Thursday 6th June 2024

Good morning everyone and many thanks for joining me for today's installment of Cyber Daily. In today’s edition, we look into the digital battleground where cybercriminals are making headlines.

First, TikTok scrambles to secure accounts after a targeted attack on celebrities and brands. Next, London's NHS hospitals face unprecedented challenges following a crippling ransomware strike.

Finally, a Victorian logistics firm reels from a major data breach, with hackers claiming to have seized a trove of sensitive information.

TikTok Tackles Cyber-Attack on Celebrity and Brand Accounts

TikTok is in the spotlight after addressing a cyber-attack targeting high-profile accounts, including those of Paris Hilton and CNN. The social media giant confirmed that only a "very limited" number of accounts were compromised and is actively working to restore access for affected users.

Despite Paris Hilton's account being a target, it was not compromised. However, CNN's account did suffer a breach. TikTok is collaborating with CNN to restore access and enhance security measures to prevent future incidents.

The timing of this breach is critical as TikTok faces potential bans in the US unless it divests from its Chinese parent company, ByteDance. The platform's data security practices and ties to Beijing have been under scrutiny, particularly as it becomes a pivotal space for political campaigning in the upcoming US elections.

Both Donald Trump and Joe Biden are leveraging TikTok for their campaigns, with Trump quickly gaining over five million followers, significantly outpacing Biden's 350,000.

Maintaining Security: TikTok has reiterated its commitment to platform integrity, ensuring continuous monitoring to prevent further unauthorized activities.

Russian Cybercriminals Disrupt London NHS Hospitals

A ransomware attack by Russian cybercriminals has severely impacted major London NHS hospitals, disrupting operations and tests. Ciaran Martin, former chief executive of the National Cyber Security Centre, identified the culprits as Qilin, a notorious Russian hacking group. The attack targeted Synnovis, a pathology services firm, leading to a critical reduction in hospital capacity.

Hospitals, including King’s College, Guy’s and St Thomas’, and Evelina London children’s hospital, declared a critical incident, resulting in the cancellation of operations, tests, and blood transfusions.

Disruptive Impact: Unlike data theft for extortion, this attack rendered systems inoperative, causing serious disruption to healthcare services. Restoration efforts are underway, with Synnovis and NHS IT experts assessing the damage.

Government Stance: While the UK government maintains a policy against paying ransoms, Synnovis may choose to pay to expedite recovery. Health Secretary Victoria Atkins emphasised patient safety and service resumption as top priorities.

The National Cyber Security Centre and NHS officials are investigating the incident, while Synnovis has reported it to the police and the information commissioner.

Victorian Freight Specialists Hit by Major Data Breach

Victorian Freight Specialists, a logistics firm in Victoria, Australia, has fallen victim to a significant data breach by the notorious hacking group GhostR. The hackers claim to have exfiltrated 846 gigabytes of sensitive data from the company's servers, including corporate, accounting, sales, customer, agent, and freight databases.

GhostR announced the breach on a clear web hacking forum, stating that they infiltrated the firm's server networks on May 26, 2024. Although a link to sample data was initially provided, it has since been removed. However, GovInfoSecurity verified that the leaked data includes internal SQL database records and logon screen screenshots.

Victorian Freight Specialists, based in Dandenong, Victoria, serves regional Victoria and southern NSW. The company's website is currently down, though it is unclear if this is related to the breach.

GhostR's Track Record: The hacking group has been linked to several high-profile breaches, including attacks on Cooler Master, PhyaThai Hospital Group, Thai Beverage PLC, and the Metro Group of Hospitals in India.

As of now, Victorian Freight Specialists has not commented on the breach, but the incident highlights the increasing threat of cyberattacks on businesses.