You've successfully subscribed to INFIMA Security
Great! Next, complete checkout for full access to INFIMA Security
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.

What Do Canon, Jack Daniels and Carnival Cruises Have In Common?

You may patronize each of these companies on vacation, and now hackers are taking a lot of that money for themselves.

How does this keep happening?

Yeah yeah... you go on cruises, sip on some Jack and take photos with your fancy Canon camera. But they have something else in common...

This is a cybersecurity blog after all, so we'll focus on this trifecta of recent hacks. All three of these giants recently lost data to cybercriminals. And all of these attacks look very similar.

The Canon team was hit by the Maze Ransomware team, and the attackers already started publishing their internal data on the Dark Web. Right out of the Maze playbook, they did the same with a Texas Law Firm and a large chip manufacturer.

Maze published a single .zip file weighing 2.2GB, entitled “STRATEGICPLANNINGpart62." - From Maze's attack on Canon

No one feels good about losing a file called "Strategic Planning." This is exactly why the Maze team released this teaser as they force Canon's hand in paying their ransom demand.

Carnival revealed their attack in a public filing with the Securities and Exchange Commission, who by the way, has its eyes on cybercrime.

Based on a preliminary assessment of the incident, Carnival said it expects that the attackers gained access to some guest and employees' personal data.

As if things weren't bad enough for Carnival during the pandemic, this is the second attack this year on their network. 2020 is just not their year!

And now to round out the triple play.

Brown-Forman, parent company of Jack Daniels and many other iconic brands, actually stopped their attack. Well.. kind of!

Their security team detected the attack and prevented the Ransomware's file encryption protocol. But that didn't stop the cybercriminals from stealing data first.

The REvil gang claims it exfiltrated about a terabyte of the company’s data. It’s now being used as leverage to extort payment from Brown-Forman.

Despite the company's great efforts at stopping the attack before completion, the REvil crew (aka Sodinokibi) still stole a TON of data. They'll use this to force the company's hand in the ransom negotiations. If not, REvil is known for auctioning off stolen data, including the time they sold Madonna's secrets on the Dark Web.

The good news is that these attackers can be stopped.

The first step is training your team to avoid the initial Phishing email, the ones that employees at Canon, Carnival and Jack Daniels fell for.

Are you ready to take action?
We make it easy to protect your team from attacks just like this one. Find out how to protect your team with INFIMA's Automated Security Awareness platform.

To get a quote, set up a call with our (non-pushy) sales team here!

Original articles here, here and here.
[https://www.itproportal.com/news/stolen-canon-data-published-online-by-maze-ransomware-group/]
[https://www.zdnet.com/article/worlds-largest-cruise-line-operator-discloses-ransomware-attack/]
[https://www.forbes.com/sites/leemathews/2020/08/17/brown-forman-hacked-1tb-data-stolen/#cd373334da01]

Joel Cahill

Cyber security enthusiast. Entrepreneur.