For the right price, threat actors can get just about anything they want to launch a ransomware attack even without technical skills or any previous experience.
FBI warns of escalating Pysa ransomware attacks on education orgs bleepingcomputer.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from bleepingcomputer.com Daily Mail and Mail on Sunday newspapers.
GovInfoSecurity
Insights from industry experts
SonicWall Was Hacked. Was It Also Extorted? Hacker Claims SonicWall Paid Ransom; SonicWall Stays Silent Jeremy Kirk ( Twitter
Inside SonicWall s headquarters in Milpitas, California. (Photo: Arctecinc)
Cybersecurity companies advise their clients not to pay ransoms for good reasons: Pay once and the attackers may come back with their hand out again.
It also promotes a cybercrime business model: When one pays, it s likely that other victims may pay with the right pressure.
Curiously, SonicWall hasn t said much about the extent and damage of its own breach since its announcement. But there are strong indications that SonicWall may have been targeted by an extortion attempt.
Hackney Council has acknowledged that data stolen by cyber attackers in October has been published on the darkweb.
This follows reports, including on Sky News, that files of personal data have been published by a criminal group known as Pysa/Mespinoza on a darknet website. It says these have titles including ‘passportsdump’, ‘staffdata’ and ‘PhotoID’.
Hackney has placed a statement on its website saying it had been made aware of the move, but that experts supporting its efforts believe it is a limited set of data not available in a public forum or visible through search engines.
It said it appears that the vast majority of the sensitive or personal information it holds is unaffected, but it is reviewing the data carefully and will support any directly affected people.
Data Stolen from London Council Published Online
A cyber-criminal group called Pysa/Mespinoza has claimed it has published a range of information resulting from the incident on the dark web. This includes sensitive personal data of staff and residents, such as passport documents.
In October 2020, London’s Hackney Council revealed it had been victim of a serious cyber-attack which affected many of its services and IT systems.
In a new statement on its website, the council said it was working with NCSC, National Crime Agency, Information Commissioner s Office, the Metropolitan Police and other experts to investigate what has been published and the next steps to take.