The well-known US-based insurance firm Arthur J. Gallagher (AJG) disclosed a ransomware attack that occurred on September 26th, 2020. AJG did a fantastic job of responding to the attack as it was recognized on the day it occurred, and a minimal section of their systems were affected. A portion of the companies’ statement read, “We promptly took all of our global systems offline as a precautionary measure, initiated response protocols, launched an investigation, engaged the services of external cybersecurity and forensics professionals, and implemented our business continuity plans to minimize disruption to our customers.” It appears as though the attack will not have lasting effects on the company’s operations. At the time of disclosure, AJG did not reveal technical details regarding the attack, and it is unclear as to how the ransomware made its way into their systems. However, Bad Packets founder Troy Mursch told Bleeping Computer that two F5 BIG-IP servers that were vulnerable to CVE-2020-5902 and were used by AJG could have been how the threat actors targeted the company.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in