Status: Alert not Alarmed
We have had a request to include some information on the threat landscape for our neighbors across the ditch. So, starting from edition 10 we will include some insights for New Zealand.
Don’t forget to reach out if you have any questions on content we have already posted or requests for additions in future editions. This product is produced to support and uplift the cyber community in Australia and now New Zealand and we welcome any feedback on how it could support you better.
UPDATED ON COURT SERVICES VICTORIA CYBER ATTACK
On 18 January, Court Services Victoria (CSV) published an update to their original statement concerning their December cyber-attack. In the update, CSV has confirmed that some of the audio-visual recordings of cases in the Supreme Court, County Court and Coroners Court pre-date the initial time window of 1 November 2023 to 21 December 2023. The updated date ranges now include court files as old as early-April 2016.
At the time of writing, CSV has not been posted to any of the ransomware leak sites that we track. It is likely that CSV will provide further updates on the data breach in the coming weeks as their investigation continues.
Hacktivist Activity - 6 Victims
There was a considerable decrease in posted attacks against Australia and New Zealand from hacktivist groups throughout the reporting period.
10 January
Cyber Error System claimed a defacement attack on Splendore New Zealand
This is not the first time the group has claimed a defacement on this site.
11 January
Team Fattah, an Iranian hacktivist group claimed a deface attack on Pacific Blue Capital.
15 January
Toxcar Cyber Team claimed a breach and leak of Australian Parliament files - it turned out to be publicly available data for Australia politicians. More context on this attack from a recent X post.
16 January
Toxcar Cyber Team who are pro-Indonesian claimed to have breached and leaked videos from Sky News Australia. Additional thoughts on this attempted attack.
17 January
Anon Black Flag claimed a website deface of varsity Smiles.
19 January
Haghjoyan hacktivists claimed to have ‘hacked’ Australia’s largest government website. However, they a screenshot of the Centre for Judicial Excellence from Papua New Guinea - they attempted a website defacement.
Ransomware - 2 Victims
18 January
Trigona Ransomware gang - who had been inactive after the Ukraine Cyber Alliance had taken them down has now returned to operations. They have posted a fertility clinic from Perth, Australia to their leak site.
17 January
8Base ransomware gang posted Washtech, a dishwasher company in New Zealand to their leak site.
Underground posts/mentions of Note
Little of note during the reporting period. We did see regular posts about combo lists and other data sets, but these are not reported due to their regular presence in the threat landscape.
16 January
A Chinese language telegram channel posted claimed stolen data from bhfcouriers in Australia for sale.
19 January
A database allegedly from gardening tools online was posted to BreachForums for free. At time of posting the link for download does not work.
If you would like more information on anything within this report please reach out to one of us on X. You will also find regular updates on the Australian threat landscape on our accounts.