Plus, a Swedish infectious disease database was targeted by multiple attacks before it was taken offline by officials. That and more in this week’s Cyber News Rundown.
Swedish disease database taken offline following malicious attacks
SmiNet, the Swedish infectious disease database, was taken down by officials for the Swedish Public Health Agency after multiple hacking attempts were identified. While the agency does not believe any information was stolen, the attacks have caused a delay in reporting the latest COVID-19 statistics. This attack follows in a long line of attacks against healthcare services, which tend to be under-secured given the highly sensitive information they are responsible for.
Student targets school district with DDoS attack
A Florida teenager faces criminal charges after being found responsible for a Denied Distribution of Service (DDoS) attack that knocked the Pinellas County School District offline during statewide testing. Over 140 schools were affected by the attack, which was particularly effective due to the limited security necessary to make networks more accessible for students and faculty. Following a search warrant, police confirmed that the student had been planning and practicing for the attack for nearly two weeks.
Brazilian meat producer suffers ransomware attack
Multiple processing belonging to JBS, the world’s largest meat producer and owner of plants the U.S. and Australia rely on for production and supply chain logistics, were taken offline after a ransomware attack this week. Though the company’s backups were unaffected, at least five plants across North America were temporarily closed while officials worked to secure systems return the supply chain to normal operations.
Zero-day vulnerability in WordPress plugin exploited
Researchers have discovered a new zero-day vulnerability in the Fancy Product Designer plugin for WordPress, which has been installed on over 17,000 websites. The exploit can permit remote code execution, allowing for the attackers to gain control compromised websites. Most of the affected sites are dedicated to e-commerce and are still being actively exploited, even with the publishers releasing a patch.
Ransomware takes Scripps Health offline
Officials for Scripps Health were forced to take several of their servers and applications offline after discovering ransomware directed at their systems. The healthcare provider was able to restore most of their systems to normal operation after nearly five weeks, though the time offline disrupted dozens of appointments and forced employees to rely on physical instead of digital documentation. Scripps Health has begun contacting roughly 140,000 patients whose sensitive medical information may have been illicitly accessed during the attack.