26 February 2021 | Asia Cyber Summary

Updated: May 19, 2021

In the Spotlight This Week:

  • Kia Motors hit with USD $20M ransomware attack

  • Clubhouse chats breached raising concerns over security

  • Hackers leak gigabytes of data stolen from international law firm Jones Day

  • North Korean hackers charged in massive cryptocurrency theft scheme

  • US healthcare breaches cost USD $13B in 2020

Kia Motors Hit With USD $20M Ransomware Attack

Kia Motors America has publicly acknowledged an “extended system outage,” with ransomware gang DoppelPaymer claiming it has locked down the company’s files in a cyberattack, demanding USD $20M in ransom demands.

The ransom note stated that the attack was on Hyundai Motor America, the parent company of Kia Motors America, and gave the company two to three weeks to pay up 404 Bitcoins (USD $20M). To add a sense of urgency, the threat actors warn that a delay in payment could result in the ransom being raised to USD $30M. The outage affected Kia’s mobile apps like Kia Access with UVO Link, UVO eServices, and Kia Connect, as well as self-help portals and customer support.

Clubhouse Chats Breached Raising Concerns Over Security

A week after popular audio chatroom app Clubhouse said it was taking steps to ensure user data couldn’t be stolen by malicious hackers or spies, at least one attacker has proven the platform’s live audio can be siphoned.

An unidentified user was able to stream Clubhouse audio feeds this weekend from multiple rooms into their own third-party website. The culprit behind the weekend audio theft built their own system around the JavaScript toolkit used to compile the Clubhouse application and jury-rigged the platform. The company says it has permanently banned the particular user and installed new safeguards to prevent another attack.

Hackers Leak Gigabytes of Data Stolen From International Law Firm Jones Day

Last month, hackers infiltrated a server used by Jones Day, one of the largest and most successful law firms in the world. After failed attempts to extort payment from the firm, the hackers uploaded gigabytes of highly sensitive data that were stolen in the attack. Jones Day denies that any of its own servers were compromised, but alluded to data being stolen during a larger hack that impacted multiple clients of a major file sharing service provider. The CLOP ransomware group that claims responsibility for the attack exploited vulnerabilities in FTA, an Accellion application used to transfer large files.

North Korean Hackers Charged in Massive Cryptocurrency Theft Scheme

Federal authorities stated that three North Korean computer programmers have been indicted for conducting a series of cyberattacks to attempt to steal and extort more than USD$1.3B in cash and cryptocurrency from financial institutions and companies. The programmers, part of a North Korean military intelligence agency, are also accused of creating and deploying multiple malicious cryptocurrency applications and developing and fraudulently marketing a blockchain platform.

The elaborate scheme also deployed repeated “spear-phishing campaigns” from 2016 through early 2020 that targeted employees of the U.S. Defense Department, State Department, and workers at US-cleared defense contractors, energy firms, aerospace companies, and tech firms.

US Healthcare Breaches Cost USD $13B in 2020

According to cloud security firm Bitglass, last year saw a double-digit surge in the volume of healthcare data breach incidents in the US, with over 26 million people affected. It revealed that incidents increased by over 55% on 2019 figures to reach 599 breaches in the sector, impacting over 26.4 million people.

The vast majority (67%) of breaches were caused by hacking and IT incidents stemming from external attackers. This category also accounted for larger breaches than the others, amounting to over 91% of compromised records. Although the number of victims dropped slightly from the 27.5 million recorded in 2019, the average cost per breached record increased from USD $429 to USD $499 over the period.

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.