The ransomware plague continues! 56% of organizations surveyed by CrowdStrike were hit with ransomware in the last year! This is a staggering number. Among those affected, 27% chose to pay the ransom, costing organizations on average, $1.1 million paid to hackers.
The top ransomware victims this year are considered by some to be Cognizant, Magellen Health, Communications & Power Industries, University of California San Francisco, Advantech, Carnival Corporation and Canon.
The sheer breadth of the list reminds us no sector or organization is immune!
Just recently, some of the notable attacks have been on Baltimore County, Kmart, Vancouver Metro and helicopter maker, Kopter.
We were one of the first to warn you that hackers are entrepreneurs. We called them hacktrepreneurs – which seems to be a more accurate term by the day. We warned you when they evolved ransomware to become Extortionware – by releasing parts of the victim’s data online until they got paid. We warned again when they launched an affiliate program, allowing affiliates to make a million dollars or more per hack.
Now, they are starting to call their victims and warn them, if they restore from backups, without paying.
This is an escalation of their tactics and shows just how determined they are to get money from their victims. Almost nothing will stop them.
"We think it's the same outsourced call center group that is working for all the [ransomware gangs] as the templates and scripts are basically the same across the variants," Bill Siegel, CEO and co-founder of cyber-security firm Coveware, told ZDNet in an email.
According to a recorded call made on behalf of the Maze ransomware gang, and shared with ZDNet, the callers had a heavy accent, suggesting they were not native English speakers.
Below is a redacted transcript of a call, provided by one of the security firms as an example, with victim names removed:
"We are aware of a 3rd party IT company working on your network. We continue to monitor and know that you are installing SentinelOne antivirus on all your computers. But you should know that it will not help. If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat or the problems with your network will never end."
The boldness of these hackers continues to grow and it seems no organization is safe.
At IT services and MSP-leader Apex Technology Services, we perform cybersecurity training which is live and in-person or more recently, “Zoom” and in-person. During these sessions, we typically see significant engagement levels and workers typically ask a lot of great questions and seem to learn from the sessions. We bundle this training with phishing – we use our own PHISH360 platform to send them phishing attacks before and after the training.
We are happy to discuss ways to keep your company as secure as possible – although no organization can be guaranteed secure, making it more difficult for hackers means they may look for an easier target elsewhere.
Rich Tehrani is CEO of RT Advisors and a Registered Representative with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). RT Advisors is not owned by Four Points.
The above information was strictly a technical/business news article/review regarding the company(ies) mentioned. The information contained should not be considered and is not a recommendation to invest in or sell short the securities of the underlying company(ies).