Top Cyber Attacks of October 2022
Our 24x7x365 security operations team closely monitors all cyber news and related cyberattacks through our own insider sources to ensure our customers Get There First™- every time. Here are our SOC's top cyberattack picks from October 2022:
Hacker steals $566 million worth of crypto from Binance
The Global cryptocurrency exchange Binance suffered a devastating cyberattack on October 6th. This attack saw 2 million Binance Coins (BNB) from the Binance Bridge stolen, these coins have a value of $566 million dollars and may not be able to be recovered. The hacker used an exploit affecting the native cross-chain bridge between BNB Smart Chain and BNB Beacon Chain, known as the BSC Token Hub. This exploit allowed the hacker access to a massive lump sum of funds in central storage point.
Key takeaway: A cross-chain bridge allows different block chains to connect and transfer information and assets. They also have a central storage point to hold the transferred assets. This central storage point makes them a prime target for attackers because of how many assets can be accessed easily if the bridge is breached. The crypto sector is fast paced and uncharted, and it is hard for cyber defense to keep up. None the less, changes must be made or big breaches with even bigger losses will continue.
US airports' sites taken down by pro-Russian hackers
US airport's websites were the victim of DDoS attacks from the pro-Russian group KillNet. This attack made airports like Hartsfield-Jackson Atlanta International Airport (ATL) and the Los Angeles International Airport (LAX) have their websites taken down or extremely slow to respond. KillNet used a custom software to generate garbage traffic and fake requests taking resources away from legitimate users. This attack did not affect any flights but did make any website services like booking flights impossible.
Industry: Airport Operations
Key takeaway: The goal of DDoS attacks is to overwhelm servers hosting the attacked site with garbage requests to screw with performance. Although not as devastating as other cyberattacks, they can disrupt functions of crucial economic sectors, and are versatile and effective. Because the US has sided with Ukraine, KillNet has launched countless DDoS attacks on many US based websites. They call themselves hacktivist and feel they are fighting western oppression through cybercrime.
Wholesale giant METRO hit by cyberattack
The European wholesale giant METRO has suffered a likely ransomware attack. They are experiencing store payment issues and infrastructure outages in Austria, Germany, and France. METRO still has stores operating but have been forced to set up offline payment systems, and online orders are going to be disrupted and delayed. METRO is a massive company, employing over 95,000 people so the ransom payment is expected to be in the millions.
Key takeaway: Ransomware is one of the most common forms of cyberattacks. For big companies disrupting IT services can cost a lot of money every day so they have incentive to pay the ransoms quickly. Working with an MSSP can help prevent these attacks from happening in the first place, and prevent them from spreading.
Iran’s atomic energy agency confirms hack after stolen data leaked online
The Iranian Atomic Energy Organization (AEOI) confirmed that they were hacked in October. They made this announcement after a 27GB 14-part collection containing 85,000 emails was released on Telegram. The hacker group responsible for the attack is called Black Reward. They are hacktivists and did this attack in response to the death of Mehsa Amini, a young woman who died in the custody of Iran's police force. The hackers signed the leak saying, "For women, life, freedom," showing that they are trying to fight oppression with hacking.
Industry: Nuclear power
Key takeaway: Hacktivism is becoming an ever-prevalent means to support one's cause. The hackers most likely got access to this data through a phishing email.
Largest EU copper producer Aurubis suffers cyberattack
The second largest copper producer in the world, Aurubis, suffered a cyberattack. The attack has forced Aurubis to shut down almost all its IT systems until the attack is contained. Aurubis says its priority is to maintain its production, supply, and delivery of its copper, which they produce one million tons of every year. With their 6,900 employees, they are manually running the copper smelters and delivery systems while they try to assess and mitigate the attack. For the time being, their only means of contact with customers is on the phone.
Industry: Metals and Mining
Key takeaway: While the details of the attack itself are unknown at this time, this looks and feels like a ransomware attack. Ransomware is a lot easier to defeat before it enters your business network. Once it is in, ransomware is a very tricky thing to get rid of.
About Digital Hands
As a new kind of MSSP, Digital Hands is how organizations are getting ahead of the bad guys in a world where compliance alone is no guarantee of protection. Too many companies invest in cybersecurity solutions, follow the recommendations, achieve compliance … and then still get breached. You’ve got to get to your exposures before the bad guys do.
To help you do just that, we've outlined the most common types of threat actors, how they impact you, and controls you can implement to ensure you get ahead of every threat in our latest guide!