11 June 2021 | Asia Cyber Summary

Partner Feature: Pandamatics Underwriting


How Does Cyber Insurance Work?

Protecting your business from cyber risk is critical to ensuring optimal, ongoing performance and limiting losses in the event of a crisis. A cyber insurance policy can act as a risk transfer tool, covering the costs associated with incident response and recovery following a cyber-related security breach.


When considering a cyber insurance policy, it is important to understand the following:

  • What specific costs are covered by a cyber insurance policy?

  • Once I purchase a cyber insurance policy, when should I use it?

  • What happens when I activate my cyber insurance policy?

Our partners at Pandamatics Underwriting explore the above questions to provide you with key insights on cyber insurance and policy activation.

Read more here.


In the Spotlight This Week:


  • Tokyo Olympics: Tokyo Games organizers hit by data breach

  • Alleged REvil member says gang has no fear over U.S. government’s major ransomware focus

  • US media group hit by ransomware attack

  • RockYou2021: Largest password compilation of all time leaked online with 8.4 billion entries

  • Feds recover millions from pipeline ransom hackers, hint at U.S. internet tactic

  • ANOM: Hundreds arrested in massive global crime sting using messaging app



Tokyo Olympics: Tokyo Games Organizers Hit By Data Breach


Personal information was leaked from the database of about 170 people who are involved in security management and have participated in a drill hosted by Japan’s national cybersecurity center. The data leak took place because of unauthorized access to an information-sharing tool developed by Fujitsu Ltd. The government agencies including the foreign and transport ministries have said at least 76,000 email addresses of government officials and external parties, such as members of panels were breached.



RockYou2021: Largest Password Compilation Of All Time Leaked Online With 8.4 Billion Entries


What seems to be the largest password collection of all time has been leaked on a popular hacker forum. A forum user posted a massive 100GB TXT file that contains 8.4 billion entries of passwords, which have presumably been combined from previous data leaks and breaches.


According to the post author, all passwords included in the leak are 6-20 characters long, with non-ASCII characters and white spaces removed. The same user also claims that the compilation contains 82 billion passwords.


The compilation itself has been dubbed ‘RockYou2021’ by the forum user, presumably in reference to the infamous RockYou data breach that occurred in 2009. Considering the fact that only about 4.7 billion people are online, numbers-wise the RockYou2021 compilation potentially includes the passwords of the entire global online population almost two times over. For that reason, users are recommended to immediately check if their passwords were included in the leak.



Feds Recover Millions From Pipeline Ransom Hackers, Hint At U.S. Internet Tactic


The United States has recovered much of the ransom payment the Russian hacker group DarkSide extorted from Colonial Pipeline this year, the Justice Department said Monday. The announcement details a rare disruption of the cryptocurrency payment systems favored by hackers that have enabled ransomware efforts around the world.


The FBI was able to seize control of DarkSide's proceeds by gaining access to a central account holding about 63.7 bitcoins, worth around $2.3 million, Deputy Director Paul Abbate said. A court document said that the seizure took place in Northern California, putting it within reach of U.S. law, and that the FBI was able to access the "private key," or password, for one of the gang's bitcoin wallets. It was unclear how the key was compromised.



US Media Group Hit By Ransomware Attack


Cox Media Group, which owns 57 TV and radio stations across 20 American markets, appears to have been hit by a ransomware attack. According to reports, the attack is said to have hit internal networks and all the group’s streaming capabilities. The attack follows what was described as the “biggest-ever” attack on an Australian media company earlier this year. In March broadcaster Nine was forced to abandon its Sydney newsroom and revert to using whiteboards and moving production staff to other cities following a cyber-attack.



Alleged REvil Member Says Gang Has No Fear Over U.S. Government’s Major Ransomware Focus


A notorious ransomware gang says it’s no longer trying to avoid targets that are based in the United States, and despite the heightened focus from lawmakers, the group says it’s doubling its focus on U.S. targets.


In a short interview posted to the Russian OSINT Telegram channel that has since been deleted, an alleged representative of the REvil ransomware gang said the group was behind the attack on global food processing company JBS, but expected the damage to be contained to Brazil, since the company’s headquarters is based in São Paulo. The spokesperson said it had tried to avoid U.S. companies at large since the Colonial Pipeline ransomware incident. Despite the scrutiny, the alleged representative said the attention has left the gang unfazed.



ANOM: Hundreds Arrested In Massive Global Crime Sting Using Messaging App


More than 800 suspected criminals have been arrested worldwide after being tricked into using an FBI-run encrypted messaging app, officials say. The operation, jointly conceived by Australia and the FBI, saw devices with the ANOM app secretly distributed among criminals, allowing police to monitor their chats about drug smuggling, money laundering and even murder plots. Officials called it a watershed moment. Targets included drug gangs and people with links to the mafia.



Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.