Your Tech Story

Cyber Attack

Gold Retailer Kitco's Website Disrupted in Cyber Security Attack

Gold Retailer Kitco’s Website Disrupted in Cyber Security Attack

In a significant cyber security breach, renowned gold retailer Kitco experienced massive disruption to its online services. The company, known for its precious metals trading and live market updates, confirmed that its website suffered a cyberattack, causing temporary operational failures and accessibility issues for its global customer base.

Gold Retailer Kitco's Website Disrupted in Cyber Security Attack

Image Source: bnnbloomberg.ca

The exact nature of the cyber attack has not been disclosed, but initial reports suggest a sophisticated intrusion, possibly aimed at compromising customer data and disrupting online trading services. Kitco’s rapid response to the incident included immediate measures to secure their systems and assess the extent of the breach.

Impact on Customers and Operations

The disruption caused concern among Kitco customers, who rely on the platform for real-time gold market analysis and trading. While the full impact on customer data and transactions is still being evaluated, Kitco assures its customers that protecting their information and restoring normal operations is their top priority.

Expert Opinions on Cyber Security

Cybersecurity experts call the incident a reminder of the vulnerabilities faced by online retailers, especially in high-value sectors like precious metals. The increasing trend of cyber attacks in the retail sector underlines the need for advanced security measures and robust cyber defense systems.

Kitco’s management has announced that they are working closely with cybersecurity experts to resolve the issue and prevent future attacks. He has also urged customers to remain alert and follow the company’s updates for safe transactions.

Technological Solutions for Protection

As the investigation continues, this incident raises important questions about the preparedness of online retailers against increasingly sophisticated cyber threats. Kitco’s experience serves as an important case study in the importance of proactive cybersecurity strategies in the digital age.

The company has promised to provide regular updates as more information becomes available and is committed to fully restoring its services and strengthening its security infrastructure to protect against future cyber threats.

cyber attack

German airport websites hit by suspected cyber attack

A day after a significant IT malfunction at Lufthansa left thousands of travellers stuck, the webpages of seven German airports were reportedly targeted by a probable cyber attack on Thursday, according to the ADV airport organisation. Düsseldorf, Nuremberg, and Dortmund were among the airports that were impacted, although the websites for Germany’s three largest airports—Frankfurt, Munich, and Berlin—were unaffected.

cyber attack
Image Source: brecorder.com

Due to a technological malfunction, numerous German airport websites are no longer accessible. According to reports, the disruptions might be caused by cyber attack. The website issues have not interfered with airport operations, indicating that the IT problem appears to be limited to the online environment.

Also Read: Google Staff in Zurich Stage Walkout Over Job Cuts

Passengers will be impacted by further outages in the days ahead, particularly as other airports experience strikes. Even though websites occasionally experience problems and even go offline, it is unusual for several airport websites to do so at the same time.

It is assumed that these failures are the consequence of cyber attack directed at airport infrastructure given their proximity in time and form. None of these interruptions has, as of yet, affected airport operations. Before any flights are impacted by the outage, airport officials are working fast to address the problems and restore service to the websites.

The website breakdowns, which could cause operational hiccups in the upcoming days, occur just one day before a significant one-day walkout. A one-day airport employee strike has been organised for tomorrow, February 17, and will run the entire day.

Tourists are advised against flying tomorrow in Germany as the walkouts are expected to cause significant delays at airports throughout the nation. Tomorrow’s flights out of Frankfurt and Munich have been cancelled by Lufthansa due to the strikes, causing major issues and lost reservations for travellers.

On the list of airports where a strike is anticipated, DUS is the only one impacted by the website outage. Yet, the strike’s large number of cancelled flights will undoubtedly create a domino effect that will affect almost all German airports.

For the next few days, this will cause airline disruptions across the nation and many neighbouring nations. The only thing that will fuel this upcoming storm is the website outages.

Also Read: Elon Musk Forced Algorithm Change to Help Boost His Tweets

The airports hit by the website disruptions are not the only ones this week to experience such setbacks. An IT issue on February 15, had a significant impact on the operations of the Lufthansa Group. All of the company’s airlines had delays as a result of the malfunction.

Frankfurt Airport (FRA) was closed to all arrivals as a result of the inconvenience. This resulted in the cancellation of thousands of flights and hundreds of travellers’ travel plans. With all the flight cancellations and delays, the German air transit business is heading towards what appears to be a weekend to remember.

Microsoft

The Microsoft E-Mail hack is costing several organizations including European Union Banking Regulator

Recently, the email system of Microsoft has been compromised due to a cyber-attack which is allegedly caused by a Chinese group. Several organizations have fallen victim to the hack of the Microsoft email system. One of the prime European Union financial regulators, the European Banking Authority has also suffered damage due to the chain of attacks.

Microsoft mentioned in a statement that the company thinks the attack is caused by a state-sponsored Chinese group operating out of China. This alleged Chinese group was trying to exploit some of the flaws in its Exchange email services that were previously not known. According to Microsoft, the main intention of this group is to steal sensitive data from various business and government organizations. Microsoft believes that so far then thousands of users have already been under attack.

The European Banking Authority (EBA) has confirmed this attack on Sunday and also the organization is taking its email system offline as a precautionary measure. An organization of this importance suffers a huge casualty due to such cyber attacks. The investigation has already started in close corporation with many forensic experts, its ICT provider, and “other relevant entities.”

Microsoft E-Mail Hack

The hackers have infiltrated the user’s system using Microsoft’s email system. Currently, more than 20,000 US organizations have been compromised. Before this latest attack, there was another major attack last December where the system of SolarWinds Corp was compromised. But, it was believed that the attack in December was carried out by Russian hackers and now the blame has shifted to Chinese hackers. While investigating the latest cyberattack, it has been found out that the hack has left channels for remote access spread among credit unions, town governments, and small businesses (The Indian Express).

Microsoft

Apart from the US organization, many European and Asian organizations have also fallen victim to these attacks. Though Microsoft has issued emergency patches, the hacks don’t seem to get affected. The situation seems to be getting out of control from the big multinational tech giant. Microsoft previously thought that the attackers are targeting only some limited users. But, the hike in the numbers of victims has made the company take the help of government agencies and other security companies to protect its customers.

In response to those who are under attack, Microsoft mentioned that “impacted customers should contact our support teams for additional help and resources” (The Indian Express). Last Friday, Microsoft witnessed that only 10% of the affected customers have installed the patches issued by Microsoft. The numbers are still rising.

Warning, accusations, and declining

Last Friday, Jen Psaki, White House Press Secretary mentioned that the vulnerabilities that were investigated in Microsoft’s Exchange Server were quite significant and that it could have a far-reaching impact. There has already been quite a high figure in the victim’s list and nobody still knows how many more to go. Blaming the hacker’s group is sponsored by China, the nation has declined and said that China is not behind this series of events.

The EBA which was also attacked mentioned that they might have accessed personal data. So, EBA advises on taking possible mitigation measures if that is what it takes. The security experts think that either China has changed the tactics of its attacks or there might be a second group that is committing this high-scale network infiltration and data theft.

Microsoft has urged all its customers to install the patch at the earliest. Since the attackers are entering from the back door, it is likely they will attack any unpatched system. Microsoft believes that the SolarWinds attacks and this latest attack are in no way connected. But, the company also first thought that the hackers are attacking specific targets which are now keeping to expand. So, the entire situation is becoming very unpredictable with every passing day.

Covid-19 Vaccine

Hacking Group from China Attacks the Bharat Biotech and Serum Insititute of India (SII) IT Infrastructure

India has not been on good terms with China for the past few years. From crossing the borders to attacking the Indian government on political grounds, China is pushing all the limits. This time, the Country has gone even beyond.

For the past couple of weeks, a Chinese hacking group has been interfering with the IT systems of two major Covid-19 vaccine manufacturer companies in India, i.e. Serum Insititute of India (SII) and Bharat Biotech. The Singapore and Tokyo-based cybersecurity company, Cyfirma, has revealed that a China-state-backed hacking group named APT10, also known as Stone Panda, had identified holes in the IT infrastructure and supply chain software of these two Indian companies. Cyfirma follows around 750 cybercriminals and uses a cybersecurity tool DeCYFIR to monitor over 2000 hacking campaigns, to create robust cybersecurity strategies for companies around the world.

The Chief Executive at Cyfirma, Kumar Ritesh, said in a statement, “In the case of Serum Institute, they have found a number of their public servers running weak web servers, these are vulnerable web servers. They have spoken about the weak web application, they are also talking about the weak content-management system. It’s quite alarming.”

Covid-19 and its Vaccination

Due to the spread of Covid-19, the year 2020 has been a disastrous year for the entire world. And despite, we have discovered a few vaccines to fight Covid, we are still struggling to get everything back to normal. Exactly a year ago, the world got to know about the Covid outburst, and countries had to shut down all their operations. China got all the blame since the virus had come from Wuhan, a city in China. The year passed in finding the cause of the virus and vaccine for it, but China never admitted its hand in the spread of Covid.

Covid-19 Vaccine
Image Source: businessinsurance.com

Many countries blamed China, and many defended, but the main issue was to find a drug to help fight the disease. Finally, two big drug manufacturing companies in India, The Serum Institute of India (SII) and Bharat Biotech, came with their version of the vaccine for Covid, and the vaccination process started. SII came up with Covishield, and Bharat Biotech is manufacturing Covaxin.

Motive Behind the Cyber Attacks

As said earlier, the Serum Institute of India and Bharat Biotech are some of the first pharmaceutical companies to provide the most effective Covid-19 vaccines. These two companies are the ones, supplying 60% of Covid vaccines to the world, and China falls in the other 40% category to sell or gift its vaccines to the other countries.

According to Cyfirma, the motive behind attacking the IT systems of these two companies can be this excessive competition. “The real motivation here is actually exfiltrating intellectual property and getting a competitive advantage over Indian pharmaceutical companies,” said Ritesh in a statement.

Action to be Taken

The matter has gone into the hands of the state-run authority CERT (Computer Emergency Response Team). Though the authority has denied commenting on the matter, due to the importance of the issue, they have confirmed that the matter will be handled by the operations director of CERT, S.S Sharma. According to Cyfirma, they had contacted CERT on the issue, and it has acknowledged the threat.

Other than China, there have been cyber intrusions in the IT systems of companies manufacturing Covid-19 Vaccine around the world from other countries as well. Microsoft, in November, had confirmed that there have been cyber attacks on drug companies of India, Canada, France, the USA, the UK, and South Korea from countries like Russia and North Korea.

Drugmaker Pfizer Inc had also revealed that some of its documents that included the information regarding Covid-19 vaccine manufacturing also went under a cyber attack in December 2020 and were “unlawfully accessed”. For now, neither China’s foreign ministry nor SII or Bharat Biotech has given any statement on the matter.