Security News
Online learning solutions provider K12 Inc., which recently announced changing its name to Stride Inc., said on Monday that it had decided to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware. The attackers deployed a piece of ransomware and accessed information stored on some corporate back-office systems.
Advantech, the chip manufacturer, has confirmed that it received a ransom note from a Conti ransomware operation on Nov. 26 demanding 750 Bitcoin, which translates into about $14 million, to decrypt compromised files and delete the data they stole. Professionalized ransomware groups including Conti, Ragnar Locker, Maze, Clop and others have been exploiting security holes created by the emergency shift to remote work due to the pandemic, coupled with well-publicized leak sites to wreak havoc and wring millions out of unsuspecting companies like Advantech.
Delaware County, Pennsylvania has paid a $500,000 ransom after their systems were hit by the DoppelPaymer ransomware last weekend. "The County of Delaware recently discovered a disruption to portions of its computer network. We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. We are working diligently to restore the functionality of our systems," the Delaware County alert stated.
Industrial automation and Industrial IoT chip maker Advantech confirmed a ransomware attack that hit its network and led to the theft of confidential, albeit low-value, company documents. The Conti operators behind the attack on Advantech's network have set a ransom of 750 BTC for full data decryption and for removing stolen data from their servers according to a chat log seen by BleepingComputer.
Denmark's biggest news agency will stay offline for at least another day following a hacking attack this week and has rejected a ransom demand by hackers to release locked data, the wire service said Wednesday. Ritzau CEO Lars Vesterloekke couldn't say how big the ransom demand was because those behind the "Professional attack" had left "a file with a message" that the agency didn't open following instructions from its advisers.
Survey data indicates ransomware attacks have proven to be especially effective, as 56% of organizations surveyed have suffered a ransomware attack in the last year. The COVID-19 pandemic catalyzed increasing concerns around ransomware attacks, with many organizations resorting to paying the ransom.
The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers. Ransomware gangs know that many businesses would rather hide a ransomware attack than make it public, including to employees, for fear of the news affecting stock prices and their reputation.
The Egregor ransomware uses a novel approach to get a victim's attention after an attack - shoot ransom notes from all available printers. Ransomware gangs know that many businesses would rather hide a ransomware attack than make it public, including to employees, for fear of the news affecting stock prices and their reputation.
According to the survey, 57% of respondents said their companies haven't tested their disaster recovery plan within the past two months and 66% estimated that it would take five or more days to fully recover from a ransomware attack if they didn't pay the ransom. Just one third of all respondents said their companies had three or more copies of their data, including having one copy off site, separate from their data center.
Managed web hosting provider Managed.com has taken their servers and web hosting systems offline as they struggle to recover from a weekend REvil ransomware attack. As first reported by ZDNet, Managed.com disclosed on Tuesday that they were hit with a ransomware attack and, to protect the "Integrity of our customer's data," they decided to take their entire system down, including clients' websites.