X-Industry

From our Friends and Colleagues at Dryad:

The coronavirus outbreak in China has forced several countries to resort to stringent quarantine checks in their battle to contain the spread and the measures are starting to have a knock-on effect on the global commodities shipping market.

Delays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages in amounts ranging from $100-$750 per incident, even in the absence of any actual harm, with the passage of the California Consumer Privacy Act (“CCPA”).  The class actions that follow are not likely to be limited to California residents, but will also include non-California residents pursuing claims under common law theories.  At Red Sk

In daily business, you use strong passwords, change them often, update your anti-virus software and use common sense to protect yourself from malicious attacks that could harm your home computer.  But what else can you do when you travel?

When you are traveling, you are unaware of many types of threats, how can you keep your communications gear safe when you are not in the office or your own home?  According to a recent report, loses related to cybercrime is projected to exceed $6 trillion by 2

It is getting more expensive for organizations that are victims of ransomware attacks to recover.  The average cost more than doubled in the final quarter of 2019.  According to a recent report, an average total cost of negotiation, remediation and ransom payment is $84,116.  This amount is almost double the previous figure of $41,198.

This increase is not only the result of cybercriminals demanding higher ransom amounts, but the increase in the number of victims who are willing to pay the ranso

Does your company have $50 million to spare? That is how much a ransomware attack cost Norsk Hydro in the first quarter of 2019.  A total of 22,000 computers had their files forcibly encrypted across 40 countries in which the aluminum producer operates. Employees were using typewriters and manual production lines where possible to operate the business.  Norsk Hydro did not pay the hackers’ ransom and was completely honest about what happened. Its approach was praised by both law enforcement and

Europol.com

The new 2020 decade started with many twists and turns inside the Geo-Political (GEOPOL) World; specifically, the current Iran / US escalation of tensions and associated US sanctions.  This has raised cyber concerns with international governments and private sectors alike.  Researchers are providing various “warnings” to keep in mind when dealing with international political, business affairs, and hybrid terrorism.  The new attack phenomenon is the convergence of physical and cyber-a

Our friends and colleagues at Dryad Global, Experts in Global Issues and Maritime Security Risk Management, has provided us with their 2019 Global Security Review and 2020 risk assessment for the Shipping Industry.  Red Sky Alliance has been working close with Dryad this past year and we have observed and appreciated their timely and actionable maritime intellgience reports.  This information is of extreme valuable to our members who operate in the Transportation Sector. 

From Dryad: "Managed b

Our friends at Global Rescue offer their 2020 Travel Trends, which are very usful for Red Sky Alliance members who travel internationally.  Global Rescue is a trusted partner of Red Sky Alliance.

Link to full report:

https://www.globalrescue.com/common/blog/detail/Travel-Trends-for-2020/  

After the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial.  So now everyone is waiting to see how Russia will respond.

In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use.  2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but

Summary

Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani.  Evidence indicates that these are low level attacks looking to target convenient and insecure targets.  The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely

A class action lawsuit was filed in California against TikTok, the Chinese social media platform developer, in November 2019.  The lawsuit claimed that the TikTok app was designed to “covertly tap into a massive array of private and personally-identifiable information” and used “non-standard encryption to conceal the transfer of such data from users’ devices to Defendants.”

The 46-page lawsuit text contained details about the data types that TikTok was collecting, including user-generated video

FBI Flash Bulletin / TLP GREEN

Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019.  Maze encrypts files on an infected computer’s file system and associated network file shares.  Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data.  After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key.  An international

Hong Kong conducted District Council elections on 24 November 2019.  These local councils handle quality-of-life issues for their constituents, but the elections were seen as a referendum on the anti-Beijing protests that have rocked Hong Kong for several months.  The election results strongly favored pro-democracy forces.  Of the 452 seats contested, 388 were won by pro-democracy candidates and only 62 went to pro-establishment parties.

The clear message that most Hong Kong citizens supported w

Summary

RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.  

In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age

California has recently created a law known as the California Consumer Privacy Act (CCPA) which will go into effect on January 1, 2020.  Similar to Europe’s GDPR regulations, the act aims to inform consumers about the information being collected about them, while giving them the power to decide how that information is handled.  This law only protects California consumers and exclusive to the following companies:

• Companies with an annual revenue >$25 Million
• Companies which buy, receive, or sell th

Red Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC).  Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US.  In total, 113 additional domains were registered by the same actors in August-November 2019.

Details

On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed.  The attackers convinced the member’s pr

Red Sky Alliance has recently observed multiple Chinese, state sponsored, Advanced Persistent Threat (APT) groups targeting Chinese-Muslim non-governmental organizations (NGOs).  Historically, Chinese APT groups have conducted specific cyber campaigns against these type organizations, traditionally with little or no overlap. 

The US Secretary of State (SECSTATE), Mike Pompeo, issued a statement on 26 November 2019 reporting a collection of leaked documents that prove Chinese authorities are eng

By 12 November 2019, hacker Alexei Burkov was extradited from Israel to the US to face major credit card fraud charges.  Originally arrested in 2015 for his role in Cardplanet, his extradition was delayed several times as the Russian government was fighting against his extradition to the US. Israel subsequently received a competing extradition request from Russia.  Then, Russia arrested and sentenced to prison an Israeli/US citizen and offered Israel to exchange her for Burkov.  This case show

China Coverage of Report on the Cyber Vulnerabilities of Asian Ports

SUMMARY

Nanyang Technological University in Singapore has just released a report examining the economic losses expected if Asian port systems, including several in China, were subjected to a major cyber-attack.  This report did not assess the cyber vulnerabilities of Asian ports but rather postulated a major attack in order to calculate economic impact, with a focus on losses in the insurance industry.  The report concluded tha

A reexamination of the academic work published by the Nanjing Military Region First Technical Reconnaissance Bureau showed its primary focus was on network security and computer operations issues.  This suggests that, like some other Tech Recon Bureaus (TRB’s) in the Chinese military, this unit has likely developed a cyber operations mission.

Details about this unit were revealed by searches for its cover designator, the “73610 Unit.”  This element is located in central Nanjing in a large admini