Security News

Cyberattack traffic targeting the video game industry grew more than any other industry during the COVID-19 pandemic. According to Akamai's report, the video game industry suffered more than 240 million web application attacks in 2020, a 340% increase over 2019.

Attorney General Merrick Garland said Tuesday that private industry needs better safeguards to avoid calamitous consequences in the event of cyberattacks like the ones that have targeted American infrastructure and corporations. "You have to have a secondary method if your first method is shut down. You have to have depth, and we need to work with them on that," Garland said, one week after a meeting between President Joe Biden and Russian President Vladimir Putin that included discussion of a spate of Russia-linked ransomware attacks in recent months.

The South Korean Atomic Energy Research Institute has confirmed that an unknown third-party gained unauthorized access to its systems. "Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage," the institute also said.

A recent "Large scale" cyberattack targeting top Polish politicians was launched from Russia, Jaroslaw Kaczynski, the leader of Poland's governing right-wing party, said on Friday. "Analyses by our services and the secret services of our allies allow us to unequivocally say that the cyberattack was carried out from the territory of the Russian Federation," Kaczynski said in a statement.

Carnival Corp., the world's largest cruise-ship operator, has sprung another leak: For the second time in a year, attackers have breached email accounts and accessed personal, financial and health information belonging to guests, employees and crew. Fifteen months ago, in March 2020, Carnival Cruise Lines disclosed that it was hit with a data breach: Threat actors accessed names, addresses, Social Security numbers, passport numbers or driver's-license numbers, credit-card and financial account information, and health-related information.

The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. On May 21, India's flag carrier airline, Air India, disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years in the wake of a supply chain attack directed at its Passenger Service System provider SITA earlier this February.

A communiqué issued at the conclusion of the NATO summit has called for China to observe the laws of cyberspace, and set out new standards by which members of the alliance will consider cyberattacks. The document treats both Russia and China as threats.

The cyberattack on SITA that impacted multiple airlines around the world was orchestrated by a Chinese nation-state threat actor tracked as APT41, security researchers at detection and prevention firm Group-IB say. Air India revealed that the attack was related to SITA PSS, which processes personally identifiable information.

The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware. McDonald's is the latest company to fall victim to a cyberattack exposing customer and other data in the U.S., Taiwan and China, The Wall Street Journal has reported.

The U.S. Department of Justice this week announced charges against Vikas Singla, the chief operating officer of a metro-Atlanta cybersecurity company, for allegedly targeting the Gwinnett Medical Center in a disruptive cyberattack. Singla, 45, of Marietta, Georgia, allegedly targeted the medical center in 2018, disrupting phone and network printer services, and gaining access to information.