Reports have surfaced stating that the same hacker that is targeting Casino’s and Mining cooperation’s in Canada is plotting to carry out even more attacks, the attack is aimed at extorting these organisations. this much was made known by FireEye, a private cyber security outfit in a report recently.
FireEye stated that it believe that a hacker or group hackers named FIN10 is behind the attacks due to the identical nature of the methods deployed, similarities such as: how they invaded the systems, making away with large volumes of sensitive data and asking that a ransom be paid using Bitcoin and then making public the information through bloggers.
Although Firefly refused to name the victims, the methods deployed as described in their report looked like those deployed in attacking Goldcorp, the world’s third largest Gold miners using market value. Same was also used against smaller operators such as Detour Gold and the Casino Rama Resort.
The report by FireEye state that the FIN10’s level of success makes further adoption of same strategy highly plausible, also it stated that it had more proofs showing that the hackers had targeted more victims.
FireEye states that FIN10 made use of the moniker Angels of truth at least one time, saying that it would attack in response to Canadian embargo upon Russia. More than once it borrowed the name Tesla Team from a group of Serbian hacker-activists.
The report by FireEye indicated that it believes that FIN10 was hiding behind those names, with no support from any Nation or even any form of links with any criminal organisation.
Angels of truth were the nomenclature utilised by hackers who made contact with a blogger between April and June 2015 claiming responsibility in English and Russian for the breach. The same blogger raised alarm about a breach at Goldcorp in April 2016 and made known the details on the Daily Dot website before Goldcorp made known the compromise.
The Vancouver located Miners have since then modified their IT processes, increased network security processes, and increased awareness among its staff about cyber risks, this much was made known the spokeswoman.
After the hack, a mining industry group created a network to share data on cyber threats. It is reported that at least six members will implement the project next month. Fin10 is still exchanging correspondence with some of its victims and more people at risk would become aware of the threat within the next few weeks or months as the case may be.
However, Detour Gold didn’t respond to queries as at the time of filing this report. Neither did Casino Rama, Casino Rama said that sensitive customer, staff, and retailer information had been stolen. Some were even said to have been posted online, and they now face a class action court case over the hack.