Microsoft issued a public statement a few hours ago stating that it stopped a potential Russian Linked Cyber attack on prevalent political parties in the United States. The technology giant said that attack was launched to target few of the US midterm election probables and was possibly launched by Fancy Bear- A hacking group being funded by Russian Government.
A report published in CNN on this issue says that the group was also behind the Democratic National Committee Hack in 2016. It’s said that the group tried to create fake websites appearing to mimic several official sites including International Republican Institute. The plan was to use the websites to launch cyber attacks on candidates of Congress ahead of the November midterm elections.
Currently, there is no evidence that the hackers succeeded in their objective. But Microsoft assured that it will offer a free service to political organizations and candidates that use its Windows 10 OS to help them stay secure.
Coming to ransomware news, Coweta County Servers were reported to have been compromised by ransomware on Sunday this week. An official statement was released a few hours ago by the Sheriff’s department on this note and it says that the IT staff of the county decided to shut down the servers as a precautionary measure till Wednesday this week.
Sources reporting to our Cybersecurity Insiders say that the attack took place at 6:30 am on Sunday last week. But did not impact individual workstations, phone systems, or externally hosted solutions. The impact was felt by just the local public safety systems, forcing the agencies to use a backup plan compromising radio communication and the traditional record-keeping systems.
In another news related to ransomware, its said that a hacking group connected to Lazarus(A hacking group of North Korea) is said to have started a new campaign of distributing Ryuk Ransomware in the US and around the world. Sources say that the group has made $640,000 in bitcoins so far in the span of just two weeks.
Ryuk Ransomware was first identified in mid-August this year and is said to be mostly infecting businesses and data centers. One organization is believed to have paid 50 BTC to free up the encrypted data after falling victim to the attack early this month. Due to the fear of damaging its reputation in the market the business chose to remain silent on this issue.
The campaign was identified on Friday last week by researchers from CheckPoint.