New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

$30 Million Ransom Demand at Australian Car Auction Company

Manheim Auctions, Australia’s largest car auction house, released a statement that it was the victim of a month-long cyber-attack and has now received a $30 million-dollar ransom note to remove the infection from its over 1000 servers and decrypt the files. Manheim has assured the public that client data has not been compromised and they are refusing to pay the ransom.

Analyst Notes

Many ransomware attacks can be attributed to an employee who opened an attachment, clicked a link or inadvertently gave credentials in response to malicious email messages. Organizations small and large can benefit from programs that help train employees on how to recognize and defend from phishing emails, so they do not have an impact on businesses. Microsoft recently warned that most of the large-scale ransomware attacks have been able to affect servers across the enterprise because the intrusion remained undetected by IT staff for weeks. This long period of undetected activity has given attackers the opportunity to gain administrator access and install ransomware on critical servers, where the effects are more damaging than on employee workstations. Active monitoring of employee workstations and servers, coupled with quick response to threats are critically important components of a strong security program. Businesses are also recommended to never pay ransoms—once paid they embolden attackers to increase their efforts to attack other companies or to demand secondary payments from the original victims.

For more information: https://www.brisbanetimes.com.au/business/consumer-affairs/major-company-with-perth-office-faces-30-million-ransom-demand-after-cyber-attack-20200310-p548lo.html
https://www.microsoft.com/security/blog/2020/03/05/human-operated-ransomware-attacks-a-preventable-disaster/