CyberWatch Weekly: Top 3 Cybersecurity News from October 1st Week

This week, critical digital systems across Asia and social media platforms have faced serious cyber disruptions, highlighting how quickly technology vulnerabilities can impact everyday life and business operations. From a major government data center fire in South Korea to a cyberattack on Japan’s Asahi Brewery and deceptive Facebook groups targeting seniors with malware, these incidents reveal the growing sophistication and reach of cyber threats. Experts continue to stress the importance of robust disaster recovery, real-time monitoring, and user vigilance. Let’s take a closer look at this week’s top headlines.

South Korea Raises Cyber Alert After Datacentre Fire Cripples Key Government Services

South Korea has raised its national cyber threat level to “caution” after a fire at a major government data center in Daejeon disrupted nearly 70 digital systems and exposed vulnerabilities that hackers could exploit. The incident occurred when a lithium battery exploded during maintenance, igniting a blaze that burned for over 22 hours and injured one worker. The fire forced authorities to shut down 647 systems to prevent overheating, crippling essential services. Citizens faced outages across ministry websites, delays in postal operations, and difficulties accessing mobile identification cards, student records, and hospital services. Even crematorium bookings were disrupted, reflecting the scale of the shutdown. Officials confirmed that 96 systems were destroyed, with recovery and relocation to a backup facility in Daegu expected to take weeks, potentially stretching into the Chuseok holiday.

Raising the cyber threat level requires government agencies to report threats promptly, while experts urge stronger disaster recovery planning, redundant backups, and hardened cybersecurity defences to reduce exposure. The crisis underscores the risks posed by infrastructure failures coupled with opportunistic cyber threats.

Source: The Independent

Cyberattack on Asahi Disrupts Shipping and Customer Services in Japan

Japanese brewing giant Asahi has suffered a cyberattack that triggered a major system failure, halting order processing, shipments, and customer service operations across Japan. The company confirmed the disruption, stressing that there was no evidence of personal or customer data being leaked externally. The incident underscores the growing trend of cyberattacks targeting multinational corporations, following recent breaches at Jaguar Land Rover, Marks & Spencer, and Co-op. In Asahi’s case, hackers exploited vulnerabilities in its domestic IT infrastructure, forcing the suspension of call centre and service desk functions. While European operations remain unaffected, the attack has highlighted the brewer’s exposure to cyber risks, an issue the company itself identified in a 2023 report as a likely threat to operations, cash flow, and brand reputation.

To restore operations, Asahi is working with cybersecurity experts to investigate the root cause and implement recovery protocols. Experts suggest the company enhance system redundancies, strengthen real-time monitoring, and expand its disaster recovery plans to reduce the risk of prolonged outages.

Source: The Drinks Business 

Fake Facebook Groups Target Seniors with Trojan Malware Disguised as Community Apps

Cybercriminals are exploiting Facebook groups aimed at seniors by disguising malware as harmless community apps, according to new findings from ThreatFabric. Attackers created fake groups that appeared to promote travel, dance classes, and local activities, luring older adults into downloading apps such as Senior Group, Lively Years, ActiveSenior, and DanceWave. The scam combined social engineering and malicious software distribution. Once victims joined the groups, they were urged to “register” through an Android app, sometimes even paying sign-up fees. The downloads often delivered the Datzbro Trojan, which acts as both spyware and banking malware, capable of recording audio, stealing passwords, and enabling remote device control. In other cases, the Zombinder dropper was used to bypass Android security measures.

Researchers linked the malware’s origins to leaked code from China, now weaponized by global criminal groups. Victims have been reported in the UK, Canada, Australia, and Asia. Experts recommend avoiding suspicious group links, refraining from downloading third-party apps, and using updated mobile security tools to defend against such campaigns.

Source: Malwarebytes

Conclusion

Recent cyber incidents demonstrate that both public institutions and private companies remain vulnerable to attacks that can disrupt operations, compromise data, and harm trust. Proactive cybersecurity measures, timely response, and awareness are essential to mitigate risks and strengthen resilience against increasingly sophisticated threats in a connected world.

Stay vigilant and informed, tune in next week for more updates in InfosecTrain’s CyberWatch Weekly!