Security News
The latest company to fall victim to a ransomware attack is Cognizant, a large US IT services company which admitted at the weekend that it had fallen victim to Maze. Cognizant can confirm that a security incident involving our internal systems, and causing service disruptions for some of our clients, is the result of a Maze ransomware attack.
Professional services company Cognizant has fallen victim to a cyber-attack which appears to have been the work of the Maze ransomware operators. With roughly 300,000 employees around the world, Cognizant ranked 193 on the Fortune 500 list in 2019.
The first published example of a double extortion attack, according to Check Point Research, came with the attack against Allied Universal in November 2019. In a later post on a Russian underground forum, they posted a link to "10% of data we have exfiltrated." They added, "We give them 2 weeks until we send other 90% of data to wikileaks. Other 90% is a quite interesting part... Time is ticking."
To amp up the threat, attackers are now doubling their extortion tactics by also threatening to release the sensitive information publicly unless the victims pay up. A report published Thursday by Check Point Research illustrates how these ransomware attacks work.
Victims of ransomware attacks now face a double whammy of headaches. The ransomware tactic, call "Double extortion," first emerged in late 2019 by Maze operators - but has been rapidly adopted over the past few months by various cybercriminals behind the Clop, DoppelPaymer and Sodinokibi ransomware families.
As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals-with no conscience and empathy-are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. While the security firm didn't name the latest victims, it said a Canadian government healthcare organization and a Canadian medical research university both suffered ransomware attacks, as criminal groups seek to exploit the crisis for financial gain.
Originally, ransomware didn't involve any data theft. Malware would encrypt the data on your computer, and demand a ransom for the encryption key.
The question now becomes, is backup alone enough, or is full disaster recovery required to mitigate the effect of ransomware? By 'disaster recovery', we mean the full gamut of backing up data, recovering that data, and business restitution without loss of business continuity. A good backup system will allow rapid if not immediate recovery minimizing the loss of data to an annoyance rather than a disaster.
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The sensitive documents include details of Lockheed-Martin-designed military equipment - such as the specifications for an antenna in an anti-mortar defense system - according to a Register source who alerted us to the blueprints.
Microsoft is offering hospitals security tips to try to help. Though some ransomware groups have actually pledged to leave hospitals alone during the COVID-19 outbreak, other groups are clearly exploiting the situation.