There’s an interesting piece by Andrew E. Kramer, Michael Schwirtz and Anton Troianovski in the New York Times: Secret Chats Show How Cybergang Became a Ransomware Powerhouse. The reporters obtained access to the internal dashboard that DarkSide customers used to organize and carry out ransom attacks and their piece provides some insights as to how DarkSide “support” dealt with…
Category: Breach Incidents
CA: Azusa Police reveal ransomware attack in March
On March 17, the DoppelPaymer threat actors added Azusa Police Department in California to the leak site where they list ransomware victims who have refused to pay their ransom demands. On April 22, the threat actors increased the pressure on the department — or attempted to — by dumping some files as proof that they…
After going up, up, up, will ransom payments in healthcare and education sectors start dropping?
Key points: More than half of ransomware victims reportedly pay ransom, but there is an absence of quality data and reporting that would enable better analyses. As payouts have increased, the number of customers electing to have cyberinsurance coverage (the take-up rate) has increased, although SMBs lag behind mid- to large-sized entities. As payouts have…
Nz: Waikato DHB cyber attack: Govt says it will not pay ransom to hackers
NZ Herald reports: The Government won’t pay a ransom to those behind the Waikato DHB cyber attack which crashed the board’s entire system last Tuesday. A group claiming to be responsible for the cyber attack claimed today that it had accessed confidential patient notes, staff details and financial information. Health Minister Andrew Little said he was…
Phoenix chiropractic practice offline after ransomware attack
Spine & Disc Medical Center in Phoenix, Arizona is a chiropractic practice. They have apparently been the victims of a ransomware attack by Avaddon threat actors, who added them to their leak site and dumped some data as proof of claims. It is not clear how much data the threat actors may have exfiltrated. The…
Ch: Siegfried affected by attack on its IT systems
Siegfried pharmaceutical published a statement on its web site on May 23: The Siegfried Group’s IT network has become the target of a malware attack. The company immediately initiated extensive measures to ensure the safety of its employees and facilities at all times and to avert further damage. The root cause has been identified and the…