Security News

Colonial Pipeline reopens after ransomware attack

Avast Security News Team, 14 May 2021

Plus, Clubhouse comes to Android and Amazon destroys counterfeit products

The largest petroleum transport company in the United States, Colonial Pipeline, has resumed business as usual this week after halting all pipeline operations last Friday when the company was hit by a ransomware attack. Attackers attempted a double extortion scheme by locking the company out of its files and then threatening to publish 100 gigabytes of sensitive Colonial Pipeline data if the company didn’t pay.

According to CNET, Colonial Pipeline initially had no intention of paying the ransom, instead bringing on a cybersecurity agency to restore their systems from their backup servers. However, news regarding the ransom payment has been developing as the week has progressed. “There is one main reason for the increase of ransomware attacks,” commented Avast Security Evangelist Luis Corrons. “Victims are paying, and according to Bloomberg, Colonial Pipeline paid almost $5 million to the cybercriminals behind this attack. This is why the number of ransomware attacks is skyrocketing — each ransom paid is adding fuel to the fire.”

Colonial Pipeline transports gasoline, jet fuel, and other refined petroleum products. Halting operations did affect some of its markets, but officials have reassured the public there is no need to panic. South Carolina Governor Henry McMaster tweeted to his constituents, “There is no need to rush to top off your gas tanks or hoard gas. The pipeline is expected to resume operations by the end of the week.”

AXA no longer covers ransomware payments in France

International insurance provider AXA announced last week that it would no longer reimburse ransomware victims in France who have paid the ransom. The policy change marks the company’s effort to align itself with the country’s justice and cybersecurity officials who believe ransomware victims should never pay their attackers. “The word to get out today is that, regarding ransomware, we don’t pay and we won’t pay,” announced a cybercrime prosecutor at a Senate roundtable hearing in Paris on the effects of ransomware. A spokesperson for AXA commented that the change does not affect coverage for responding to or recovering from ransomware attacks, only for paying the ransom. For more, see Security Magazine

Clubhouse app launches on Android

More than a year after its initial launch, which was limited to Apple devices, the audio-only social media app Clubhouse is now available to Android users as well. The company welcomed Android users on their blog, informing them that Clubhouse for Android will roll out in beta immediately in the U.S., followed by other English-speaking countries, then the rest of the world. BBC News speculated on the potential obsolescence of the app, seeing as Facebook is mimicking its features with Hotline, and Twitter is doing the same with Spaces. Learn more about Clubhouse with our deep dive into the trendy app, and understand the risks involved with the data scraping that occurs across almost all social media platforms, Clubhouse included. 

Domestic abuse cases increasingly involve tech

According to The Guardian, the amount of domestic abuse cases in the U.K. involving tech has skyrocketed,  jumping 97% since the pandemic started. Abusers have found they can monitor and control their partners using a range of tech tools. Many abusers employ stalkerware, and not coincidentally, Avast detected a 93% increase in the use of stalkerware through 2020. Victim support charity Refuge launched a new website in response to the growing number of cases, offering resources to victims, including a simple animated video explaining what tech abuse is. Refuge also provides the tech support victims need to extract themselves from such situations. 

Amazon destroyed 2 million counterfeit products in 2020

In its first ever Brand Protection Report, Amazon expounded on the tools it provides its sellers, to verify and protect their brands, as well as how it takes counterfeiters to task. In 2020, Amazon reports, it “seized and destroyed” more than 2 million counterfeit products sent to its fulfillment centers. In addition, its verification process stopped over 6 million attempts to create a selling account before listing a sale, a sharp rise from 2019’s 2.5 million attempts. Despite the pandemic’s apparent increase in fraudulent activity, Amazon reports that fewer than .01% of all products sold on the site received a counterfeit complaint from customers.  

This week’s ‘must-read’ on The Avast Blog

More often than not, great convenience comes with great privacy implications. In this week's "What Does the Internet Know About Me?" update, read up on what your Ring doorbell knows and does with your data.