoring service for your organisation that actively monitors for threat actors and campaigns of direct relevance to your organisation, brand damage, copycat & spoofed domains, credential leakage and dark web monitoring.

Security-first-stacked-logo4-No-Padding

Cyber Security Conference

STOCKHOLM | 17 October 2023

Integrity360's flagship conference Security First comes to Stockholm in 2023!

Join leading cybersecurity experts from across the community as we explore the latest threats and industry trends, and learn practical strategies to safeguard your organisation.