Security News > 2023 > February > Lessons Learned on Ransomware Prevention from the Rackspace Attack
The ransomware attack on Rackspace has taught us the importance of good cybersecurity habits.
Rackspace took to social media on December 6, 2022, posting on Twitter that the outage resulted from a ransomware attack.
The Rackspace forensic investigation determined the threat actor is a relatively newer ransomware group known as PLAY. Additionally, it is believed that the PLAY group was financially motivated to carry out the attack and may have gained access to a relatively small number of customers' email data.
The Play hacker group developed a new exploit, bypassing the mitigations for ProxyNotShell and launching the ransomware attack on the Rackspace Hosted Exchange environment.
As shown by the Rackspace attack, attackers often use unpatched vulnerabilities to attack critical systems and launch ransomware attacks.
Ransomware is a growing concern for organizations worldwide, as the fallout and consequences of suffering a ransomware attack are usually severe.
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)