Security News > 2023 > February > Lessons Learned on Ransomware Prevention from the Rackspace Attack
The ransomware attack on Rackspace has taught us the importance of good cybersecurity habits.
Rackspace took to social media on December 6, 2022, posting on Twitter that the outage resulted from a ransomware attack.
The Rackspace forensic investigation determined the threat actor is a relatively newer ransomware group known as PLAY. Additionally, it is believed that the PLAY group was financially motivated to carry out the attack and may have gained access to a relatively small number of customers' email data.
The Play hacker group developed a new exploit, bypassing the mitigations for ProxyNotShell and launching the ransomware attack on the Rackspace Hosted Exchange environment.
As shown by the Rackspace attack, attackers often use unpatched vulnerabilities to attack critical systems and launch ransomware attacks.
Ransomware is a growing concern for organizations worldwide, as the fallout and consequences of suffering a ransomware attack are usually severe.
News URL
Related news
- Critical SonicWall SSLVPN bug exploited in ransomware attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Port of Seattle hit by Rhysida ransomware in August attack (source)
- AutoCanada says ransomware attack "may" impact employee data (source)
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)