The realm of cybersecurity is indeed dynamic, exciting, and continually evolving, and this week has been no exception. From Dollar Tree’s data breaches to the Russian Aviation hack, here’s the latest scoop on cybersecurity around the world.
US Government Imposes Sanctions on North Korea’s Kimsuky Hacking Group
The Treasury Department Office of Foreign Assets Control (OFAC) recently sanctioned the Kimsuky cybercriminal group.
The North Korean-backed hacking group stole intelligence in support of the country’s goals and faces sanctions along with 8 North Korean agents that facilitated the evasion and support of said country’s Weapons of Mass Destruction (WMD) programs. The threat actor group has been active since 2012 and has been insubordinate to the UN and US-designed Reconnaissance General Bureau (RGB).
The hacking group started by targeting South Korean government entities almost a decade ago, along with think tanks and experts, gradually extending operations to other nations like the US, Russia, Europe, and the UN. Kimsuky works with the goal of harvesting intelligence regarding foreign policies and national security that concern the Korean peninsula.
The OFAC also sanctioned 4 Korean entities in May that were involved in illicit IT work schemes and cyberattacks designed to generate revenue for the Democratic People’s Republic of Korea’s (DPRK) WMD programs.
Ukraine Claims Responsibility for Hacking Russian Aviation Agency and Leaking Data
Ukrainian intelligence has claimed that they have hacked Russia’s Federal Air Transport Agency.
The name of the Russian air agency is Rosaviatsia, and it is responsible for handling Russia’s civil aviation industry. Ukrainian intelligence announced that they breached the agency and stole multiple documents. They also concluded that the Russian aviation sector is suffering due to sanctions and aircraft repairs.
Western sanctions on spares and software updates have hampered aircraft maintenance and the operators have been forced to dismantle older aircraft and use their parts to keep the newer fleets operational. What makes the news stand out is that it is the first case of a country openly admitting to a state-level hack.
The data obtained was leaked on a file-sharing site and highlighted the scenario of Russian aviation’s one-and-a-half-year struggle. It shared reports of 185 accidents, a tripling of aircraft malfunctions over the time period, failures in Russia’s 220 Airbus planes, and much more.
Dollar Tree Faces Third-Party Data Breach Affecting 2 Million Individuals
The discount store chain Dollar Tree suffered a third-party data breach following the hack of service provider Zeroed-In Technologies.
Images sourced from winston.com
Dollar Tree has stores 23,000 stores in Canada and the US, making this breach a significant one. The data breach affected 1,977,486 people. Zeroed-In, the organization’s service provider, suffered a security incident in August 2023 where threat actors managed to make away with data. The data contained the personal information of Dollar Tree and Family Dollar employees, which the threat actors have now used to steal more information.
The investigation is still ongoing. The information that was stolen includes names, birth dates, and Social Security Numbers (SSNs). The affected individuals are being notified via emails that also include instructions on how the victims can enroll in year-long identity protection and credit monitoring.
Other customers of the third-party service vendor have also been impacted by the data breach so it would be best to look around and exercise caution, especially with enhanced phishing protection measures. Consider bolstering your defenses further with comprehensive phishing awareness training to ensure a proactive approach to security.
Google Drive Users Express Frustration After Losing Months of Stored Data
People using Google Drive are reporting that their recent files have disappeared, and the cloud service has reverted to an older snapshot.
The issue started appearing in forums last week. The people described how their data is getting lost, and folder structures are changing back to how they were in April-May 2023. The activity logs do not show any recent changes, which means that this was not done accidentally by the users.
However, there is a problem with the service’s system. The organization’s volunteer support posted a response claiming that they are investigating the issue. A fix is not yet available to the public. For those who have been affected, Google outlines that they should avoid making changes to the root/data folder until the fix is available.
Many individuals are frustrated by the loss of important data, as many of these were paying for the drive. Until a permanent solution comes out, it would be best to back up important files locally and contact Google Support.