14 Jul Security Breach – 14 July 2023
When a company pays a ransom, that money travels far and wide across the dark web. Ransoms don’t just go to one person or organisation — even an ancillary participant in a ransomware attack will profit. That’s a major reason why cybercriminals of every stripe are quick to jump into a ransomware operation. Those criminals have a high chance of walking away with substantial cash, and everyone gets paid.
The big, powerful ransomware gangs rarely run campaigns themselves. Instead, they operate Cybercrime-as-a-Service platforms that cybercriminals can use to conduct operations, attract talent, network with freelancers and receive payments. The boss gang makes their money from their cut of the profits when a successful ransomware attack occurs under their auspices. Those attacks are conducted by allied independent contractors known as affiliates. The affiliates are the ones doing the day-to-day work of mounting a successful ransomware attack.
Recent Breaches
Australia – Ventia – Critical Infrastructure Management
Exploit: Hacking
Risk to Business: Severe: Ventia, a Sydney-based company that provides long-term management, maintenance and operations services for critical infrastructure organizations has announced that it is taking some systems offline due to a weekend cyberattack. While the company has not confirmed the nature of the attack, experts are pointing to ransomware. The company says that it has engaged with external experts and law enforcement to investigate the incident, and all operations are expected to return to normal within the following days.
Japan – The Port of Nagoya – Seaport
Exploit: Ransomware
Risk to Business: Extreme: The largest seaport in Japan and the central shipping hub for Toyota, the Port of Nagoya, experienced a ransomware attack last Tuesday that led to a total shutdown. The port’s operator, Nagoya Harbor Transportation, disclosed that it received a ransom demand from LockBit 3.0 immediately following the beginning of systems failure in the early morning. All cargo operations, including the loading and unloading of containers onto trailers, were suspended as of July 4 but port officials expected to resume operations within a few days.
Talk to a TCT team member today about implementing cyber security and phishing training plan for your employees.
Robert Brown
14/7/2023
Related Articles:
Cybersecurity needs to be a top priority for businesses
Brand impersonation Brand impersonation and spoofing are a threat all year round