After tormenting sectors like Information technology and Healthcare, cybercriminals now have shifted their focus to a new sector, Media. The media sector is being increasingly targeted by cybercriminals. Apart from direct attacks, cybercriminals misuse the brand name to create fake identities, which are then used to target potential victims.
In the past few weeks ransomware attack was used to target media agencies around the world.
- The largest independent news agency in Denmark, Ritzau was targeted by a ransomware attack that led to one quarter of their 100 server network to be compromised.
- Operators of the LockBit ransomware targeted the servers at the Press Trust of India and prevented the agency from delivering news to its subscribers.
With the pretense of media agencies –
A spear phishing attack by TA416 APT was discovered recently, by imitating journalists from the Union of Catholic Asia News, attempting to target a range of victims, including diplomats in Africa and people in the Vatican.
- 27 domains were seized by the U.S. authorities that were used by Iran’s Islamic Revolutionary Guard Corps (IRGC) for carrying out covert influence campaigns, in which several domains purported to be genuine news outlets.
- Several fake websites were launched and operated by the OceanLotus group pretending to be news, activist, or anti-corruption websites throughout the year. They alsocompromised several Vietnamese-language news websites and used them to load an OceanLotus web profiling framework.
Cybercriminals have been exploiting the trust people have in media agencies. Hence, our internal experts suggest having adequate security measures such as frequent data backups, anti-malware solutions, and implementing Domain-based Message Authentication, Reporting & Conformance (DMARC). They also recommend tests to identify and eliminate the risks of domain spoofing.
After tormenting sectors like Information technology and Healthcare, cybercriminals now have shifted their focus to a new sector, Media. The media sector is being increasingly targeted by cybercriminals. Apart from direct attacks, cybercriminals misuse the brand name to create fake identities, which are then used to target potential victims.
In the past few weeks ransomware attack was used to target media agencies around the world.
- The largest independent news agency in Denmark, Ritzau was targeted by a ransomware attack that led to one-quarter of their 100 server network to be compromised.
- Operators of the LockBit ransomware targeted the servers at the Press Trust of India and prevented the agency from delivering news to its subscribers.
With the pretense of media agencies –
A spear-phishing attack by TA416 APT was discovered recently, by imitating journalists from the Union of Catholic Asia News, attempting to target a range of victims, including diplomats in Africa and people in the Vatican.
- 27 domains were seized by the U.S. authorities that were used by Iran’s Islamic Revolutionary Guard Corps (IRGC) for carrying out covert influence campaigns, in which several domains purported to be genuine news outlets.
- Several fake websites were launched and operated by the OceanLotus group pretending to be news, activist, or anti-corruption websites throughout the year. They also compromised several Vietnamese-language news websites and used them to load an OceanLotus web profiling framework.
Cybercriminals have been exploiting the trust people have in media agencies. Hence, our internal experts suggest having adequate security measures such as frequent data backups, anti-malware solutions, and implementing Domain-based Message Authentication, Reporting & Conformance (DMARC). They also recommend tests to identify and eliminate the risks of domain spoofing.
Cybercriminals have been exploiting the trust people have in media agencies. Hence, our internal experts suggest having adequate security measures such as frequent data backups, anti-malware solutions, and implementing Domain-based Message Authentication, Reporting & Conformance (DMARC). They also recommend tests to identify and eliminate the risks of domain spoofing.
To read more, please check eScan Blog
