UK shipping giant Clarksons confirmed that it was hit by hackers, who appear to have been successful in stealing sensitive and confidential corporate data. The firm said that it suspects that the hackers may soon leak the stolen data, likely in retaliation to the company refusing to meet the cybercriminals’ ransom demand. Clarksons said that the hackers had managed to access the company’s computer systems by compromising a “single and isolated user account,” which has since been disabled. The shipping giant said that it is in the process of notifying potentially affected clients and is working with law enforcement authorities to resolve the issue.
The banking industry has been warned of the evolving threat of online criminals and hackers. The warning from SWIFT, the international bank transfer system, came after online thieves came close to stealing nearly a billion dollars from the account belonging to the Central Bank of Bangladesh in early 2016.
According to the report, attacks based in the U.S. rose 217%, with a 48% increase in attacks sourcing from the U.S. in comparison to the second quarter. The report also found the most common type of attack, SQL injection (SQLi), increased 62% since last year, and 19% since the last quarter.
New Ursnif variants being tested in the wild are using redirection attacks to target Australian banks and malicious TLS callback techniques to achieve process injection. The malware is based on the same code as the original Ursnif trojan, aka Gozi ISFB, but features modifications to the code injection level and to attack tactics, IBM Executive Security Advisor Limor Kessem said in a Nov. 28 blog post.