Cymulate’s August 2021 Cyberattacks Wrap-up No summertime vacation for threat actors who were once again very busy during August 2021, launching ransomware attacks against several organizations. The Conti ransomware operators were very active this month, breaching the systems of SAC Wireless, a US-based Nokia subsidiary. They were able to upload the stolen information to their cloud server and to encrypt files on the compromised systems. The FBI has connected Conti to more than 400.
Cymulate’s July 2021 Cyberattacks Wrap-up July 2021 started with an affiliate of the notorious REvil gang conducting a ransomware attack targeting Miami-based information technology firm Kaseya. It infected thousands of victims in at least 17 countries through firms that remotely manage IT infrastructure for multiple customers. The threat actors demanded a ransom of a rumored $50 million that the company stated it did not pay, but instead had obtained a decryption tool from a “third party”. .
Cymulate’s June 2021 Cyberattacks Wrap-up June 2021 saw a number of ransomware attacks and ransom payments. Gold Northfield, the REvil ransomware group, launched various attacks targeting high-profile targets. JBS Foods, one of the world’s largest meat producers, paid the equivalent of $11 million to restore its operations in Australia, the USA, and Canada after being infected by REvil. Also Fujifilm fell victim to a ransomware attack by the REvil threat actors using the Qbot Trojan, as did.
Going on the Offensive In the US government and in the private sector the last few weeks have been truly fascinating from a ransomware perspective. We have reached a tipping point where both sectors see Ransomware as a high-risk threat. In the case of the US government, they have taken a more proactive and offensive approach in going after ransomware criminals, their infrastructure, and even their stolen funds. In this blog, we will discuss this as well as some guidance for the private sector.
Cymulate’s May 2021 Cyberattacks Wrap-up During May 2021, threat actors, quite likely DarkSide, went big-game hunting, hacking the Colonial Pipeline Co., which operates one of the largest U.S. fuel pipelines. The company decided to comply with the ransom demand and paid $5 million to restore operations. Also in May 2021, branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines were hit by ransomware cyberattacks. This cyber attack followed the announcement of.
Cymulate’s April 2021 Cyberattacks Wrap-up Threat actors stepped up their game during April 2021, with ransomware groups finding new ways to increase their profits by putting on corporate victims. For instance, the DarkSide ransomware group is openly approaching stock traders to offer them inside knowledge of their latest corporate victims, which would allow the brokers to short sell the breached company’s stock before any data is leaked and the breach becomes public. The Babuk ransomware group.
I get a great deal of satisfaction working with enterprises and professionals helping them to develop the skill sets to meet difficult challenges and overcome them. This is especially true when looking at and defeating nation-state and criminal attackers. We have seen some very disastrous Nation-State APT (advanced persistent threats), ransomware and supply chain attacks recently. As sophisticated and frightening as these attacks are, they are, however something we can protect ourselves from..
Cymulate’s March 2021 Cyberattacks Wrap-up Threat actors were busy during March 2021, breaching major companies such as SITA, a global IT company supporting 90% of the world’s airlines. In this case, the PII belonging to airline passengers was stolen, including their names, card numbers, and status level. In the Netherlands, the stolen personal data of an estimated 7.3 million residents were offered online for sale. The data was stolen from RDC, a company that provides car garages with IT.
Ransomware is a constant threat to both businesses and individuals. The potential for all critical data necessary to run an organization or a family to be locked is terrifying; and the global malware situation doesn't show any signs of slowing down in the future. Added to the threat of data loss to encryption is the recent surge in so-called "double-extortion attacks" where the data is not only encrypted but also stolen. Let's take a look at the anatomy of these types of ransomware attacks.
Editor's note: Due to the sensitive nature of the topic of this post, Cymulate will not be placing our usual advertising information inside and at the end of the post. We stand with the hospital, emergency services workers, and the family of the victim in recognizing the gravity of this issue. Contact information for Cymulate can be found at the top and bottom of every page of our site, and so we will be presenting this post as-is. Unfortunately, the time has come to answer a question I get on.
Read More >
Subscribe to Our Blog
Stay up to date with the latest cybersecurity news and tips