Cybersecurity Consulting
September 26, 2023
8 minute read
The cybersecurity sector was sizzling in September. From high-profile cyberattacks resulting in severe data breaches, to new cyberattack techniques and vectors, there’s a lot to cover from September, so let’s jump right in.
In this month’s cybersecurity news report and recap, DOT security is going to take a look at the developing Sony data breach as it unfolds, investigate the Apple zero-click malware, and explore the Clorox bleach data breach.
Learn about how you can protect your network and your organization from the most recent cyberthreats to surface in DOT Security’s Infographic: The Layered Cybersecurity Defense.
Sony Group Corporation is one of the world's best known and largest video game companies with a market share of just under 25% according to CSI Market, and they’re also being targeted by a new cybercriminal organization, RansomedVC.
Even if you’re familiar with cybercrime and stay up to date with the latest headlines, RansomedVC might not ring a bell. That’s because they’re literally new as of this month, September 2023. As newcomers to the cybercrime scene, they’re trying to make a name for themselves right out of the gate by targeting Sony Group Corporation.
On September 25th, it was reported that RansomedVC made claims of breaching, “all of Sony’s systems” on their dark web leak site – the post can be seen here. While RansomedVC was hoping for a big payday from Sony Group Corporation, but are now hoping to sell the data to the highest bidder. If they don’t get any bites, they’ve threatened to post the data publicly on September 29th.
Sony is right not pay the ransom, and several experts including David Hollingworth of Cybersecurity Connect have speculated that the proof of breach the ransomware group has provided is not indicative of a full breach, as has been claimed.
In addition to the claims of the data breach itself, RansomedVC also states they will report victims for General Data Protection Regulation (GDPR) violations.
Only time will tell if RansomedVC decides to post whatever data they have, but even if they do, we at DOT Security believe it was the right move for Sony Group to deny the ransom payments.
Two of the largest casino operating groups, Caesars and MGM, were hit by successful cyberattacks in September. ALPHV and Scattered Spider are the two groups taking responsibility for these attacks, and it’s been confirmed that Caesars decided to shell out a $15 million ransom payment.
The ransom payment decision was made swiftly, and for a casino operating with billions of dollars per year, it might not seem like that big of a dent. However, by paying the ransom, there are long term cybersecurity implications that Caesars has to consider.
While the ransom payment did allow Caesars to return to operations swiftly, there’s no real guarantee that the data was deleted by the threat actors, and it could create a market for additional cyberattacks.
MGM, on the hand, outright refused to pay any ransom and instead took a hit in terms of downtime. MGM was hit with 10 days of downtime equating to tens of millions of dollars in lost revenue. In the grand scheme of things, for an organization as intensely complicated as MGM, 10 days of downtime is a relative win for their incident response team.
Additionally, it’s likely that MGM took the opportunity to conduct a full internal review of their cybersecurity posture and protocols, which could leave them in a stronger, less vulnerable position moving forward.
While Apple is often regarded as offering one of the more secure operating systems on the market, the technology company rushed out three emergency security updates over September in response to a series of zero-day attacks including a new-aged cyberthreat known as a zero-click attack.
The zero-click attack is especially noteworthy because threat actors were able to exploit and infect fully patched iPhones with malware without any victim interaction whatsoever.
While most phishing attacks and social engineering scams require a user to click on a malicious link, a zero-click attack bypasses this step completely, making it much more dangerous. The emergency patches rolled out by Apple have addressed the vulnerabilities, but the development of a zero-click attack is well worth monitoring.
The household cleaner producer Clorox had its systems compromised back in August, but they’re still feeling the effects a month later, and predict it’s going to impact their 2024 Q1 reporting.
The breach has apparently damaged the companies IT systems which are also creating product shortages, and other operational roadblocks. As such, Clorox is expecting to see a material financial impact through the near future as they work to get systems back up and running at 100% again.
It’s worth noting that the full impact of the breach has yet to be determined. Clorox is being hit hard in the market, as they’ve seen their stock drop nearly $25/share since reporting the incident.
No matter what industry you’re in or how grand your business becomes, cyberthreats are becoming more common and more sophisticated each and every year, if not every week. With that in mind, it’s vital that organizations start considering cybersecurity posture as a top priority.
Stay on top of the latest headlines and stories with DOT Security’s monthly report.
The best way to address cybersecurity in today’s day and age is through a layered approach that gives you multiple defense systems that work together to identify, isolate, and neutralize cyberthreats. Learn more in DOT Security’s Infographic: The Layered Cybersecurity Defense.