Hacker Tracker | February

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard”. Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s important to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches and updates.

GoDaddy: Hackers stole source code, installed malware in multi-year breach | 2.17.23

• Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.
• While GoDaddy discovered the security breach following customer reports in early December 2022 that their sites were being used to redirect to random domains, the attackers had access to the company’s network for multiple years.
• The company says that previous breaches disclosed in November 2021 and March 2020 are also linked to this multi-year campaign.
• GoDaddy says it also found additional evidence linking the threat actors to a broader campaign targeting other hosting companies worldwide over the years.
• View the Source

Fruit giant Dole suffers ransomware attack impacting operations | 2.23.23

• Dole Food Company, one of the world’s largest producers and distributors of fresh fruit and vegetables, has announced that it is dealing with a ransomware attack that impacted its operations.
• Dole says that  it has already engaged with third-party experts who help with the remediation and security of impacted systems.
• In the midst of the cyberattack, they subsequently shut down their systems throughout North America
• View the Source

Dish Network confirms ransomware attack behind multi-day outage | 2.28.23

• Satellite broadcast provider and TV giant Dish Network has confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday.
• this widespread outage hit Dish.com, the Dish Anywhere app, Boost Mobile (a subsidiary owned by Dish Wireless), and other websites and networks owned and operated by Dish Network.
• Customers have also reported that the company’s call center phone numbers were unreachable.
• Dish Network also confirmed that the threat actors stole data from its compromised systems (potentially containing personal information) but failed to mention if it belonged to its employees, customers, or both.
• View the Source

Lessons Learned

#1– As one of the largest domain registrars, providing hosting services to over 20 million customers worldwide, many customers are surprised by a breach of this magnitude. Not only was GoDaddy breached, but the breach went undetected for multiple years. When it’s your web hosting or other third-party services, many customers opt for the best-known vendor, assuming this means maximum security. In the case of GoDaddy, this has not proven true. The GoDaddy attack taught us the importance of internal cybersecurity best practices to protect from third-party vendor breaches.

#2– When people think about food shortages, they may not first consider the association with cybersecurity. Following the cyber attack on Dole, consumers complained for weeks about pre-packaged Dole salad shortages on store shelves. In addition to packaged salads, Dole supplies a range of produce items to grocery retailers throughout North America. Despite implementing a crisis management protocol to help with supply chain issues, grocery retailers throughout North America have been impacted, in addition to consumers’ access to Dole produce. If you think your food supply can’t be affected by ransomware, think again.

#3– Both personally and as a business, it’s essential to consider the cybersecurity practices of third-party vendors you utilize. If your company uses Dish network, you are now subject to lost sensitive and personal data. The cybersecurity practices, or lack thereof, will directly affect you or your business in the event of a ransomware attack. You are, essentially, brought down by below-par cybersecurity practices for any third-party vendors you associate with. Last year, we talked about the fact that 54% of organizations were negatively affected by third-party vendors in 2022. This data makes it worth heavily considering the third-party vendors your business works with and uses.