Assessments ongoing into Blue Waters hack

Assessments are ongoing into a cyber breach at Blue Waters Products Ltd, the latest local entity to fall victim to a cyber attack.

Hacking group LockBit3 posted over ten gigabytes of company information on the dark web over the last few days Company chairman Dominic Hadeed told Newsday assessments were still ongoing and said an update would be provided on Monday afternoon. He said the hack was detected about two weeks ago and the company responded to stop it.

“The data they got does not represent any more than ten per cent of our overall data package. It’s between five and ten per cent and everything that’s inside of there is between five and ten years old.
"So it’s nothing recent. That’s what I know about so far.”

He said when the company’s IT teams responded to the threat, it affected its automated order and delivery system. He said this has since been brought back online.

Hadeed said the company is currently going through the files posted to the dark web to determine what the breach was able to get.

“But as of now, we have found nothing that is concerning. As of now. It doesn’t mean that it won’t be, but as of now there’s not. But we’re digging into it.”

He said if any concerning information is discovered it will be reported to affected stakeholders as per the company’s protocol.

Senior cyber security lecturer and forensic investigator Shiva Parasram described the attacker as the current “deadliest and most aggressive group in the world,” which typically targets large companies.

Viewing the leaked data on the dark web, Parasram said a significant range of data was posted. However, he said he did not do a deep dive into the information because it is a private-sector company and he did not want to intrude or run afoul of the law.

(LockBit3 "have ten links on their website...and each one of those links has different information. So there’s one called, I think, Bank.zip, HR.zip, confidential.zip, salaries.zip, insurance.zip. There’s even one called passports.zip and visas.zip. So I’m assuming they have very, very confidential data inside of there.”

He said the hacker uses aggressive tactics and does not “skimp” on its approaches. He said these groups are also known for leaving "back doors open" to companies they have breached, to allow for repeated attacks.

Over the last year, numerous local entities fell victim to cyber attacks, including the office of the Attorney General, Courts and TSTT.