Deloitte – CyberSecurity Confabulation

Deloitte UK Targeted by Brian Cipher Ransomware Attack

Deloitte UK, one of the world’s leading professional services firms, has fallen victim to a significant cyberattack involving the Brian Cipher ransomware. The attack has reportedly compromised an estimated 1TB of sensitive data, raising serious concerns regarding the security of its infrastructure. In response to this breach, Deloitte has acknowledged the gravity of the situation and initiated a thorough investigation. However, experts suggest that the process may take some time before precise details about the breach are uncovered.

The Brian Cipher ransomware, which first emerged in July 2024, gained early notoriety after it successfully targeted and crippled an Indonesian government data center. This attack appears to be a part of a broader trend where sophisticated threat actors exploit vulnerabilities in corporate networks to gain unauthorized access. It is believed that the attackers leveraged a weakness in Deloitte’s network security to infiltrate its systems, potentially making off with sensitive client data, proprietary software blueprints, and confidential financial documents.

Although the attack’s full extent is yet to be confirmed, sources suggest that the breach may have far-reaching implications. The stolen data could include critical information about Deloitte’s internal IT infrastructure, exposing vulnerabilities in its systems and procedures. The company has stated that it is monitoring the situation closely and is committed to providing further updates as its investigation progresses. Deloitte has indicated that more detailed findings are expected by early next week, though the true scale of the breach may take longer to fully assess.

British Telecom Targeted by Black Basta Ransomware Group

In a separate but equally concerning development, British Telecom (BT) has reportedly fallen victim to an attack by the notorious Black Basta ransomware group. Over recent weeks, media outlets in the United States have been rife with reports of targeted cyber-attacks against multiple telecom operators, with the Salt Typhoon hacking group being identified as the primary actor behind espionage-related campaigns against several entities.

However, the focus has now shifted to British Telecom, a major UK-based telecommunications provider with over 100,000 users. The Black Basta ransomware group allegedly breached BT’s network, leading to potential data theft and subsequent sale of the stolen information on the dark web. While BT has not yet confirmed the specifics of the attack, sources suggest that the hackers may have gained unauthorized access to critical data, including corporate information from BT’s servers.

In an official statement released earlier today, British Telecom acknowledged the attempted infiltration of its conferencing platform servers, which was attributed to the Black Basta group. However, the company stopped short of confirming whether any data had been successfully siphoned or sold. The ongoing investigation is expected to determine the full impact of the attack and whether any confidential corporate data has been compromised.

As of now, the investigation is still in its early stages, and BT has not provided further details on the scope of the breach. The company has assured its customers that it is taking all necessary measures to secure its systems and prevent future incidents. The situation remains fluid, and more information will likely emerge in the coming days as the investigation progresses.

The post Ransomware attack on Deloitte and British Telecom appeared first on Cybersecurity Insiders.

Memcyco Inc, the real-time digital impersonation detection and prevention solution provider, and Deloitte, the leading consulting, advisory, and audit services firm, today announced their strategic partnership in the cybersecurity sector. The partnership enables Deloitte to extend this range of solutions offering customers Memcyco’s industry-leading anti-impersonation software. The solutions will be offered globally in regions such as the EMEA, LATAM, USA, and others.

Deloitte and Memcyco’s pivotal collaboration combines the former’s consulting expertise with the latter’s cutting-edge platform for detecting and preventing digital impersonation fraud in real time. This alliance will elevate fraud prevention to a new level, helping government organizations, enterprises, and brands protect themselves from damage and safeguard their reputations from being tarnished through attacks that use phishing sites to target their customers.

By virtue of their partnership, Memcyco and Deloitte will leverage additional solutions related to integration and cooperation, such as Deloitte’s Strategic & Reputation Risk Services. This multidisciplinary synergy ensures a holistic response to threats, capitalizing on each organization’s area of expertise and accumulated experience, thus offering more robust and complete solutions to clients.

Memcyco provides a platform for real-time detection, protection, and response to online impersonation attacks, whereby malicious actors use phishing, smishing, and other techniques to direct customers to fake pages that look and feel much like the real thing. These attacks trick users into giving up their personal data, such as login credentials and credit card information, which is subsequently used for ATO (account takeover) and other online attacks, leading to data breaches, theft of funds, and ransomware.

Unlike other solutions, Memcyco is singularly able to safeguard the “window of exposure” between when a fake website goes live and when the attacker attempts to use stolen data to access company web pages, using real-time alerts to warn users not to trust the spoofed site, as well as tracking attacker and victim activity. Addressing this window is crucial for organizations to be able to protect themselves from data breaches, financial losses, and reputational damage while protecting their customers from identity theft and financial harm.

Memcyco also provides organizations with full insight into attacks, including a list of all victims. This data not only gives the organization improved visibility, but also helps risk engines to predict fraud more accurately, thereby significantly decreasing remediation costs.

“Memcyco is delighted to build a partnership with Deloitte due to its dedicated team, expertise, and innovation capabilities,” said Israel Mazin, CEO of Memcyco. “Our shared commitment to empowering organizations to make informed decisions about their cybersecurity strategy is at the heart of our collaboration. In the long term, this partnership will pave the way for organizations of all sizes to mitigate impersonation and brandjacking attacks and to gain more trust from their customers.”

Memcyco will showcase its solutions at the third annual Deloitte Cyber iCON event in Spain on Jan 23, 2024. Cyber iCON allows businesses to gain first-hand knowledge about the most prevalent and sophisticated cyber threats they face today. Attendees will be able to learn about the latest strategies and countermeasures they can employ to safeguard themselves against advanced threats via real-world, interactive scenarios. Memcyco’s representatives will join Deloitte’s experts on-stage to discuss the dangers presented by digital impersonation and to introduce businesses to their comprehensive solution for mitigating such risks. Memcyco will also participate in a joint panel discussion and presentation alongside Deloitte’s expert cybersecurity consultants.

About Memcyco

Memcyco provides real-time digital impersonation detection, protection and response solutions to companies and their customers. Their real-time, agentless solutions are unique in fully safeguarding the critical “window of exposure” between when a fake site goes live and when an attacker attempts to use stolen data to access company web-pages. Memcyco alerts users who visit fake sites and gives organizations complete visibility into the attack, allowing them to take remediating actions. Led by industry veterans, Memcyco is committed to ensuring the security and digital trust of its customers – and of their customers. For more information, visit www.memcyco.com/.

About Deloitte

Deloitte has contributed to the development of business organizations and society during its more than 175 years of history. Faced with a constantly evolving reality, it has established itself as the advisor of reference for the transformation of large national and multinational companies using a multidisciplinary approach based on excellence, technological innovation and the continuous development of the talent of its professionals, maintaining its position as a leading professional services firm. The organization has strengthened its position by impacting clients, communities and people through the Make an impact that matters initiative, which is implemented in social action programs -WorldClass-, action against climate change -WorldClimate-, and its ALL IN diversity and inclusion strategy. Globally, the firm is present in more than 150 countries, where more than 345,000 professionals work. Learn more at: www.deloitte.com/.

The post Deloitte Partners with Memcyco to Combat ATO and Other Online Attacks with Real-Time Digital Impersonation Protection Solutions appeared first on Cybersecurity Insiders.