Bonjour, new guests from small-town India
Puneet Dhawan of Accor is brimming with ideas on ways to revive the hospitality sector
Cyberattackers using ransomware called Maze tried to execute a $15-million ransomware attack in three different ways, according to an analysis by cybersecurity firm Sophos.
Sophos in its ‘Maze Attackers Adopt Ragnar Locker Virtual Machine Technique’, report detailed how attackers “tried three different ways to execute Maze ransomware during a single attack while demanding a $15-million ransom. “
“Maze is one of the most notorious ransomware families, active since 2019 when it evolved from ChaCha ransomware, and it was among the first to combine data encryption with information theft,” explained Sophos.
Also read: Cyber attackers are targeting Linux-based workstations and servers, says report
Maze operators attempted to use virtual machines to spread the ransomware during its third attempt. This technique has been pioneered by a threat actor called Ragnar Locker.
According to the firm’s analysis, attackers were within the targeted network at least six days prior to their first attempt to launch the ransomware payload.
“During this time, the attackers explored the network, ran legitimate third-party tools, established connections, and exfiltrated data to a cloud storage service to prepare for the release of the ransomware component,” Sophos said.
Also read: Cyberattacks rise as firms cut spends during Covid: Report
After its first attempt at a ransomware attack, the attackers demanded a $15-million ransom from the target of the attack who did not pay the ransom. The next two attacks were blocked by the security firm.
“The attack chain uncovered by Sophos threat responders highlights the agility of human adversaries and their ability to quickly substitute and reconfigure tools and return to the ring for another round,” said Peter Mackenzie, incident response manager, Sophos. “The use of a noisy Ragnar Locker virtual machine technique, with its big foot-print and CPU usage, could reflect a growing frustration on the part of the attackers after their first two attempts to encrypt data failed.”
Also read: Massive increase in mobile threats in Q2 2020: Kaspersky
Sophos further advised IT teams to update its systems and move it on the cloud as well as apply layered security systems to prevent such attacks. Other measures include using “anti-ransomware technology, educating employees on what to look out for, and setting up or engaging a human threat hunting service to spot clues an active attack is underway.”
“Every organisation is a target, and any spam or phishing email, exposed RDP port, vulnerable exploitable gateway device or stolen remote access credentials provides enough of an entry point for adversaries to gain a foothold,” said Mackenzie.
Puneet Dhawan of Accor is brimming with ideas on ways to revive the hospitality sector
Citroen’s first vehicle sports a novel design and European interiors. It is also meant to be as comfortable as ...
The pandemic is only the tip of the iceberg that the country’s cash-poor airlines — both regional and national ...
The government is yet to specify the framework of its recently announced old vehicle scrappage policy
With initial public offerings galore, we give you a cheat sheet to score some good grades
Biggest risk in selling funds in a rising scenario is exiting early and missing out on further gains
Go for a standard vector-borne diseases policy if you don’t have a regular health plan
No credit risk is an attraction, but note the nuances
After facing severe droughts for several years, farmers in western Maharashtra have turned the corner through ...
A toast to a traditional drip irrigation system still going strong in the Northeast
Raza Mir’s ‘Murder at the Mushaira’ works well as a historical novel that captures the sunset years of the ...
If you see garbage lying on the streets, remove it, says a dedicated plogger on a clean-up drive
Its name is the starting point of a brand’s journey and can make a big difference in the success sweepstakes
Sober spirits are the in thing
A peek into where ad spends went last year and where they are headed tomorrow
Can Swiggy Instamart disrupt the ecommerce groceries space, currently ruled by the Amazons and Big Baskets? ...
Three years after its inception, compliance with GST procedures remains a headache for exporters, job workers ...
Corporate social responsibility (CSR) initiatives of companies are altering the prospects for wooden toys of ...
Aequs Aerospace to create space for large-scale manufacture of toys at Koppal
And it has every reason to smile. Covid-19 has triggered a consumer shift towards branded products as ...
Please Email the Editor