Welcome to our May Ransomware Recap! In this monthly series, we discuss a few of the biggest ransomware stories. Let’s jump in.
Ransomware Attacks and Demands Increase in 2019
According to new data from Group-IB, ransomware attacks increased by 40% with ransom demands jumping from $6,000 to $84,000 from 2018-2019. Some of the most common methods of infiltrating systems were found to be external remote services and phishing. By the looks of it, ransomware in 2020 doesn’t seem to be slowing down or any less demanding.
According to Info Security Magazine, “‘The year of 2019 was marked by ransomware operators enhancing their positions, shifting to larger targets and increasing their revenues, and we have good reason to believe that this year they will celebrate with even greater achievements,’ said Group-IB senior digital forensics specialist, Oleg Skulkin.”
Sources: Info Security Magazine & Bleeping Computer
Toll Group Suffers Second Ransomware Attack
Toll Group has confirmed its second ransomware attack in four months. After sensing unusual activity on some of its servers, Toll Group shut down the related IT systems, but it was too late. The company confirmed that it was hit by Nelfilm ransomware, and the attack was unrelated to the previous one.
According to Security Magazine and Toll Group, “‘This is unrelated to the ransomware incident we experienced earlier this year. Toll has no intention of engaging with any ransom demands, and there is no evidence at this stage to suggest that any data has been extracted from our network. We are in regular contact with the Australian Cyber Security Centre (ACSC) on the progress of the incident,’ the company said.”
Source: Security Magazine https://www.securitymagazine.com/articles/92334-toll-group-suffers-ransomware-attack-again
Texas Office of Court Administration Hit by Ransomware
Texas courts were hit by a ransomware attack in early May, forcing it to shut down its website and disable servers. How hackers gained access to the system was not specified, but the incident is being investigated and a ransom is not expected to be paid.
According to a news release from the courts, “At this time, there is no indication that any sensitive information, including personal information, was compromised. Additionally, due to the structure of the IT function within the state judiciary, individual trial court networks throughout the state were unaffected by the cyberattack.”
Source: Dallas News https://www.dallasnews.com/news/courts/2020/05/11/texas-courts-hit-by-ransomware-attack/
Texas Department of Transportation Hit By Ransomware
The Texas Department of Transportation was hit by ransomware following a similar attack on Texas courts. A hacker gained unauthorized access to the department’s network, which was quickly detected and shut down. Like the previous attack, no ransom demand has been released.
According to Info Security Magazine, “Texas is fast becoming a hotspot for cyber-attacks. In 2019, ransomware was used to target 22 local governments across the Lone Star State in a single attack. The collective ransom demand for the coordinated assault was $2.5m.”
Source: Info Security Magazine: https://www.infosecurity-magazine.com/news/texas-takes-second-ransomware-hit/