• ACE Team

Ransomware attacks in 2022


Ransomware is a malware designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key, cyberattacks place organizations in a position where paying the ransom is the easiest and cheapest way to regain access to their files.


Data breach in New Mexico

On 5 January 2022, one of the most populous county in New Mexico, US, discovered a data breach. Although no detail of ransom demands has been revealed to date, the county has labeled it a ransomware issue. These ransomware attacks include the closing down of government buildings, the blocking of a jail’s camera feeds and the entrapment of inmates due to the failure of automatic door mechanisms.


The county turned many of its systems offline and it resulting in some public services becoming unavailable. Safety services, such as fire and rescue operations, continued to run, owing to unspecified “backup contingencies”.


Employee information

Sports brand 'Puma' was notified of data breach issues on 10 January following a ransomware attack against Kronos, one of Puma’s workforce management solutions providers. The original Kronos incident occurred in December 2021. Attackers stole personal information of over 6,632 of its employees, including US Social Security Numbers, and encrypted the data, according to reports. No customer data was affected. Kronos did not regain full access to their data until 22 January. Kronos offered two years of free Experian Identity Works to Puma employees as compensation, which includes credit monitoring, identity theft insurance and identity restoration.


Listed as paid

Hensoldt, a multinational defense contractor, confirmed on 12 January 2022 that some of its UK subsidiaries had fallen prey to a ransomware attack. The organization provides sensor solutions for defense, aerospace and security software for organizations such as the US army, the US Marine Corps and the US National Guard. Although the company has not revealed the details of the security breach, the ransomware group Lorenz claimed credit for it and listed the ransom as “paid”. It remains unclear whether Hensoldt paid the ransom or another threat actor purchased the data.


Microchip manufacturer

On 23 February , Nvidia, the largest microchip maker in the US, experienced a ransomware attack by the hacking gang Lapsus$. The group threatened to release 1TB worth of data unless a ransom was paid by 4 March. The stolen information included employee credentials and proprietary company data, such as source codes. This resulted in parts of the business going offline for two days. Although unconfirmed, Lapsus$ later accused Nvidia of hacking back. This is not unheard of in attempts to prevent data leakages, however, is illegal in the US. Due to backups of data, Lapsus$ were not affected by the hacking. Nvidia’s data has since been leaked and they have announced that they are in the process of analysing it.


Leaking data

Bridgestone, one of the largest global manufacturers of tires, detected a security breach on 27 February 2022 by LockBit ransomware gang. Despite Bridgestone’s effort to mitigate the attack by disconnecting manufacturing and retreading facilities in North and Latin America from the network, the company was forces to halt production for a week. The perpetrators released a countdown to 23:59 on 15 March and announced that they would leak the stolen data if a ransom was not paid. Although the company has not provided more details about the ransom, it is reported that they were able to do a comprehensive security check and reconnect to their network. The attack came amidst an alarming trend of attacks against the auto industry, with Denso and Kojima Industries having experienced cyber-attacks earlier in 2022.



Conclusion

  • Keep your software up to date. Network providers issue updates that address known security vulnerabilities. Install them to prevent hackers from exploiting such weaknesses.

  • Backup your data regularly. Use multiple storage systems to minimise data loss and avoid paying ransoms in case of attack.

  • Employ multiple security systems, for example firewalls, anti-virus software and spam filters. This enables you to detect and react to intrusions faster.

  • Provide awareness training for your employees. Staff are often the target of phishing emails, so it is important they know how to recognise and avoid such scams.

  • Use multi-factor authentication. This means that even if hackers get a hold of employee credentials, they will not gain access to your system without additional authenticating factors.

Want to know more about Ransomware and how you can protect your hardware?


Call us at +65 6262 0402 or email us at care@acebizservices.com to get the information details on your needs.


Credit: Five ransomware attacks in 2022 so far you should know about | Cyber Security Hub (cshub.com)

12 views0 comments