Global Cyber Pulse: 05 November, 2024

November 5, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Schneider Electric is investigating a breach in its internal tracking system, while Nokia examines a potential data leak following a source code theft claim; meanwhile, the U.S. Cyber Agency evaluates minor election-related threats, Columbus, Ohio, reports a ransomware attack exposing data of 500,000 residents, and AI-driven cyber threats emerge as a top security concern for enterprises.

Stay updated on cybersecurity’s latest developments—from AI-driven threats and ransomware breaches to election security and corporate data hacks.

Schneider Electric Investigates Cyberattack on Internal Tracking Platform

French multinational Schneider Electric confirmed a cyber incident, involving unauthorized access to an internal project execution tracking platform.

The breach was attributed to the HellCat ransomware group, a relatively new player that claimed to have accessed Schneider Electric’s Atlassian Jira system and exfiltrated 40GB of data, demanding a $125,000 ransom.

This is the second cyber event Schneider has faced this year.

In January, the company’s Sustainability Business division experienced a ransomware attack impacting its Resource Advisory product. Schneider’s incident response team is actively investigating the latest incident as the group threatens to release the stolen data.

Nokia Probes Possible Data Breach Following Hacker’s Source Code Claim

Nokia is investigating a potential data breach involving a third-party vendor after a hacker claimed access to Nokia’s source code.

While the company acknowledges the allegation, its initial findings reveal no impact on its internal systems or data. Nokia has stated it is closely monitoring the situation, emphasizing its commitment to security and data protection.

U.S. Cyber Agency Assesses Low-Level Threats Ahead of Election Day

CISA, the Cybersecurity and Infrastructure Security Agency, assured that U.S. election systems remain secure despite minor incidents, including low-level distributed denial-of-service (DDoS) attacks and threats to election officials.

Director Jen Easterly affirmed that these events have not impacted election infrastructure, with no evidence of activity capable of altering the election outcome. The agency also noted a rise in disinformation efforts, particularly on social media, as the election approaches.

Columbus, Ohio, Ransomware Attack Exposes Data of 500,000 Residents

The City of Columbus recently notified 500,000 residents of a potential data breach following a ransomware attack by the Rhysida group in mid-July 2024.

Initially, the city believed only corrupted data was taken, but later findings confirmed data exfiltration. The Rhysida group claims to have stolen 6.5 TB of data, releasing 3.1 TB on the dark web after unsuccessful ransom negotiations, marking one of the most substantial public sector breaches in recent times.

UK Councils Targeted in DDoS Attacks by Pro-Russian Hackers

UK councils faced multiple DDoS attacks this week, with pro-Russian group NoName057(16) taking credit for the disruption. Local authorities, including Middlesbrough, Salford, Bury, and Trafford councils, were affected, resulting in intermittent access issues for users.

The National Cyber Security Centre (NCSC) provided guidance, noting that while DDoS attacks are typically low in sophistication, they can disrupt public access to online services.

AI-Driven Attacks Emerge as Top Cyber Risk for Enterprises

A recent report from Gartner highlights AI-driven cyberattacks as the leading emerging risk for enterprises in Q3 2024. Other notable risks include the criticality of IT vendors and an uncertain regulatory landscape influenced by geopolitical events.

The increasing reliance on third-party SaaS providers, which often depend on other vendors, has heightened exposure to cybersecurity risks, raising concerns about organizational resilience and preparedness in the face of evolving cyber threats.