Europol DDoS Operation, Texas Data Breach, Dubai Police Impersonated
Christmas is around the corner, and cyber attackers are more active than ever during this holiday phase. Cybersecurity experts have urged companies as well as individuals to stay extra vigilant in order to avoid cyber mishaps. To help you enhance your cybersecurity mechanisms and prepare you for any kind of cyberattack, we are back once again with our weekly dose of cyber news. This week, we will talk about Europol’s Operation PowerOFF, the massive medical data breach in Texas, and the major impersonation crisis in Dubai.
Without much ado, let’s get started!
Europol carries out Operation PowerOFF to nab holiday DDoS threat actors!
Operation PowerOFF, an international operation coordinated by Europol and 14 other nations, has managed to seize 27 top web platforms that used to carry out DDoS attacks. The operation still continues. However, this latest development is one of the biggest achievements so far in terms of cybersecurity. So far, 3 main administrators across Germany and France have been arrested.
As many as 300 other threat actors have been identified. 3 “Stresser” and “Booster” websites (starkstresser.net, zdestresser.net and orbitalstress.net) have been taken down. The reason behind taking down these websites is their illegitimate usage by threat actors to facilitate malicious attacks. Authorities, at present, are aiming to dismantle these services and disrupt the entire cyberattack ecosystem to put an end to illegal practices.
The ongoing holiday season is a crucial time for both attackers and cybersecurity experts. Threat actors have been carrying out DDoS attacks, resulting in reputation damage, disrupted operations, and financial loss.
In order to spread awareness, law enforcement teams are using Google and YouTube ad campaigns to prevent individuals from being involved in any type of cyber illegitimacy, such as DDoS. Also, they are emphasizing the aftermath of such malicious attacks. Warning letters, emails, and knock-and-talk campaigns are also on the cards.
1.4 million patients impacted by a massive data breach in Texas!
Threat actors have targeted Texas Tech University’s Health Sciences Centers (HSCs) in El Paso and Lubbock. This massive data breach has affected the data of 1.4 million patients. The attackers have gained access to medical, financial, and personal data. Now, all of these patients are exposed to chances of identity theft and social engineering attacks in the future. The threat actors had complete access to the medical data of all the patients between September 17 and 29, and created specific files and folders from HSC’s network.
Experts believe that the social care and health sector has become a prime target of cyber attackers because of the plethora of data available at these places. The sensitive nature of this data makes things worse, enabling threat actors to intensify the pressure on victims.
Interlock, a notorious ransomware group, has claimed responsibility for the cyberattack by posting images of stolen documents on the dark web.
The HSCs are, at present, informing all the affected patients and urging them to consistently monitor their bank accounts and credit reports to identify any kind of suspicious activity. Everyone is hoping that Texas Tech University will take apt measures to contain the damage and mitigate the cyberattack. Experts believe organizations are still not matching pace with the rate at which perpetrators are breaking into systems and networks.
Fraudsters impersonated Dubai police for malicious purposes!
Threat actors have recently started targeting naive mobile users by impersonating Dubai police. Every day, the cyber attackers send out thousands of text messages. Of late, there has been a sudden surge in the phishing attacks that involve purported police communications.
The text messages compel unsuspicious mobile users to click on malicious links. The messages often involve alleged legal trouble and carry a sense of urgency. When a naive user clicks on the malicious URL, they are redirected to fake websites that are specially designed to capture the sensitive data of these users.
The attackers pay attention to details such as official logo, branding, tone of messages and so on in order to gain the trust of the users. The target of this attack is mainly the UAE citizens, especially the ones who are more likely to respond to legal messages and have limited knowledge of the digital world.
Threat actors have very calculatively impersonated the Dubai police branding in order to sound genuine and establish a sense of credibility. Experts believe that these groups of attackers have extensive knowledge of social engineering techniques and psychological manipulation.
In the past two years, 87% of UAE companies have experienced cyber attacks in one form or another. Rapid digitization, an affluent population, and easy internet access are factors that contribute to the increasing incidence of threat attacks in the UAE.
The attackers behind the Dubai police impersonation incident have been using a domain generation algorithm or DGA to carry out the fraud.
Implementing SPF, DKIM, and DMARC can help organizations strengthen their email security, preventing impersonation attacks like those seen in Dubai and protecting sensitive data from cyber threats during the holiday season.