A new IT hack on media organisations appears to have taken place in the early hours of this morning.
In the wake of the attack last month on the Impresa group (click here), the latest victims – Correio da Manhã (the country’s most widely-read tabloid), Sábado, Jornal de Negócios and CMTV – belong to the Cofina media group.
The PJ’s UNC3T cybercrime combat unit is investigating – and refusing to credit hackers Lapsus$ with the attack, in spite of the hackers’ purported Telegram platform featuring Correio da Manhã’s statement on the situation in the early hours of today.
For now, a source for the PJ, has simply reiterated what is slowly becoming obvious: “cybercrime is increasing exponentially”.
Advice to companies is to ‘adopt measures of IT security, including computer redundancy measures and internal use of credentials and passwords to prevent this and other kinds of attack”.
The attack on the Impresa group was seen as an assault on ‘press freedom’, and rendered the sites of SIC television news and Expresso inoperable for a period of days. In fact, SIC’s site has not yet returned in its original form, appearing to have had to re-construct from scratch.
Last weekend, the Lapsus$ group appeared also to be claiming an attack on the parliamentary site, but this was not verified (click here).
The curious aspect of Lapsus$ group ‘attacks’ is that, up until now, there not not appear to have been any demands for ‘ransom’ (for restitution of hacked information). It seems the group simply launches its attacks, claims credit for them, and then goes to ground.
It’s not even clear where Lapsus$ is based.