Trouble viewing this email?  View in web browser ›

The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by NetscoutNetscout

Cyber Daily: Norsk Hydro Probe Shows Slow Pace of International Ransomware Cases

By Kim S. Nash

 

Hello. Norwegian aluminum producer Norsk Hydro waited 2½ years for police to apprehend people suspected of launching a crippling ransomware attack on the company in March 2019.

The sprawling Norsk investigation involved eight countries, leading authorities to detain a dozen suspects in Ukraine and Switzerland in late October. At certain points, Norwegian authorities were told they had to wait to receive evidence because criminal laws in some of the countries involved required a court decision to share evidence. Limited travel opportunities amid the Covid-19 pandemic slowed the case. 

The U.S. and allies have vowed closer cooperation to fight ransomware but a lot will have to change. More below.

CONTENT FROM OUR SPONSOR: Netscout

Cyber Threats by the Numbers

A data-driven discussion on the scale of cyberthreats organizations face today, based on our experts' experience protecting the world’s internet traffic. Sign up for WSJ's Pro Cyber Executive Forum.

Register Today

Norwegian investigators shown last month examining evidence related to the 2019 Norsk Hydro ransomware attack. PHOTO: NCIS NORWAY

When Norsk Hydro was hit in 2019, its operations around the world were halted as the company moved to contain the LockerGoga ransomware. Norwegian investigators arrived at its offices to gather information about the hack.

Norsk Hydro said it readily shared conclusions from its internal investigation with Norwegian investigators. Still, authorities in Norway had to wait until Norsk Hydro restored its systems before they could obtain much of the evidence from the company, said prosecutor Knut Jostein Saetnan. 

It became clear to Mr. Saetnan the case would likely take years. “When it comes to cybercrime, we’re actually blind without the cooperation and information received from [other] countries,” he said.

Read the full story. 

⏱ Join us Dec. 1 

WSJ Pro Cybersecurity Executive Forum

Register here.

Organizations face a raft of cybersecurity challenges: criminal and geopolitical hacks, remote-work risks, escalating regulation and talent shortages. Join us to discuss insights from senior practitioners, policy makers and thought leaders. Goal for the event? To help you make the right decisions.
 

Cybersecurity

Canadian teen arrested in $36.5 million crypto theft. Neither the accused nor the victim—someone residing in the U.S.—were named by officials in Canada and the U.S. The funds were stolen in a SIM swap, in which someone hijacks a person's cellphone to switch the number from one device’s subscriber identity module to another, and then drains financial accounts. A significant break in the case came when the teen allegedly purchased a rare online gaming username, leading investigators to uncover the account-holder's name. (InfoSecurity Magazine) 

🎧 Listen: Crypto Thieves Target Small-Time Investors. As more people invest in cryptocurrencies, hackers are emptying digital wallets and making off with their holdings. WSJ Pro's David Uberti joins host Zoe Thomas to explain how the hack works and why regulators and cellphone providers are at odds about it.

GoDaddy discloses WordPress breach. Intruders used a compromised password to access customer information related to GoDaddy's Managed WordPress service, starting on Sept. 6, Demetrius Comes, GoDaddy's chief information security officer, said in a regulatory filing Monday. The company discovered the breach Nov. 17 and is contacting the 1.2 million affected customers, according to the filing.

Wind turbine maker Vestas says a cyberattack Friday forced it to shut down some tech systems. Denmark-based Vestas Wind Systems AS, a big provider of wind systems in North America, said Monday that manufacturing, construction and services are still operating. "The company’s preliminary findings indicate that the incident has impacted parts of Vestas’ internal IT infrastructure and that data has been compromised," Vestas said.

Pawn shop operator, payday lender hacked. A Minnesota company that runs Pawn America stores and Payday America lending offices, as well as a pre-paid debit card provider, is notifying a combined 698,420 people that their personal data was compromised in a ransomware attack in September.

  • Hackers deployed network reconnaissance and ransomware tools to gain access to portions of its systems, and then threatened to leak stolen information online, the company said. It restored data from backups and didn't say whether it paid any demanded ransom. Exposed information includes contact data and driver’s license, Social Security and passport numbers. 
4,151

Number of small businesses that the U.K.'s top cybersecurity agency warned have been compromised in card-skimming attacks this year through a problem in the Magento e-commerce software. 

Related: U.S. officials warn that holidays are prime time for hackers. Critical infrastructure providers, in particular, should stay vigilant, they said, and designate tech and cyber staff to be on call. 

 
Advertisement
‏‏‎ ‎
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 

Privacy

The notion of federal privacy legislation gets a boost after Amazon's state-level lobbying efforts are revealed. Lawmakers including Sens. Richard Blumenthal (D., Conn.) and Ron Wyden (D., Ore.) called for Congress to pass a national privacy law as state proposals are weakened as they move through the legislative process. Amazon has stepped up funding and staffing for lobbying efforts in 25 states working on data privacy bills, Reuters reported last week. The company, which has collected data on millions of customers world-wide, didn't directly comment on its lobbying activities. It said it prefers a federal law over a patchwork of state laws. (Reuters) 

💡 Read more from WSJ Pro: States Push Internet Privacy Rules in Lieu of Federal Standards and Virginia Lawmakers Poised to Pass New Rules for Internet Privacy

WhatsApp revamps privacy terms after recent record European fine. The Meta-owned WhatsApp messaging service started Monday to provide more details about how it manages user data. Ireland's privacy office fined it $267 million in September for violating the European Data Protection Regulation. WhatsApp disagreed with the ruling. It said it is tweaking policy while it appeals. (Associated Press)

 

Cybersecurity Providers

PHOTO: STEVE PARSONS

/ZUMA PRESS

German retailer Schwarz Group buys majority stake in cybersecurity company. Schwarz Group, which owns the Lidl and Kaufland food chains in Europe, the U.S. and Asia, acquired majority ownership of Israel's XM Cyber. XM tools, which focus on detecting attacks in hybrid cloud systems, will "further protect our customers, partners and ourselves as a company," Schwarz Group's Chief Information Officer Christian Müller said in a statement. Terms of the deal were undisclosed.

Startup Arctic Wolf plans an initial public offering in 2022. The nine-year-old company is seeking financial advisors, said Nick Schneider, chief executive. Arctic Wolf, valued at $4 billion in its latest investment round, sells subscription-based detection and recovery services. (Reuters)

 

About Us

Write to the WSJ Pro Cybersecurity Team: Kim S. Nash, James Rundle, Catherine Stupp and David Uberti.

Follow us on Twitter: @knash99, @catstupp and @DavidUberti. 

Contact Enterprise Technology Editor Steve Rosenbush at steven.rosenbush@wsj.com or follow him on Twitter: @Steve_Rosenbush.

 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2021 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe