Cybercrime gang Conti, known for its ransomware attacks, has reportedly leaked main points about world leaders, actors and business tycoons after a strike opposed to London-based high-society jeweler Graff.
See also: Live panel | Securing Digital Healthcare Transformation: Supplier and Provider Insights
The breach was shown to Information Security Media Group through The House of Graff’s official spokesperson, who said the organisation is running with the relevant law enforcement and had informed the UK Information Commissioner’s Office about the incident.
Sam Curry, head of security at Cybersafety Responds to provider Cybereason, said it could be several weeks before the public knows the true effect of the attack.
“One thing that is not trivial for celebrities and celebrities who have allegedly had non-public data stolen is that other people or organizations with a deep wallet are more likely to pay a ransom than others. Threat actors know this and when they target organizations for theft, they will be persistent, patient, and thorough in their attack,” Curry notes.
An article in the British newspaper The Daily Mirror claims that the risk actors leaked 69,000 confidential documents on a dark web site, files related to Donald Trump, Oprah Winfrey and David Beckham.
The newspaper’s report also claims that leaked knowledge from another 11,000 people reaches Graff’s thriving clients, and ransomware actors are not easy to pay tens of millions of pounds to save you from publishing other sensitive information.
“We have informed the other people whose non-public knowledge has been affected and asked them to take appropriate action. Thanks to our powerful backup facilities physically, we were going to rebuild and restart our systems in a matter of days, which is crucial, without irretrievable loss of consciousness,” a Graff spokesperson said.
According to the report, the leaked documents come with visitor lists, invoices, receipts and credit notes. The list includes foreign superstars, such as Tom Hanks, Samuel L. Jackson and Alec Baldwin.
“Unfortunately, it appears that notable brands, businesses, and even government departments are being intentionally targeted through unscrupulous operators to extort cash [and] cause disruption or embarrassment,” a House of Graff spokesperson notes.
Trevor Morgan, product manager at Comforte AG, says the main points about the initial attack vector are speculative at the moment, however, the tactic may have been undeniable social engineering, in which a user is tricked into initiating malicious code that appears to result. probably harmless.
Morgan also says that the maximum of the attackers likely demanded the ransom in Bitcoin or a form of payment that is difficult to trace.
“Some organizations in similar conditions have been susceptible to not paying the ransom and simply repairing all PC systems in the case of encrypted files that interrupt operations. But in this situation, it’s stolen sensitive data that Graff wouldn’t need to divulge openly. “he says.
To avoid such situations, Morgan says, any organization with sensitive data will have to protect it with data-centric security as soon as it enters the enterprise ecosystem.
It recommends keeping sensitive data tokenized or encrypted in a format that preserves the original knowledge.
“Cybercrime continues to increase in scale and complexity. This is a risk for all companies. Maintaining the highest point of security against those risks has been a very sensible priority for us. We are continually strengthening our systems to counter those risks as they occur. evolve,” notes a spokesperson for House of Graff.
Conti is one of many Russian-speaking ransomware operations, allegedly operating from countries that were once components of the Soviet Union, that have continued to achieve targets in the United States and Europe, causing disruptions.
The U. S. government, which has followed an increase in the speed of attacks related to the Conti ransomware, recently issued a joint cybersecurity advisory from the U. S. Cybersecurity and Infrastructure Security Agency. The U. S. Department of Homeland Security, the FBI and the National Security Agency, warning that Conti has so far effectively affected more than 400 organizations founded in the U. S. USA
“In typical Conti ransomware attacks, malicious cyberattackers borrow files, encrypt servers and workstations, and demand payment of a ransom,” the account states.
For further opposition to Conti attacks, the alert recommends a variety of defenses, adding “implement the mitigation measures described in this notice, which come with requiring multi-factor authentication, implementing network segmentation, and updating operating systems and software. “
Reaction to ransomware incidents Coveware corporate reports that, based on thousands of incidents it helped investigate from April to June, Conti was the most common ransomware at the time, after Sodinokibi, also known as REvil. Coveware, said that while Sodinokibi accounted for more than 16% of all incidents it helped with. , Conti accounted for more than 14%.
Like other ransomware-as-a-service operations, Conti relies on its affiliates to infect victims. While some primary ransomware operations have disappeared, changed names, or stopped in recent months, experts say Conti appears to have recruited many of its affiliates. helping you release more attacks.
Continue “
Sign in now
Complete your profile and update
Contact Support
Sign in now
Sign in now
Our website uses cookies. Cookies allow us to offer the most productive pleasure imaginable and help us perceive how visitors use our online site. By browsing inforisktoday. com, you consent to our use of cookies.