New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Vice Society Strikes Against Puerto Rico Critical Infrastructure

Vice Society allegedly carried out a cyberattack against the Puerto Rico Aqueduct and Sewer Authority, compromising its computer systems, causing disruptions to its services, and accessing data. The attack was detected on March 19th, 2023, and the agency immediately launched an investigation to determine the scope and extent of the breach. The attack targeted the authority’s computer networks and systems, including its billing and customer service systems, as well as its operational technology. The attackers were able to gain access to sensitive information such as customer data, financial records, and employee information. As a result of the attack, the authority was forced to shut down some of its systems, which caused disruptions to its services. However, the authority reassured customers that it had implemented measures to minimize the attack’s impact and restore normal operations as soon as possible. The Puerto Rico Aqueduct and Sewer Authority is working closely with law enforcement and cybersecurity experts to identify the source of the attack and prevent any further breaches. The authority also urged customers to remain vigilant and report any suspicious activity related to their accounts or personal information.

Analyst Notes

Critical infrastructure attacks continue to increase, and the need for organizations to prioritize cybersecurity measures to protect against such attacks is becoming even more important. Following the recommendations below will help organizations to defend against Vice Society.

1. Implement a robust endpoint security solution that includes anti-malware, anti-virus, and anti-phishing capabilities. This will help prevent Vice Society ransomware and other malware from infecting systems.

2. Ensure that all software and operating systems are up to date and patched regularly. Vulnerabilities in software can be exploited by Vice Society and other threat actors to gain access.

3. Use multi-factor authentication for all accounts and limit access to sensitive systems and data to only authorized personnel.

4. Conduct regular security awareness training for employees, emphasizing the risks of phishing attacks and other social engineering tactics used by Vice Society and other threat actors.

5. Implement network segmentation to limit the potential impact of a cyberattack on critical systems and data.

6. Establish an incident response plan that includes regular training and drills for responding to a ransomware attack, including a plan for isolating infected systems and restoring operations as quickly as possible.

7. Regularly back up critical data and systems and ensure that backups are stored securely and offline so that they cannot be encrypted or otherwise compromised in the event of a ransomware attack.

8. Consider partnering with a reputable cybersecurity firm such as Binary Defense to provide ongoing monitoring and support for systems and processes.

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority