Ransomware attacks have been on the rise since the start of the COVID-19 pandemic, so much so that they have become the biggest single money earner for cybercriminals.
#RANSOMWARE SUMMIT EYES TIGHTER SCRUTINY OFFLINE#
But a site on the dark web used by REvil to publicize stolen data appeared offline at the time of writing. The hackers typically threaten to publish the victim’s files if their ransom isn’t paid. REvil, also known as Sodinokibi, not only encrypts a victim's files but also exfiltrates data from their network. “Most recently, the Qbot trojan has been actively exploited by the REvil hacking collective, and it seems highly plausible that the Russian-based hackers are behind this cyberattack." “Initial forensic analysis suggests that the ransomware attack on Fujifilm started with a Qbot trojan infection last month, which gave hackers a foothold in the company’s systems with which to deliver the secondary ransomware payload,” Ray Walsh, digital privacy expert at ProPrivacy, told TechCrunch. The summit follows a report that companies paid out over 590 million in ransomware payments over the first half of 2021. It previously worked with the ProLock and Egregor ransomware gangs, but is currently said to be linked with the notorious REvil group. The summit notably excluded one of the largest sources of ransomware, Russia. The creators of Qbot, also known as QakBot or QuakBot, have a long history of partnering with ransomware operators. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities. In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. "We want to state what we understand as of now and the measures that the company has taken. As part of this investigation, the network is partially shut down and disconnected from external correspondence," the company said in a statement posted to its website.
"Fujifilm Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. The company, which is best known for its digital imaging products but also produces high-tech medical kit, including devices for rapid processing of COVID-19 tests, confirmed that its Tokyo headquarters was hit by a cyberattack on Tuesday evening. Japanese multinational conglomerate Fujifilm has been forced to shut down parts of its global network after falling victim to a suspected ransomware attack.
0 kommentar(er)
