Silobreaker Daily Cyber Digest Digest – 29 Feb 2016
Global Security Hackers
Associated with Anonymous Philippines, Global Security Hackers defaced the official website of the University of Santo Tomas Hospital.
The hospital’s site was attacked because one of its doctors denied entry to a pregnant woman in labour who could not afford delivery costs. The lack of treatment resulted in the baby’s death.
CTB ransomware returns
After a period of dormancy, there has been a resurgence of the CTB/Critroni ransomware. The new version is signed with a stolen certificate and has now begun targeting websites and displaying a ransom note on the main pages of compromised sites.
CTB stands for Curve-Tor-Bitcoin. The ‘Curve’ is based on the ransomware’s use of Elliptic Curve Cryptography (ECC) rather than the prime factorisation method used by the standard RSA-type public key algorithm. This allows CTB to encrypt data more efficiently while maintaining a similar, if not higher, level of security.
TruthSec Hacker Group
A small hacktivist division of Anonymous have made headlines after targeting a Miami police officer who they believe has been acting unjustly in recent weeks.
TruthSec leaked the private information of Javier Ortiz after he encouraged an online harassment campaign against Miami citizen Claudia Castillo. The officer in question posted Mrs Castillo’s private information on social media sites and encouraged people to engage in acts of harassment.
TruthSec responded by releasing a list of Mr Ortiz’s personal details, and engaged in DDOS attacks and nuisance phone calls to make their point.
A very low tech incident but further evidence of Anonymous’s desire and willingness to engage in social justice campaigns.
German Hospital Ransomware Attacks
In a recent blog post, we highlighted that cyber criminals who use ransomware to target essential services are pursuing a highly lucrative line of business. By targeting organisations that are utterly dependent on the availability of their systems, cyber criminals put themselves in a strong bargaining position.
Three German hospitals found their systems compromised by an unidentified ransomware over the weekend. All three hospitals are located in the state of North Rhine-Westphalia and claim to have minimised the damage by quickly isolating the infected machines. Thanks to conscientious system back-ups, are currently working to restore all affected files.
In this instance it appears that the hospitals have managed to prevent file loss and avoid financial repercussions, although it does remain possible that a ransom will have to be paid. As always, system back-ups are the single best protection against ransomware attacks.
The Silobreaker Team