Security News > 2023 > February > Lessons Learned on Ransomware Prevention from the Rackspace Attack
The ransomware attack on Rackspace has taught us the importance of good cybersecurity habits.
Rackspace took to social media on December 6, 2022, posting on Twitter that the outage resulted from a ransomware attack.
The Rackspace forensic investigation determined the threat actor is a relatively newer ransomware group known as PLAY. Additionally, it is believed that the PLAY group was financially motivated to carry out the attack and may have gained access to a relatively small number of customers' email data.
The Play hacker group developed a new exploit, bypassing the mitigations for ProxyNotShell and launching the ransomware attack on the Rackspace Hosted Exchange environment.
As shown by the Rackspace attack, attackers often use unpatched vulnerabilities to attack critical systems and launch ransomware attacks.
Ransomware is a growing concern for organizations worldwide, as the fallout and consequences of suffering a ransomware attack are usually severe.
News URL
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)