Asian Telecom Cyberattacks, Kaspersky Ban Dilemma, CDK Cyberattack Disrupts Dealerships
Cyber awareness is the need of the hour, and that’s exactly why we keep coming back with the latest cyber incidents happening around the globe! Keep yourself updated about the ongoing trends in the cybercrime niche, implementing email authentication protocols like SPF, DKIM and DMARC and avert such mishaps by choosing knowledge over ignorance. Keep reading to know how China-based cyber espionage groups targeted Asian telecoms. Also, a recent cyberattack forced multiple car dealerships to stop functioning temporarily. Lastly, the Kaspersky ban by the government is messing up with the users, and they are finding it difficult to cope with the tight deadlines.
Here’s your cyber dose of the week!
Asian telecoms attacked by China-based cyber espionage teams
Multiple telecommunication operators across the Asia-Pacific belt were affected because of recent cyber espionage operations. They tip-toed into the network of these telecom companies and gained access to their credentials. These threat actors also leveraged custom malware to affect other operations of the telecom companies.
The note-worthy news is that all three cyber espionage groups—Mustang Panda, Nomad Panda, and Naikon—have a connection to China. They have used tools like Firefly, Fireant, and Neeedleminer to interfere with the operations of telecommunications operators.
Telecom companies are significant yet have vulnerable infrastructures that can be easily targeted by threat actors to exploit the treasure trove of data, such as locations, SMS messages, etc., and disrupt the entire communication system. Telecom operators experience huge traffic, which can be conveniently compromised by threat actors to make easy money.
Authorities are apprehensive of bigger cyber operations by China in the near future! If telecom infrastructure is affected, this can further impact vital infrastructure, thereby making other important sectors like finance, tech, insurance, and banking vulnerable.
These attacks are a grim reminder of how Asian nations are grappling with cyber issues at present. From Indonesia to Taiwan, each country is facing cyber attacks and is trying its best to get a hold of the situation.
Kaspersky ban puts users into a tricky situation
The Biden administration banned Kaspersky, the antivirus software. They cited national security concerns as a reason behind this sudden and bold move. As per government regulations, consumers must stop using the software before 29 September 2024, or else they won’t receive any protection, support, or updates.
This is the first-of-its-kind move taken by the government to ban cyber security software pertaining to reasons as grave as national security risk. The US Commerce Department believes that Kaspersky has a close tie with Moscow and that it can pass on sensitive user data to Russia, leading to serious consequences. The authorities are assured that Russia can weaponize this sensitive US data and leverage it to plan a blow to the US and its people.
The US has also put a restriction on any kind of business transactions between Kaspersky and US citizens or organizations.
Kaspersky, on its behalf, has said that this sudden ban is a result of the ongoing geopolitical climate, and that it’s a result of theories and is far from any kind of practicality. It believes that over all these years, Kaspersky has played a significant role in protecting the US interests from threat actors and cybercriminals.
From individual users to organizations, everyone is busy finding the next best alternative to Kaspersky within a tight timeline so that their priceless data and systems stay protected amidst all the ongoing chaos.
CDK cyberattack halted car dealership operations temporarily!
Wednesday, June 19th, was a complete chaos for thousands of car dealerships. They were forced to shut down because of an abrupt software cyberattack. This resulted in huge losses, as generally, it’s a peak sales time for automobile companies pertaining to the Juneteenth holiday.
The first shutdown happened sharp at 2 AM Eastern Time. While certain dealerships managed to continue with specific services because of available paper records, others had to shut down completely.
Threat actors compromised the functioning of CDK Global on Wednesday evening and Thursday morning. Because of this cyberattack, the software had to shut down, which further impacted the daily operations of car dealership companies.
CDK is in talks with experts and are keeping their customers in loop. Meanwhile, for playing it safe, they have shifted the systems offline.
CDK will run extensive tests on all its applications, and once it gets a green signal, it will eventually bring the systems online again.
Roger Grimes from KnownBe4 believes that this was a ransomware attack on CDK. He wants CDK to investigate the current situation because of which the attackers were able to penetrate deep into the system. That’s the only way to prevent similar instances in the future.