Blog Post
July 2022 Cyber Event Roundup
August 8, 2022
Rogers Communications Major Outage
Millions of Canadians were left without internet access caused by a major network outage at Canadian telecom giant Rogers Communications. The event took place on 8th July, and lasted for more than 15 hours, while affecting transport, banking and emergency services.
To get an understanding of the impact of such incidents, Kovrr’s cyber incidents database, which contains both threat intelligence and financial data on a vast collection of cyber incidents, includes details on many breaches affecting the communication services industry.
Kovrr Insights: Cost of a Similar Incident
In September 2021 a DDoS attack on Bandwidth, a communications software company, caused a major network outage. The incident led to a loss of approximately $9 million for Bandwidth.
Ransomware attack on Professional Finance Company (PFC)
A major attack on the debt-collection company PFC affected 1.91 million patients, as their medical records were breached in a ransomware attack on the firm in February. Among the types of data breached: patient names, addresses, account balances, and in some instances, birth dates, Social Security numbers, health insurance information, and treatment data.
Kovrr Insights: Industry Benchmark
From Kovrr’s cyber incidents database we can learn that there have been nearly 500 ransomware attacks on the healthcare industry alone since the beginning of 2021. Our data also shows that Conti, a ransomware group, is the attacker in the event mentioned, and is also responsible for 10% of these attacks.
LockBit Ransomware Gang Claims It Ransacked Italy’s Tax Agency
Ransomware crew LockBit claims to have stolen 78 GB of data from Italy's tax agency and threatens to leak it unless a ransom is paid by July 31. On its dark-web site, the gang added the Agenzia delle Entrate to its growing list of victims. LockBit reports that financial reports, contracts, and documents were stolen.
It was revealed yesterday by Pierguido Iezzi, CEO of Tinexta Group's cybersecurity unit Swascan, that the Euro nation's police are investigating the alleged breach. A state-owned company that manages the tax agency's IT infrastructure, Sogei SPA, the country's equivalent to the IRS, was asked by the Italy Revenue Agency for "feedback and clarifications' ' following reports of an intrusion. According to Sogei, the company discovered no evidence of a cyberattack or data breach during its initial investigation.
Kovrr Insights: Cyber Trends
From Kovrr’s cyber incidents database we can learn that this is a fairly typical LockBit attack - from an analysis of the prevalence of the group's attacks by industry, government services are in 15th place, and financial services are in 5th place. The first four places are taken by construction, education, manufacturing and health care.