Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
Diebold Nixdorf, one of the largest makers of ATMs, says it sustained a ransomware attack on April 25, but it experienced only a "limited IT systems outage" and ATM machines were not affected.
After suffering a ransomware attack last October that left several systems inaccessible, mailing equipment manufacturer Pitney Bowes reports that it recently blocked another ransomware attack before any data was encrypted and says there's "no evidence of further unauthorized access to our IT systems."
Cognizant estimates that the April ransomware attack that affected its internal network will cost the IT services firm between $50 and $70 million, according to the company's latest financial report. The company has said that the Maze ransomware gang was behind the attack.
Ransomware attacks hit at least four large organizations around the world this week, including a hospital group in Europe that has been battling the COVID-19 pandemic.
The latest edition of the ISMG Security Report analyzes the rising costs of ransomware attacks and the latest victims. Also featured: An assessment of Australia's new contact-tracing app designed to help battle the spread of COVID-19, and a discussion of applying the "zero trust" model to the remote workforce.
The average ransom paid by victims to ransomware attackers reached $111,605 in the first quarter of this year, up 33% from the previous quarter, reports ransomware incident response firm Coveware, which sees the Sodinokibi, Ryuk and Phobos malware families continuing to dominate.
Many attackers continue to camp out in networks for months, conducting reconnaissance and stealing sensitive data before unleashing ransomware. Experts say many recent efforts trace to gangs wielding the RobbinHood, Valet Loader, NetWalker, PonyFinal, Maze and Sodinokibi strains of crypto-locking malware.
The gang behind Black Rose Lucy malware, which targets Android users, has added ransomware capabilities, according to Check Point Research. The malware, which dates back to 2018, originally was designed as a malware-as-a-service botnet and dropper for other malicious code.
Those claiming to be operators of the Shade ransomware strain say they have closed down their operation and released more than 750,000 decryption keys, according to a message posted on GitHub.
Because it's inevitable that some attackers will get around defenses, Kettering Health Network added an extra layer of endpoint security to help mitigate the risks posed by ransomware and other cyberthreats, says Michael Berry, director of information security. He describes what's unusual about the approach.
Despite the ongoing COVID-19 pandemic, the healthcare sector faces an ongoing surge of hack attacks that too often disrupt systems and patient care. Among the latest victims is a hospital in Pueblo, Colorado, which is still recovering after apparently having been hit by ransomware.
Three recently disclosed health data security incidents - including the discovery of a large email hack that happened nearly a year ago - serve as reminders of the ongoing incident response challenges facing healthcare organizations. And these difficulties are likely to worsen during the COVID-19 crisis.
IT services and consulting giant Cognizant is still assessing the damage from a ransomware attack on Friday. And it's warning that the incident is disrupting services to some of its clients and could affect the company's revenue.
In the age of COVID-19 - when staying as close to home as possible and trying to avoid touching anything in public that might spread coronavirus is the new normal - cash is out, and "contactless" payments are in, if you're lucky enough to be able to use them.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.