In the first of a CRIBB blog double-bill this week*, we look back at cyber security news Dec 2021. The month began with a cyber-attack against Spar shops and continued with hackers looking to exploit the Log4j vulnerability. Finally, the BBC revealed a new cyber-attack that managed to disrupt Gloucestershire Council’s website.

Spar convenience stores forced to close after cyber-attack

This BBC News article on a recent attack against over 300 Spar stores offers yet more proof of the need to be cyber aware. On Sunday 5th December, James Hall & Company in Preston was targeted. The company operates Spar’s tills and IT systems and in the wake of the attack many stores were unable to take card payments and then forced to shut.

Hackers exploit Log4j to infect computers with ransomware

On December 10th it was revealed publicly that there was a vulnerability in Log4j: “Log4Shell”. Log4j is software that is used to record various activities occurring in a wide range of computer systems. Log4Shell therefore quickly became the target for cyber-criminals everywhere. Some deployed the new ransomware family known as Khonsari, as detailed in this article from The Hacker News. Launched against Windows machines, this attack downloads an additional payload from a remote server which encrypts all files with the extension “.khonsari”. It then displays a ransom note urging the victims to make a Bitcoin payment to recover access to their files.

Cyber-attack ‘cripples’ Gloucester City Council

This BBC News story reveals that Gloucester City Council are working to fix an issue from December 20th with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC). Systems affected in the cyber-attack included the council’s online revenue and benefits and customer services sections.

That is all for cyber security news Dec 2021. Were there any other stories that we should have included? What are your thoughts for the year ahead? Don’t forget to look out for our second blog piece of the week too, a review of cyber security news 2021. In the meantime, you can find other news round-ups from the past 12 months in our blog section here.

*Oh, happy new year – we hope you like this extra article when it lands tomorrow!