The government and professionals involved in ransomware incident response have often advised victims not to pay the ransom because even if you pay, you may not get your data back, and you may not get your data deleted by criminals who pinky swear that they will delete it. Then, too, they may pinky swear that…
Category: Malware
JP: Japan Airport Refueling Co. discloses ransomware incident; refueling work not impacted
Security NEXT reports that Japan Airport Refueling, which provides aircraft refueling services, experienced a ransomware attack. A machine translation of the report says, in part, that the company’s internal network failed in the early morning of June 21. Investigation confirmed that it was a ransomware attack, and the company received a ransom demand to decrypt…
CISA’s CSET Tool Sets Sights on Ransomware Threat
CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform…
UK arm of international charity the Salvation Army hit by ransomware attack
Gareth Corfield reports: Criminals infected the Salvation Army in the UK with ransomware and siphoned the organisation’s data, The Register has learned. A Salvation Army spokesperson confirmed the evangelical Christian church and charity was compromised, and said it alerted regulators in the UK. Read more on The Register.
Bucks County behavioral health and substance abuse nonprofit struck in cyberattack, urges clients to check their information
Anthony Salamone reports: The records of an unspecified number of clients of an Upper Bucks County behavioral-health and substance abuse nonprofit, which serves the Lehigh Valley, might have been stolen as part of a ransomware attack on the agency earlier this year. Penn Foundation in West Rockhill Township said it informed clients Tuesday of the…
University Medical Center of Southern Nevada attacked by REvil threat actors
See update at bottom of this post for statement from UMCSN. They do confirm that there was a breach. The University Medical Center of Southern Nevada, who proudly proclaims itself the official healthcare provider for the Vegas Golden Knights, has allegedly been the victim of a cyberattack by REvil (Sodinokibi) threat actors. The well-known ransomware…