Termite Hacked Blue Yonder 

Termite is a previously unknown  ransomware gang which has claimed responsibility for a recent cyber attack on the leading supply chain software company, Blue Yonder

The original attack hit Blue Yonder customers in November , including the Starbucks coffee shop chain and UK grocery stores, Sainsbury's and Morrisons. 

According to reports, Starbucks was forced to pay staff manually, while Morrisons experienced problems with its warehouse management systems.

Now, Termite has used its Dark Web page to claim responsibility for several others large-scale attacks on organisations across different sectors, including government agencies, oil and gas and vehicle manufacturing, although not all Termite's claims are confirmed. 

In the exploit against Blue Yonder, Termite claims to have stolen 680GB of data, including more than 16,000 email lists that it plans to use for future attacks, and more than 200,000 insurance documents. Blue Yonder said it was working to restore systems, with some of the affected customers brought back online and others on the path to recovery. It has hardened its defensive and forensic protocols since the incident, the company revealed.

According to detailed analyses from both Cyjax and from Cyble, Termite is using a modified version of Babuk ransomware, which, encrypts targeted files and adds a .termite extension. It simultaneously delivers  a ransom note onto its victims' encrypted systems. The actor's logo features a blue stylised termite integrated with circuit-like pathways.

Recommended  Measures To Prevent Ransomware Attacks:

  • Do not open untrusted links and email attachments without first verifying their authenticity.
  • Conduct regular backup practices and keep those backups offline or in a separate network.
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.
  • Use a reputable antivirus and Internet security software package on your connected devices, including PC, laptop, and mobile. 

While Blue Yonder has acknowledged it is investigating Termite's claims, it has not so far said anything about ransom. 

Cyjax   |    Cyble   |   Infosecurity Magazine   |    Cyberscoop   |    Broadcom   |   @BlueYonder   |    ITPro   

Image: 

You Might Also Read: 

Medusa Ransomware Group: Delivering Sophisticated Attacks:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« The Corporate CISO Role Is Evolving 
The Challenges Of Middle Management In Email Cybersecurity »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Voyager Networks

Voyager Networks

Voyager Networks is an IT solutions business with a focus on Enterprise Networks, Security and Collaborative Communications.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

Build38

Build38

Build38 provides the highest levels of security for mobile applications.

Syber Technology

Syber Technology

Syber Technology is an IT project implementer empowering IT systems of Small to Medium Enterprises in the Middle East.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Digital Boundary Group (DBG)

Digital Boundary Group (DBG)

Digital Boundary Group (DBG) is an information technology security assurance services firm providing information technology security auditing and compliance assessment services to clients worldwide.

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

gener8tor

gener8tor

The gener8tor Cybersecurity Accelerator offers a cutting-edge program in San Antonio, home to the second-largest concentration of cybersecurity experts in the United States.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

WillCo Tech

WillCo Tech

WillCo Tech works to enhance national security and force readiness for military and commercial enterprises with a suite of software capabilities surrounding the human element of cybersecurity.

Wirespeed

Wirespeed

Managed Detection & Response (MDR) has never been faster or easier: Onboard in minutes, Respond in seconds, Secure instantly.