SpartanTec, Inc. Wilmington: ransomware Wilmington NC

Wednesday, October 21, 2020

Surge In Ransomware Continues In 2020, Targeting Healthcare

The year 2020 could well be described as the Year of Ransomware.

Security researchers around the globe who monitor such things have noted a sharp uptick in the use of ransomware this year, with well known threats like REvil, Ryuk, and Maze being the most common variants deployed by hackers.

That's bad enough by itself, but it gets worse. In recent months, much of the ransomware Wilmington NC attack activity has been aimed squarely at the healthcare sector, which is grim news indeed, given that we are relying on that very sector to help put the still-raging global pandemic behind us.

Based on data collected by Check Point, Ryuk ransomware alone was responsible for more than twenty attacks on corporate networks a week, on average, which is a huge spike. In fact, in the US, ransomware activity has nearly doubled, increasing by 98.1 percent this quarter, compared with the same period from last year.

While that's far and away the largest increase, globally, ransomware attacks are up nearly 50 percent, with several countries reporting incredible surges in ransomware activity, including:

India, with a 39.2 percent increase
Russia, with a 57.9 percent increase
Turkey, with a 32.5 percent increase

None of these, however, can hold a candle to the buffeting that poor Sri Lanka is currently enduring, with a staggering 436 percent increase in ransomware activity reported.

From the perspective of the hackers, it's easy to see the attraction. Most companies are terrified of such attacks because they can bring corporate operations to a screeching halt in the blink of an eye, and can be notoriously difficult to recover from.

Given that, hackers have had a great deal of success in extorting large sums of money from companies of all shapes and sizes, and now we know they're also in the habit of making copies of sensitive data for themselves before they encrypt all your files. Keep your guard up, it's probably going to get worse as the year rolls on.

Call SpartanTec, Inc. now and let us help protect your company against ransomware attacks and other online threats.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Friday, September 4, 2020

Carnival Cruise Lines Company Suffers Ransomware Attack

Carnival Cruise lines, reeling since the start of the global pandemic, has a new problem. Recently, the company disclosed that they were the victims of a ransomware attack.

Carnival's disclosure was almost frighteningly uninformative. The company gave no clear indication which of their brands was impacted, how widespread the damage was, how many guest records were stolen, or any other useful data points.

Their disclosure reads, in part, as follows:

"On August 15, 2020, Carnival Corporation and Carnival plc (together, the "Company," "we," "us," or "our") detected a ransomware Wilmington NC attack that accessed and encrypted a portion of one brand's information technology systems. The unauthorized access also included the download of certain of our data files.

...we expect that the security event included unauthorized access to personal data of guests and employees, which may result in potential claims from guests, employees, shareholders, or regulatory agencies."

Several companies reached out to Carnival for additional information but all received the following stock reply:

"We are not planning to discuss anything beyond the 8k filing at this point since it is early in the investigation process."

On the face of it, that seems reasonable, and yet, this is not the first time we've seen a company fall victim to such an attack. When they do, their disclosures are categorically more informative than the one Carnival made.

Independent security researchers have jumped into the fray and begun their own investigations and researchers from the company "Bad Packets" discovered that Carnival has a number of Citrix servers that were vulnerable to CVE-2019-19781 and CVE-2020-2021.

Both of these vulnerabilities would have allowed an attacker easy access to the company's network. Worst of all, the first issue has had a patch available since January 2020, and the second was patched in June of this year (2020).

If those issues prove to be the way the attackers gained access to the system, then this attack was essentially a self-inflicted wound. We'll know for sure in time. In the meantime, if you've been on a Carnival cruise at any time, keep a sharp eye on the payment cards you used to book the trip. You may have trouble heading your way.

Call SpartanTec, Inc. now and let our IT team help protect your business against ransomware and other kinds of online attacks.