An anonymous reader quotes a report from ZDNet: With today's news that French shipping giant CMA CGM has been hit by a ransomware attack, this now means that all of the four biggest maritime shipping companies in the world have been hit by cyber-attacks in the past four years, since 2017. Previous incidents included: 1.) APM-Maersk -- taken down for weeks by the NotPetya ransomware/wiper in 2017. 2.) Mediterranean Shipping Company -- hit in April 2020 by an unnamed malware strain that brought down its data center for days. 3.) COSCO -- brought down for weeks by ransomware in July 2018. On top of these, we also have CMA CGM, which today took down its worldwide shipping container booking system after its Chinese branches in Shanghai, Shenzhen, and Guangzhou were hit by the Ragnar Locker ransomware. This marks for a unique case study, as there is no other industry sector where the Big Four have suffered major cyber-attacks one after the other like this. But while all these incidents are different, they show a preferential targeting of the maritime shipping industry.

Read more of this story at Slashdot.

Catalin Cimpanu, writing for ZDNet: For many years, the Microsoft Security Intelligence Report has been the gold standard in terms of providing a yearly overview of all the major events and trends in the cyber-security and threat intelligence landscape. While Microsoft unceremoniously retired the old SIR reports back in 2018, the OS maker appears to have realized its mistake, and has brought it back today, rebranded as the new Microsoft Digital Defense Report. Just like the previous SIR reports, Microsoft has yet again delivered. Taking advantage of its vantage points over vast swaths of the desktop, server, enterprise, and cloud ecosystems, Microsoft has summarized the biggest threats companies deal with today in the face of cybercrime and nation-state attackers. The report is 88 pages long, includes data from July 2019 and June 2020, and some users might not have the time to go through it in its entirety. Below is a summary of the main talking points, Microsoft's main findings, and general threat landscape trends. [...] But, by far, the most disruptive cybercrime threat of the past year have been ransomware gangs. Microsoft said that ransomware infections had been the most common reason behind the company's incident response (IR) engagements from October 2019 through July 2020. And of all ransomware gangs, it's the groups known as "big game hunters" and "human-operated ransomware" that have given Microsoft the most headaches. These are groups that specifically target select networks belonging to large corporations or government organizations, knowing they stand to receive larger ransom payments. Most of these groups operate either by using malware infrastructure provided by other cybercrime groups or by mass-scanning the internet for newly-disclosed vulnerabilities. In most cases, groups gain access to a system and maintain a foothold until they're ready to launch their attacks. However, Microsoft says that this year, these ransomware gangs have been particularly active and have reduced the time they need to launch attacks, and especially during the COVID-19 pandemic. "Attackers have exploited the COVID-19 crisis to reduce their dwell time within a victim's system â" compromising, exfiltrating data and, in some cases, ransoming quickly â" apparently believing that there would be an increased willingness to pay as a result of the outbreak," Microsoft said today. "In some instances, cybercriminals went from initial entry to ransoming the entire network in under 45 minutes."

Read more of this story at Slashdot.