Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.

The Austrian State Department's IT systems were hit by a cyberattack last Saturday and many believe that a "state actor" may be behind the attack. The attack, which was disclosed late Saturday night, is said to be "serious" and experts warn it could continue for several days, according to a joint statement from the Foreign Ministry (BMEIA) and the Ministry of the Interior (BMI).

According to Visa, cybercrime groups have targeted North American gas stations with point-of-sale (PoS) malware. In the summer of 2019, three separate attacks were detected, but only two of the attacks impacted the PoS systems of fuel dispenser merchants. Despite this, Visa believes that these businesses will become an increasingly attractive target for criminal groups.

Security has always been a sophisticated cat-and-mouse game and a creative one at that. Attackers' techniques constantly mutate and evolve, like biological viruses, forcing security professionals to continuously evolve their strategies to combat them. In an ideal world, companies could and would be able to devote a sufficient number of resources to ensure that they keep pace with the bad guys. But there is no such thing as an ideal world.

CyrusOne, a major provider of enterprise data center services, is reported to have suffered a ransomware attack. The Dallas-headquartered company, which operates more than 30 data centers across the United States, China, London, and Singapore, is reported by ZDnet to have had some of its systems infected by the REvil (Sodinokibi) ransomware.

Summary The Great Cannon is a distributed denial of service tool (“DDoS”) that operates by injecting malicious Javascript into pages served from behind the Great Firewall. These scripts, potentially served to millions of users across the internet, hijack the users’ connections to make multiple requests against the targeted site. These requests consume all the resources of the targeted site, making it unavailable.

The website of Smith & Wesson was targeted by digital skimmers last week as they planted malicious code designed to steal customer payment card information. According to Sanguine Security, the attackers planted a payment skimmer on the Smith & Wesson online store on Wednesday, November 27, during the busy Black Friday holiday shopping weekend. The firm claims that as of Monday, December 2 that the skimming code is still active.

Cyberattacks are never going away; in fact, things appear to be getting worse. The complexity of attacks has escalated, resulting in more sophisticated, targeted takedowns. Just look at the attacks in Baltimore, Atlanta, Florida, and Spain within the past few years. Organizations around the world have had their operations halted by ransomware, with some taking weeks to get back to normal.

Louisiana Governor John Del Edwards was forced to declare a state of emergency last Friday after suffering a cyberattack that left 10% of the state's computer network servers damaged. Louisiana's Deputy Chief Information Officer, Neal Underwood, claims that the ransomware attack left one in ten of Louisiana's 5,000 computer network servers that power operations across the state damaged in last week's attack.