The effect of one key that opens many doors would be amplified even more. But incident responders say that the situation also raises the specter of how catastrophic it would be if similar types of vulnerabilities were to occur in public cloud services, like those offered by Amazon Web Services, Google Cloud, or Microsoft Azure. “This was well-crafted, thought out, and executed by these specific adversaries to maximize monetary gain for the attacks.”Īccellion devices sit on-premises, meaning attackers had to seek out vulnerable pieces of equipment within targets' networks. “With attacks like these, which are carried out through groups looking to profit from hacking, we often don't see large exploitation all at once,” TrustedSec's Kennedy says. It's possible, he says, that they're releasing the data slowly to keep up with the logistics of managing the extortion requests, and that much more is to come. Brett Callow, a threat researcher at the antivirus firm Emsisoft, says that the ransomware group has been releasing its extortion demands and corresponding leaked data from a handful of victims per week. There are likely more Accellion victims out there, and not all known victims have had samples of their data leaked on Clop websites. Publicly known victims so far include the Reserve Bank of New Zealand, the state of Washington, the Australian Securities and Investments Commission, the Singaporean telecom Singtel, the high-profile law firm Jones Day, the grocery store chain Kroger, and the University of Colorado just last week, cybersecurity firm Qualys joined their ranks. A federal lawsuit has also been filed against Kroger over the. Cenene said in the lawsuit that 9 gigabytes of its data was obtained by the attackers. The hackers seem to have connections to the financial crimes group FIN11 and the ransomware gang Clop. Centene believes it will suffer significant costs as a result of the breach and has requested the courts order Accellion to comply with the terms of its BAA and cover all breach-related expenses. On March 1, security firm FireEye shared the results of its investigation into the incident, concluding that two separate, previously unknown hacking groups carried out the hacking spree and the extortion work, respectively. Since then, dozens of companies and government organizations worldwide have acknowledged that they were breached as a result of the flaws-and many face extortion, as the ransomware group Clop has threatened to make the data public if they don't pay up. But a series of breaches in December and January that have come to light in recent weeks has quietly provided an object lesson in how bad things can get when hackers find an inroad to dozens of potential targets-and they're out for profit.įirewall vendor Accellion quietly released a patch in late December, and then more fixes in January, to address a cluster of vulnerabilities in one of its network equipment offerings. Breach - SecurityWeek Kroger reaches 5M settlement with breach victims, as Supreme Kroger latest victim of Accellion breach UpGuard Kroger Notifies. The drumbeat of data breach disclosures is unrelenting, with new organizations chiming in all the time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |