The festive season of Christmas 2023 has unfortunately become a prime time for cyber-criminals to unleash a wave of cyber attacks, with incidents occurring globally every two hours.
In a recent development, Iran’s petrol stations found themselves under siege from a sophisticated cyber attack orchestrated by a group of hackers known as Gonjeshke Darande, translating to “Predatory Sparrow” in Farsi. Reports from Iran’s state media indicate that nearly 70% of fuel stations, along with a couple of steel factories, a rail network, and a technology company, fell victim to these digital assailants opposed to the activities of the Islamic Republic. Jawed Owli, the Minister for Oil, has warned that the intensity of these attacks may escalate as the year 2023 draws to a close.
Adding to the cybersecurity concerns, VF Corp, a major American retail giant specializing in apparel and footwear, has fallen prey to a cyber breach. With subsidiaries like The North Face and Vans gearing up for the annual Christmas rush, a digital assault at this critical juncture could have detrimental effects on the company’s current and future business plans. While VF Corp has not explicitly labeled the incident as a ransomware attack, it admitted in its latest filing to the SEC that a significant portion of data on its servers was encrypted, and the attackers were demanding a substantial ransom.
In a separate incident, Washington County issued a press statement revealing that state-funded hackers attempted to breach its systems last Sunday. Fortunately, the county’s IT staff successfully thwarted all 64,000 attempts by the criminals to steal email IDs and sensitive data, ensuring the security of the county’s digital information.
Xfinity, formerly known as Comcast Cable Communication LLC, has raised alarm bells by disclosing a potential compromise of some of its systems between October 16th and 19th of this year. The hackers may have gained unauthorized access to critical details such as usernames, passwords, and contact information. According to the company’s press release, the breach occurred through a security vulnerability in Citrix systems, potentially allowing the hackers access to usernames and encrypted passwords, which could be decrypted using open-source software. Customers are strongly advised to change their passwords, and law enforcement authorities are actively investigating the extent of the impact.