Week of May 3rd, 2024

Week of May 3rd, 2024

Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.

Here are this week’s top takeaways:

Volkswagen Hacked, Over 19,000 Documents Stolen. Here’s What We Can Learn From This Cyber Incident

Volkswagen, one of the world’s leading automotive manufacturers, has fallen victim to a sophisticated hacking operation in a significant cybersecurity breach. Investigations suggest that the cyberattack originated in China, raising concerns over international cyber espionage and its implications for the global electric vehicle (EV) industry.

The cyberattack on Volkswagen was first detected last week. Still, details of the incident have only recently come to light following investigations first published by German broadcaster ZDF’s frontline journalism team and publication Der Spiegel .

Hackers allegedly infiltrated Volkswagen’s computer systems and siphoned gigabytes of sensitive data related to the company’s electric mobility efforts and other core operations. Volkswagen managed to recover files the hackers had sent to their servers and then deleted them. In total, the threat actors are said to have stolen an estimated 19,000 documents.

The documents reportedly list “identified targets”, including:

  • The development of gasoline engines
  • Transmission development

This attack was likely a ransomware attack. In 2023–and, by extension, this year so far–experts in the field of cybersecurity have seen that:

  • The average ransomware payment is increasing by 82% year-over-year
  • Businesses fall victim to a ransomware attack every 14 seconds
  • Ransomware has become one of the most popular forms of cyberattacks, growing 350% since 2018
  • The average cost of a ransomware attack in 2023 is $1.85 million
  • By 2031, a ransomware attack is predicted to happen every two seconds
  • Ransomware accounts for 10% of all security breaches worldwide
  • On average, ransomware-related breaches took 49 days longer than other types of breaches to identify and contain

When it comes to being the target of a cyberattack, it’s not a matter of “if”–it’s a matter of “when.” And in the fight against threat actors, offensive security is power.

London Drugs Stores Remain Closed Post-Cyberattack

All London Drugs stores remained closed across Western Canada on Tuesday morning, two days after the British Columbia-based company announced it was dealing with a "cybersecurity incident."

The retail and pharmacy chain,?which has more than 80 stores across B.C., Alberta, Saskatchewan and?Manitoba, said it closed its stores "out of an abundance of caution" while it employed experts to investigate the incident.?

"Our investigation is currently assessing the extent to which any data has been compromised in the incident.?In the event our investigation determines that personal information was impacted, we will notify affected individuals in accordance with privacy laws," a representative's statement read. The company’s statement goes on to say that its investigation so far shows no evidence that customer databases have been compromised, including for pharmacy patients and its LDExtra members.?

Lastly, the statement notes that the impact of the breach on operations has been significant, and that the restoration process will continue to be rigorous.?The retailer has offered no timeline for when its stores may reopen.?

WordPress Plugin Flaw Exposes 10k+ Websites to Cyberattacks?

A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting over 10,000 active installations.? This Arbitrary Options Update vulnerability (CVE-2024-3895) has been assigned a CVSS score of 8.8, indicating a high severity level.

This vulnerability could be exploited by authenticated attackers with subscriber-level access and above to update arbitrary options, which can be easily leveraged for privilege escalation.

Such an attack could allow threat actors to create administrator accounts, posing a significant risk to affected websites.

Although WordPress is prone to miscellaneous attacks, there are best practices that can help maintain WordPress security :

  • Maintain traffic encryption through an SSL certificate: It is a good practice to enable an SSL certificate for your WordPress website. It will help visitors securely connect and browse the website. It also shows that website owners or companies take user data security seriously. SSL also adds significant value in terms of SEO
  • Keep your site up to date: Keeping all plugins and themes associated with your website and WordPress up to date is an excellent practice. It will protect your WordPress website from security vulnerabilities and emerging threats
  • Leverage a reputable security plugin: Web managers and owners must incorporate and configure a reputable security plugin to monitor any suspicious activity on the website. Wordfence or iThemes Security are two well-known security plugins that provide an extra security layer
  • Limit login attempts: Web developers associated with WordPress website development must secure user accounts by limiting the number of login attempts. It will eliminate brute force attacks, credential stuffing, and other password-based attacks
  • Keep regular backups of websites and their user data: Another tip that security researchers recommend for WordPress security is to keep a point-in-time backup of all the data, content, structure, and configurations associated with the website in an isolated system

If you’re seeking a third-party company to help you secure your WordPress website with a comprehensive web application security penetration test, contact our team here at Packetlabs.

要查看或添加评论,请登录

社区洞察

其他会员也浏览了