Global Cyber Pulse: 12 November 2024

November 12, 2024 | Cybersecurity

Global cybersecurity threats continue to escalate in 2024, impacting major organizations like Food Lion, Amazon, and critical infrastructure sectors, as new ransomware tactics, DDoS attacks, data breaches, and public-private collaboration efforts highlight the need for advanced cyber resilience and coordinated defense strategies.

Stay tuned more global updates with 63SATS’ Global Cyber Pulse.

Cyberattack on Food Lion’s Parent Company Impacts Customer Payment Processing

Ahold Delhaize USA, the parent company of Food Lion, announced a cyberattack on its U.S. network, impacting systems across several of its grocery chains, including Food Lion, Giant Food, Hannaford, and Stop & Shop. Although the specific details of the attack remain undisclosed, customer transactions were affected, with some Food Lion stores unable to process card payments, temporarily restricting transactions to cash. The Food Lion To-Go app also experienced disruptions, highlighting the attack’s potential operational impacts.

In an official statement, Ahold Delhaize stated that upon identifying the breach, its security teams, supported by external cybersecurity specialists, launched an immediate investigation and notified law enforcement. To protect its systems, the company took certain network functions offline, likely contributing to the temporary limitations on store services. The investigation is ongoing as the company works to resolve the issue and restore full service.

Amazon Confirms Employee Data Exposure Due to Vendor Security Breach

Amazon confirmed that a data breach affecting its employee information was linked to a vulnerability in its property management vendor’s system. The breach, part of a broader cyber incident involving the MOVEit file transfer system, exposed Amazon employee email addresses, phone numbers, and work locations. The breach report by cybersecurity firm Hudson Rock indicated that the data appeared on a hacking forum, along with similar information from 25 other companies, including MetLife, HP, HSBC, and Canada Post.

Hudson Rock’s findings suggest the data exposure is just a portion of a larger breach, which may trace back to a MOVEit vulnerability initially disclosed in May 2023. The incident adds Amazon to a growing list of organizations affected by this exploit, including prominent entities like the BBC, British Airways, and the U.S. Department of Energy. Amazon is actively assessing the breach’s impact and working with its vendor to enhance security measures.

WEF Releases Cybersecurity Framework to Strengthen Global Collaboration

The World Economic Forum (WEF) has unveiled a new cybersecurity framework designed to improve collaboration between the public and private sectors in combating cybercrime. Inspired by the success of operations like the takedown of the LockBit ransomware group and Operation ‘Trust No One,’ the framework emphasizes three core pillars for cooperation: a clear mission, impactful outcomes, and peer-to-peer learning.

The WEF framework encourages organizations to focus on mission-driven partnerships that provide measurable impacts, bolstered by regular feedback loops and communication channels for public recognition. The goal is to motivate ongoing engagement by showing tangible improvements in cyber-resilience. By formalizing these elements, WEF aims to create a global strategy to address cybercrime, leveraging cybersecurity as both a risk management tool and a value creator for businesses.

Suspected DDoS Attack Disrupts Israeli Payment Terminals Nationwide

A suspected Distributed Denial-of-Service (DDoS) attack disrupted thousands of credit card terminals across Israeli gas stations and supermarkets early Sunday morning. Credit Guard, the company managing the security of these devices, reported a temporary outage lasting about an hour. Although initially feared to be part of a broader cyber incident, Credit Guard later clarified that the attack primarily affected communication suppliers.

In a statement, Credit Guard explained that the company quickly contained the attack, and systems returned to normal operation. Coordinating with local security agencies, the company has since implemented additional safeguards to prevent further disruptions. DDoS attacks on payment infrastructure raise growing concerns about vulnerabilities in financial and retail systems, prompting calls for strengthened defenses across critical services.

CISA Issues Urgent Alert on Vulnerabilities in Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued several warnings about vulnerabilities in industrial control systems (ICS) manufactured by companies like Beckhoff Automation, Delta Electronics, and Bosch Rexroth. These flaws put critical infrastructure sectors, including energy, manufacturing, and industrial engineering, at risk of cyberattacks, potentially compromising safety and operational continuity.

CISA’s advisories underscore the need for rapid patching and heightened security measures in industrial environments. As sectors reliant on ICS face escalating cyber risks, the alerts highlight the urgency for robust defenses to protect essential infrastructure against potential threats that could disrupt public services and industrial output.