Security News
Managed web hosting provider Managed.com has taken their servers and web hosting systems offline as they struggle to recover from a weekend REvil ransomware attack. As first reported by ZDNet, Managed.com disclosed on Tuesday that they were hit with a ransomware attack and, to protect the "Integrity of our customer's data," they decided to take their entire system down, including clients' websites.
They also warned that cases where the attackers exfiltrated data and asked for an additional ransom to delete it have doubled in the same period, but that paying up is a definite gamble. Various ransomware groups have posted the stolen data online despite having been paid to not release it or have demanded another payment at a later date.
In a new campaign analyzed by Radware, cybercriminals threaten organizations with Distributed Denial of Service attacks unless they acquiesce to their ransom demands. Published on Wednesday, a security alert entitled "2020 Ransom DDoS Campaign Update" describes how Radware and the FBI have been warning organizations about a global ransom DDoS campaign targeting financial companies and other businesses around the world.
Ransomware continues to run rampant this week, with well-known organizations getting hit with massive ransomware attacks. The biggest news this week is the Clop ransomware attack against Software AG, where the attackers are demanding a $23 million ransom.
The Clop ransomware gang hit the network of German enterprise software giant Software AG last Saturday, asking for a ransom of $23 million after stealing employee information and company documents. Software AG is a software company headquartered in Darmstadt, Germany, with more than 5,000 employees and operations in over 70 countries around the globe.
There's an old adage in information security: "Every company gets penetration tested, whether or not they pay someone for the pleasure." Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in. These folks are very often contractors who work with established ransomware groups, and who are paid a set percentage of any eventual ransom payments made by a victim company.
Virginia's largest school system has been hacked and the attackers are seeking a ransom payment to keep them from disclosing stolen personal information. The school system confirmed the hack and said it is investigating and working with law enforcement.
Most online attacks could be easily avoided by following basic cyber security advice, Australia's national cyber security bureau has said - even as it warned that the impact and severity of things like ransomware attacks are getting worse and worse. "Cybercriminals follow the money," said the Australian Cyber Security Centre in its annual report for 2019-20, published earlier this week.
Lafayette, Colorado, officials announced Tuesday the city's computer systems were hacked and they were forced to pay a ransom to regain access. Lafayette officials said hackers disabled the city's network services and blocked its access until the city paid a $45,000 fee, the Daily Camera reported.
CWT, a giant in the corporate travel agency world with a global clientele, may have faced payment of $4.5 million to unknown hackers in the wake of a ransomware attack. A CWT spokesperson declined to comment on whether the ransom was paid, or any technical details of the attack, or how it was able to recover so quickly.