French shipping giant CMA CGM SA disclosed yesterday it was dealing with a cyberattack on two of its subsidiaries in the Asia-Pacific region. The Loadstar says the company is working through the attack (“business as usual” as far as moving cargo is concerned, obviously barring some IT disruptions). Sources tell Le Monde Informatique that the attack was a Ragnar Locker ransomware infestation.
Universal Health Systems (UHS) has sustained a cyberattack that NBC calls one of the largest of its kind. BleepingComputer reports that it’s a Ryuk ransomware attack. Fierce Healthcare says that, while the affected hospitals are reverting to manual backups while their IT systems are unavailable, they’re nonetheless being forced to divert ambulances and reschedule surgeries. A brief disclosure UHS issued yesterday said that patients were safe, and that “ No patient or employee data appears to have been accessed, copied or misused.”
Microsoft yesterday suffered outages to Office 365 and the Azure cloud. Redmond resolved the problem—an authentication issue—after a few hours, ZDNet reports.
Microsoft’s Digital Defense Report concludes that attackers have markedly increased their sophistication over the past year. The sophistication seems to lie more in improved execution of well-known techniques involving target identification, indirect approach, and credential stuffing than in the deployment of exotic technical novelties. Thus foreign intelligence services interested in US elections, are prospecting relatively soft targets among non-governmental organizations and think tanks.
The US Office of Management and Budget has approved an interim rule requiring Defense contractor compliance with NIST SP 800-171.