UK Cybersecurity Center Issues ‘The Dark Overlord’ Alert [source:databreachtoday]
by CIRT Team
Want to stop the latest cybercrime bogeyman? Then for the umpteenth time, put in place well-known and proven strategies for repelling online attacks.
That’s one takeaway from a recent threat report issued by Britain’s National Cyber Security Center. Based on open source reporting, the alert calls out a trio of attack campaigns: phishing emails that pretend to be speeding tickets but which instead deliver malware; attackers using stolen or fraudulently obtained digital certificates to “sign” malware; and the cybercrime-extortion group known as the “The Dark Overlord,” which continues to hack into organizations’ websites, hold data for ransom and cause chaos.
“The Anonymous attacks hold up a mirror to our neglect.”
The Dark Overlord is especially pernicious, as seen by how the group has shaken down Hollywood studios, leaked data stolen from healthcare clinics as well as threatened schoolchildren’s parents in Montana and Iowa, leading some school districts to suspend classes (see Cyber Ransom Group Hits Soft Targets: US Schools).
“The group has a history of hacking organizations to obtain sensitive information before demanding money in exchange for not leaking it into the public domain,” according to the alert from NCSC, which includes Britain’s computer emergency response team, CERT-UK. “They leak snippets of data to the media to encourage them to report on their activity. This is aimed at ‘proving’ that a breach has taken place, and increases the pressure on the victim to pay the ransom.”
For more, click here.